hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HTTPCLIENT-1454) Allow use of multiple SSLContexts with single instance of HttpClient
Date Thu, 30 Jan 2014 09:06:10 GMT

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Oleg Kalnichevski updated HTTPCLIENT-1454:

    Fix Version/s: 4.4 Alpha1

Looks reasonable to me. However ideally it should go through the normal alpha / beta testing
cycle. Could you live with this feature being added to 4.4 code line only? 

As far as HttpClientConnectionOperator is concerned it is the same old story. When all internal
classes in 4.0 were made public some people screamed bloody murder calling HttpClient too
complex (or worse). Now that most of connection pool internals are package private HttpClient
4.3 is not flexible enough in some situations. I cannot please everyone, can I?  

If you have some ideas how to open up some of the HttpClientConnectionOperator functionality
let's discuss them.


> Allow use of multiple SSLContexts with single instance of HttpClient
> --------------------------------------------------------------------
>                 Key: HTTPCLIENT-1454
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1454
>             Project: HttpComponents HttpClient
>          Issue Type: Improvement
>          Components: HttpConn
>            Reporter: Cservenak, Tamas
>             Fix For: 4.4 Alpha1
> Goal: using differently set up SSLContexts for same (shared) HttpClient instance, that
should be used by some set of (application specific) conditions. Currently (and even before
4.3, this stands for 4.2 and older clients too), only one ConnectionSocketFactory (or it's
older equivalent) might be used for connection manager. In some applications this might be
not enough, as while sharing httpClient is desired, it's not possible to have an instance
being set up using multiple SSLContexts (contexts being set up in vastly different ways, like
one allowing self signed certs. one using it's own controlled trust material, and one using
default JVM trust material for example).
> The new PoolingHttpClientConnectionManager (introduced in 4.3) should be improved to
allow this kind of "selection" without mangling the schema of the accessed URIs (like using
"https-weak://host/foo" and registering proper ConnectionSocketFactory for given schema).
> Before, this was possible as HttpClientConnectionOperator was exposed, but not anymore
in 4.3.x.
> Frankly, the HttpClientConnectionOperator solution seemed "cleaner" to me, but a possible
solution might be drafted in PR below:
> https://github.com/apache/httpclient/pull/9

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message