commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benkart Sascha (QI/SES1) *" <Sascha.Benk...@de.bosch.com>
Subject AW: AW: [httpClient] ClassLoader problem
Date Tue, 31 Aug 2004 12:08:54 GMT
Hi Oleg,

your solution is perfect. It works. Thank you very much.

Mit freundlichen Grüßen / Kind regards

Sascha


> -----Ursprüngliche Nachricht-----
> Von: olegk@bluewin.ch [mailto:olegk@bluewin.ch]
> Gesendet: Montag, 30. August 2004 15:09
> An: Jakarta Commons Users List
> Betreff: RE: AW: [httpClient] ClassLoader problem
> 
> 
> Sascha,
> 
> I have never worked with IS, so I am not a position to 
> comment on the classloader
> problem you have been experiencing
> 
> As to IAIK SSL stuff, I do use IAIK proprietary framework 
> directly bypassing
> the JSSE compatibility layer altogether. As far as I am 
> concerned I find
> this well justified as the SecureProtocolSocketFactory 
> already provides an
> abstraction layer which keeps my protocol code decoupled from 
> the underlying
> transport code.
> 
> Basically all it takes is something like that (Please note 
> this code is NOT
> compileable. It is intended to demonstrate the basic use 
> pattern. So please
> do make adjustments that are necessary for your application):
> 
> ==============================================================
> ==============================
> 
> import java.io.IOException;
> import java.io.InputStream;
> import java.net.InetAddress;
> import java.net.Socket;
> import java.net.UnknownHostException;
> 
> import iaik.security.ssl.SSLSocket;
> import iaik.security.ssl.SSLClientContext;
> import iaik.security.ssl.CipherSuite;
> import java.security.cert.CertificateFactory;
> import java.security.cert.X509Certificate;
> import java.security.cert.CertificateException;
> 
> 
> public class IAIKSSLSocketFactory implements 
> SecureProtocolSocketFactory
> {
> 
>   private SSLClientContext SSLCONTEXT = null;
> 
>   public IAIKSSLSocketFactory()
>   {
>    super();
>   }
> 
>   protected static SSLClientContext getDefaultClientContext() 
>     throws IOException
>   {
>      if (SSLCONTEXT == null) {
>         SSLCONTEXT = new SSLClientContext();
>         // Tighten things up a little
>         // You may want to provide a custom cert chain verifier
>         SSLCONTEXT.setChainVerifier(new MyChainVerifier());
>         // You may want to use only a few specific ciphers
>         CipherSuite[] clientCipherSuite = new CipherSuite[2];
>         
> clientCipherSuite[0]=CipherSuite.SSL_RSA_WITH_3DES_EDE_CBC_SHA;
>         
> clientCipherSuite[1]=CipherSuite.SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
>         SSLCONTEXT.setEnabledCipherSuites (clientCipherSuite);
>         SSLCONTEXT.updateCipherSuites();
>         // You may want to set trusted server certs 
>         SSLCONTEXT.addTrustedCertificate(serverCertificate);
>       }
>       return SSLCONTEXT;
>     }
> 
>   public Socket createSocket(String host, int port) 
>      throws IOException, UnknownHostException
>   {
>     return new SSLSocket(host, port, getDefaultClientContext()); 
>   }
> 
>   public Socket createSocket(String host, int port, 
> InetAddress clientHost,
> int clientPort)
>     throws IOException, UnknownHostException
>   {
>     return new SSLSocket(host, port, clientHost, clientPort, 
> getDefaultClientContext());
> 
>   }
> 
>   public Socket createSocket(Socket socket, String host, int 
> port, boolean
> autoClose)
>     throws IOException, UnknownHostException
>   {
>     return new SSLSocket(socket, getDefaultClientContext(), 
> host, port);
>  
>   }
> }
> 
> Hope this helps
> 
> Oleg
> 
> 
> 
> 
> >-- Original Message --
> >Reply-To: "Jakarta Commons Users List" 
> <commons-user@jakarta.apache.org>
> >Subject: AW: [httpClient] ClassLoader problem
> >Date: Mon, 30 Aug 2004 14:40:41 +0200
> >From: "Benkart Sascha (QI/SES1) *" <Sascha.Benkart@de.bosch.com>
> >To: "Jakarta Commons Users List" <commons-user@jakarta.apache.org>
> >
> >
> >Hi Oleg,
> >
> >IS is running on Java 1.4 but without JCE. A file called 
> server.jar includes
> >the IAIK classes including an IAIK JSSE framework.
> >I'm able to create a Cipher object within my package, but 
> the httpClient
> >is added as a JAR file. Because I get a 
> ClassNotFoundException on the httpClient,
> >I think JAR files are loaded by an other ClassLoader than 
> the package or
> >the server bootstrap (including the IAIK component).
> >
> >Do you use IAIK JSSE framework for own 
> SecureProtocolSocketFactory or IAIK
> >own classes?
> >
> >Kind regards
> >Sascha
> >
> >> -----Ursprüngliche Nachricht-----
> >> Von: olegk@bluewin.ch [mailto:olegk@bluewin.ch]
> >> Gesendet: Montag, 30. August 2004 13:21
> >> An: Jakarta Commons Users List
> >> Betreff: RE: [httpClient] ClassLoader problem
> >> 
> >> 
> >> Hi Sascha,
> >> 
> >> I believe you can work this problem around by providing a 
> >> custom socket factory
> >> that creates secure sockets using IAIK SSL directly, rather 
> >> than through
> >> the JSSE.  
> >> 
> >> See the HttpClient SSL guide for details
> >> 
> >> http://jakarta.apache.org/commons/httpclient/sslguide.html
> >> 
> >> I have been using HttpClient with IAIK SSL in production for 
> >> three years.
> >> It just takes a custom socket factory to get them coexist 
> quite well.
> >> 
> >> On the classloader issue, HttpClient 2.0.x does not load 
> >> classes dynamically.
> >> So there's no way to get it to use another classloader
> >> 
> >> Hope this helps
> >> 
> >> Oleg
> >> 
> >> >-- Original Message --
> >> >Reply-To: "Jakarta Commons Users List" 
> >> <commons-user@jakarta.apache.org>
> >> >Subject: [httpClient] ClassLoader problem
> >> >Date: Mon, 30 Aug 2004 11:45:38 +0200
> >> >From: "Benkart Sascha (QI/SES1) *" <Sascha.Benkart@de.bosch.com>
> >> >To: <commons-user@jakarta.apache.org>
> >> >
> >> >
> >> >Hi,
> >> >
> >> >I'm using httpClient v2.0.1 with webMethods' Integration 
> >> Server (IS). IS
> >> >=
> >> >uses code units called packages to add functionality at runtime.
> >> >I add httpclient to a package and everytime I execute with 
> >> SSL, I get a
> >> =
> >> >javax.crypto.Cipher ClassNotFoundException. IS uses its own =
> >> >JCE-implementation from company IAIK.=20
> >> >There's no problem to create a new Cipher object within my 
> >> package, but
> >> =
> >> >within httpClient. I think there's a ClassLoader problem.
> >> >
> >> >Is there a possibility to give the httpClient another 
> >> ClassLoader? I =
> >> >only found instanciation of class Cipher in class NTLM, but 
> >> I don't use
> >> =
> >> >NTLM.
> >> >
> >> >Thanks,
> >> >Sascha
> >> >
> >> 
> >---------------------------------------------------------------------
> >> >To unsubscribe, e-mail: 
> commons-user-unsubscribe@jakarta.apache.org
> >> >For additional commands, e-mail: 
> commons-user-help@jakarta.apache.org
> >> >
> >> 
> >> 
> >> 
> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
> >> For additional commands, e-mail: 
> commons-user-help@jakarta.apache.org
> >> 
> >> 
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: commons-user-help@jakarta.apache.org
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-user-help@jakarta.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org


Mime
View raw message