hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Asankha C. Perera (JIRA)" <j...@apache.org>
Subject [jira] Reopened: (HTTPCORE-55) Ability to Request for Client Authentication when using NIO SSL in server mode
Date Tue, 13 Mar 2007 09:12:09 GMT

     [ https://issues.apache.org/jira/browse/HTTPCORE-55?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Asankha C. Perera reopened HTTPCORE-55:
---------------------------------------


Hi Oleg

Sorry for discovering an issue with this code again. The SSLSession may not be established
after a call to the doHandshake() method of the SSLIOSession to perform hostname verification.


However, the good news is we could move that code to within the doHandshake() method, and
check on the result of the wrap/unwrap to find out if the handshake completed just then -
and perform verification. (http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/SSLEngineResult.HandshakeStatus.html#FINISHED)

I have attached the fix for it herewith

thanks
asankha

> Ability to Request for Client Authentication when using NIO SSL in server mode
> ------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-55
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-55
>             Project: HttpComponents Core
>          Issue Type: Bug
>          Components: HttpCore NIO
>            Reporter: Asankha C. Perera
>         Assigned To: Oleg Kalnichevski
>            Priority: Critical
>             Fix For: 4.0-alpha4
>
>         Attachments: 20070311-niosslinit.patch, includehostname.patch
>
>
> It would be great if the SSLIOSession.initialize() could expect to know if client authentication
is wanted, required or not-wanted through a parameter passed in, when operating in the server
mode to configure the underlying SSLEngine. 
> This maybe something like the Apache SSLClientAuth directive that could be set into the
HttpParams as none/required/optional, and passed in by the SSLServerIOEventDispatch

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpcomponents-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpcomponents-dev-help@jakarta.apache.org


Mime
View raw message