hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: applet needing https access to a servlet that requires a client certificate
Date Wed, 02 Aug 2006 09:12:58 GMT
On Wed, 2006-08-02 at 12:18 +0800, leung cc wrote:
> Sorry about duplicating this post here if you are also subscribed to 
> httpclient-dev - I didn't realize this group is the more appropriate one. 
> Anyway, here's my question:
>  
> I've an applet that needs to access a servlet (well, actually a jsp page) 
> that requires a client
> certificate. I've had success with Sun's standard URL + HttpURLConnection 
> classes but since
> I'm getting "connection timed out: connect" problems I am seeking to set 
> the timeout value
> longer. After some searching, it seemed to that there's no way to do such a 
> thing with Sun's
> classes and that I should perhaps try Apache's httpclient if I must set the 
> timeout value
> and so I here I am.
> 
> Needless to say, I stumped on a problem right away, which I kind of 
> expected because I suspected
> httpclient wouldn't be able to use the browser's https connection without 
> me doing some tricky
> things.
> 
> So, what should I do? Surely somebody in here must have used httpclient in 
> an applet to do
> some https access, right?
> 

HttpClient is known to have been used successfully in applets. I
personally try to stay away from applets at all costs, so I can not give
a first-hand account of that.


> I don't think the message I got (on the java plugin console) would be of 
> much use, but let
> me quote a bit anyway: 
> 
> java.net.SocketException: Default SSL context init failed: failed to 
> decrypt safe contents
> entry: javax.crypto.BadPaddingException: Given final block not properly 
> padded
> at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
> at 

This is clearly a problem with the SSL layer and not with HttpClient. 

Also consider getting your code to work outside the applet in a
standalone application and once you are sure the SSL settings are sane,
try moving your code back to the applet and see what happens. 

Running your code with SSL debug traces on may also be of some help

-Djavax.net.debug=ssl,handshake,data,trustmanager

Oleg


> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:81)
> 
> at 
> org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:126)
> 
> at 
> org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706)
> at 
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386)
> 
> at 
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
> 
> at 
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
> at 
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
>          ...
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message