commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Dever <>
Subject Re: [HttpClient] Dependancy on JSSE
Date Thu, 01 Aug 2002 17:23:08 GMT
I'll have to agree that the ssl runtime dependency should be eliminated for the
reasons outlined by others on this thread.

It looks like the dependency was caused by a commit at:
Tue Jul 23 14:38:31 2002 UTC (9 days, 2 hours ago)
In a patch contributed by Ortwin and committed by dIon.

Both HttpClient 1.52 has a new SSLSocketFactory private datamember plus some
changes in HttpConnection and HttpMultiClient.

I know that you are working on the HttpClient/HttpMultiClient merger.  See any
way to keep ssl objects out of the new top level class?  Perhaps pushed down so
that only HttpConnection is ssl aware and can more easily be protected from
runtime dependencies?

this is your patch.  Nobody wants to back it out as it represents excellent
functionality.  Can you see how to isolate the runtime dependency so that ssl is
only required at compiletime?

> >
> > I did not realize that this was a side effect of some recent
> > secury proxy authentication patches.  It used to be that ssl
> > was required to compile but could run without it.  A lot of
> > us have been using jdk1.4 for our private builds lately,
> > (which has ssl built in) so it was easy not to notice.
> Having added the JSSE Certificate support to JMeter, I have
> dealt with all of those issues and compounded the problem by
> testing with more than just JSSE (IAIK has a JSSE compliant
> SSL library).
> Trust me, what you get for free in JDK 1.4+ costs an arm and
> a leg in JDKs prior to that.

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message