hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: HTTP async client and accessing server certificate (SSL)
Date Wed, 15 May 2013 13:21:58 GMT
On Mon, 2013-05-13 at 22:10 -0400, Sachin Nikumbh wrote:
> Hi Oleg,
> 
> Thanks a lot for the response. I have one more question.
> 
> In my client application, I need to provide extra authorization based on
> the common name in the server certificate. I want to allow the
> request-response exchange (I am sending a POST request) only after the
> server passes this extra authorization step.
> 
> Is using BasicAsyncResponseConsumer going be too late for me to access the
> server certificate?
> 
> I want the behavior similar to following sample code based
> on HttpsURLConnection :
> 
> ************************************************************************************************************
> HttpsURLConnection urlConnection =
> (HttpsURLConnection)madsUrl.openConnection();
> urlConnection.setRequestMethod("POST");
> ...
> ...
> urlConnection.connect(); //Establish connection for initial SSL handshake
> String peerDN = urlConnection.getPeerPrincipal().getName();
> if( isAuthorizedPeer(peerDN) ){
>      // Now it's safe to write request data
>      OutputStream oStream = urlConnection.getOutputStream();
>      ...
>      ...
> }
> ************************************************************************************************************
> 
> Thanks once again
> Sachin
> 
> 

Hi Sachin

There is currently no easy way of obtaining the SSL session details
prior to issuing a request. Feel free to raise an improvement request in
JIRA for this problem. 

Oleg 



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message