hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julius Davies" <juliusdav...@cucbc.com>
Subject RE: SSLSocket
Date Tue, 19 Sep 2006 22:44:01 GMT
Hi,

I like this idea.  I've added it to the draft version of "commons-ssl".

http://juliusdavies.ca/commons-ssl/

If you use commons-ssl.jar, you can now do this:

First, extend the SSLSocketWrapper provided by commons-ssl, and override the methods you want
to take over:

public static class MySSLSocket extends SSLSocketWrapper
{
  MySSLSocket( SSLSocket s ) { super( s ); }

  public InputStream getInputStream() throws IOException
  {
    // Just an simple example.  Real world would probably do more
    // interesting things.
    InputStream original = super.getInputStream();
    return new BufferedInputStream( original );
  }
}


Next, create your own SSLWrapperFactory implementation, and set it on your SSLClient (SSLClient
extends SSLSocketFactory):


SSLClient client = new SSLClient();

// Let's trust usual "cacerts" that come with Java.
// Plus, let's also trust a self-signed cert we know of.
// We have some additional certs to trust inside a java keystore file.
client.addTrustMaterial( TrustMaterial.CACERTS );
client.addTrustMaterial( new TrustMaterial( "/path/to/self-signed.pem" ) );
client.addTrustMaterial( new KeyMaterial( "/path/to/keystore.jks", "changeit".toCharArray()
) );

SSLWrapperFactory myWrapper = new SSLWrapperFactory()
{
	public SSLSocket wrap( SSLSocket s )  { return new MySSLSocket( s ); }
	public SSLServerSocket wrap( SSLServerSocket s ) { return null; }
};
client.setSSLWrapperFactory( myWrapper );



yours,

Julius Davies


-----Original Message-----
From:	M.Zdila/EpiSoftware Slovakia Ltd. [mailto:m.zdila@episoftware.com]
Sent:	Tue 9/19/2006 9:45 AM
To:	HttpClient User Discussion
Cc:	
Subject:	Re: SSLSocket

Hi Roland

I was starting to write a wrapper but I thought I went a wrong way :-) So I'll 
try it again. Thanks for kicking me back to the right way ;-)

On Tuesday 19 September 2006 18:34, Roland Weber wrote:
> Hi,
>
> > In my application I am extending Socket to override getInputStream and
> > getOutputStream to add custom low-level "filtering". I use this socket in
> > my custom ProtocolSocketFactory that is registered to httpclient with
> > Protocol.registerProtocol. This is for HTTP protocol. Now I need the same
> > with HTTPS protocol. I use EasySSLProtocolSocketFactory from contrib. The
> > problem is that I can't implement MyCustomSSLSocket that extend
> > SSLSocket, because this SSLSocket is created by SSLContext ->
> > SSLSocketFactory. javax.net.SSLContext is abstract. Any hints to solve
> > this problem? Should I use some other JSSE like Jessie?
>
> Have you considered using a wrapper instead of extending the class
> that gets instantiated? In other words:
> - MyCustomSSLSocket extends SSLSocket
> - keep the wrapped socket from SSLSocketFactory as an attribute
> - delegate *all* calls of the SSLSocket class to the wrapped socket
> - add your custom modifications to the get{In|Out}putStream methods
>
> Some IDEs have tools that can generate basic wrappers automatically.
> One of the few occasions where I admit that IDEs have advantages :-)
>
> hope that helps,
>   Roland
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org

-- 
Martin Zdila
Analyst/Developer

EpiSoftware Slovakia Ltd.
Letna 27, 043 14 Kosice

cellular: +421 908 363 848
   phone: +421 55 6770 420
     fax: +421 55 6770 420
  e-mail: m.zdila@episoftware.com
     www: www.episoftware.com


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org







Mime
View raw message