axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Olejarz, Greg" <Greg.Olej...@Monster.com>
Subject RE: SSL one-way
Date Sat, 22 Nov 2003 16:14:23 GMT
Something like this works:

public class HttpPost {
    
....
    
    public static class RelaxedX509TrustManager implements X509TrustManager
{
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }
        // Supposed to throw a CertificateException if the cert is not
trusted.
        // This construct accepts anything.
        public void checkClientTrusted(java.security.cert.X509Certificate[]
chain, String authType) {}
        public void checkServerTrusted(java.security.cert.X509Certificate[]
chain, String authType) {}
    }

    public static InputStream post(String urlStr,Hashtable
headers,InputStream reqStream)
    throws IOException {
        
        URL url = new URL(urlStr);
        HttpURLConnection con = (HttpURLConnection)url.openConnection();
        
        if (con instanceof HttpsURLConnection) {
            HttpsURLConnection conHttps = (HttpsURLConnection)con;
            // accept any cert
            KeyManager[] km = null;
            TrustManager[] tm = {new RelaxedX509TrustManager()};
            try {
                SSLContext sslContext = SSLContext.getInstance("SSL");
                sslContext.init(null, tm, new java.security.SecureRandom());
                SSLSocketFactory sslSF = sslContext.getSocketFactory();
                conHttps.setSSLSocketFactory(sslSF);
            } catch(NoSuchAlgorithmException e) {
                throw new IOException("HttpPost.postXML(): unable to
complete request, NoSuchAlgorithmException=" + e.getMessage());
            } catch(KeyManagementException e) {
                throw new IOException("HttpPost.postXML(): unable to
complete request, KeyManagementException=" + e.getMessage());
            }
            // be relaxed about hostnames
            conHttps.setHostnameVerifier(new HostnameVerifier() {
                public boolean verify(String hostname,SSLSession session) {
                    return true;
                }
            });
        }

....

-----Original Message-----
From: Rudi Verago [vlain] [mailto:vlain@libero.it]
Sent: Saturday, November 22, 2003 5:58 AM
To: axis-user
Subject: SSL one-way


My web services has a swing gui and use a ssl connection.
I don't want mutual authentication (only server has certification), how
implement in java on the client side? 
simply put https, I don't think so....

Thanks

~~~~~~~~~~~~~~~
Rudi Verago [vLAiN]
vlain@libero.it
~~~~~~~~~~~~~~~


"Bringing people together to advance their lives." 

NOTICE: The information contained in this electronic mail transmission is
intended by TMP Interactive Inc. d/b/a Monster or one of its subsidiaries
for the use of the named individual or entity to which it is addressed and
may contain information that is privileged or otherwise confidential.  It is
not intended for transmission to, or receipt by, any individual or entity
other than the named addressee (or a person authorized to deliver it to the
named addressee) except as otherwise expressly permitted in this electronic
mail transmission. If you have received this electronic transmission in
error, please delete it without copying or forwarding it, and notify the
sender of the error by reply email or by calling Monster at 1-800-MONSTER.

Mime
View raw message