hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Httpcomponents Wiki] Update of "HttpClientTutorial" by OlegKalnichevski
Date Fri, 17 Apr 2009 23:37:11 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpcomponents Wiki" for change notification.

The following page has been changed by OlegKalnichevski:
http://wiki.apache.org/HttpComponents/HttpClientTutorial

------------------------------------------------------------------------------
  
  == Socket factories ==
  
-     HTTP connections use java.net.Socket objects internally to handle transmittion of data
across the wire. They, however, rely on SocketFactory interface to create, initialize and
connect sockets. This enables the users of HttpClient to provide application specific socket
initialization code at runtime.
+     HTTP connections make use of a java.net.Socket object internally to handle transmittion
of data across the wire. They, however, rely on SocketFactory interface to create, initialize
and connect sockets. This enables the users of HttpClient to provide application specific
socket initialization code at runtime. PlainSocketFactory is the default factory for creating
and initializing plain (unencrypted) sockets. 
+     
+     The process of creating a socket and that of connecting it to a host are decoupled,
so that the socket could be closed while being blocked in the connect operation.
  
+ {{{
+ PlainSocketFactory sf = PlainSocketFactory.getSocketFactory();
+ Socket socket = sf.createSocket();
+ 
+ HttpParams params = new BasicHttpParams();
+ params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000L);
+ sf.connectSocket(socket, "locahost", 8080, null, -1, params);
+ }}}
+ 
+ === Secure socket layering ===
+ 
+     LayeredSocketFactory is an extension of SocketFactory interface. Layered socket factories
are capable of creating sockets that are layered over an existing plain socket. Socket layering
is used primarily for creating secure sockets through proxies. HttpClient ships with SSLSocketFactory
that implements SSL/TLS layering. Please note HttpClient does not use any custom encryption
functionality. It is fully reliant on standard Java Cryptography (JCE) and Secure Sockets
(JSEE) extensions.
+    
- === SSL customization ===
+ === SSL/TLS customization ===
  
-    Configuring custom SSL context.
+     HttpClient makes use of SSLSocketFactory to create SSL connections. SSLSocketFactory
allows for a high degree of customization. It can take an instance of javax.net.ssl.SSLContext
as a parameter and use it to create custom configured SSL connections. 
+ 
+ {{{
+ TrustManager easyTrustManager = new X509TrustManager() {
+ 
+ 	@Override
+ 	public void checkClientTrusted(
+ 			X509Certificate[] chain,
+ 			String authType) throws CertificateException {
+         // Oh, I am easy!
+ 	}
+ 
+ 	@Override
+ 	public void checkServerTrusted(
+ 			X509Certificate[] chain,
+ 			String authType) throws CertificateException {
+         // Oh, I am easy!
+ 	}
+ 
+ 	@Override
+ 	public X509Certificate[] getAcceptedIssuers() {
+ 		return null;
+ 	}
+ 	
+ };
+ 
+ SSLContext sslcontext = SSLContext.getInstance("TLS");
+ sslcontext.init(null, new TrustManager[] { easyTrustManager }, null);
+ 
+ SSLSocketFactory sf = new SSLSocketFactory(sslcontext); 
+ SSLSocket socket = (SSLSocket) sf.createSocket();
+ socket.setEnabledCipherSuites(new String[] { "SSL_RSA_WITH_RC4_128_MD5" });
+ 
+ HttpParams params = new BasicHttpParams();
+ params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000L);
+ sf.connectSocket(socket, "locahost", 443, null, -1, params);
+ }}}
+     
+     Customization of SSLSocketFactory implies a certain degree of familiarity with the concepts
of the SSL/TLS protocol, a detailed explanation of which is out of scope for this document.
Please refer to the [http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html
Java Secure Socket Extension] for a detailed description of javax.net.ssl.SSLContext and related
tools.
  
  === Hostname verification ===
  
     Hostname verifier implementations.
  
  == Protocol schemes ==
- 
+     
+     Scheme class is used to represent a protocol scheme such as "http" or "https".
+     
  == HttpClient proxy configuration ==
  
      Even though HttpClient is aware of complex routing scemes and proxy chaining, it supports
only simple direct or one hop proxy connections out of the box.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message