tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arieh Markel <Arieh.Mar...@Central.Sun.COM>
Subject Re: Bridging org.apache.tomcat.net.ServerSocketFactory with javax.net
Date Fri, 02 Jun 2000 19:49:27 GMT

> Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
> X-No-Archive: yes
> list-help: <mailto:tomcat-dev-help@jakarta.apache.org>
> list-unsubscribe: <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
> list-post: <mailto:tomcat-dev@jakarta.apache.org>
> Delivered-To: mailing list tomcat-dev@jakarta.apache.org
> From: <costin@costin.dnt.ro>
> To: tomcat-dev@jakarta.apache.org, Arieh Markel <Arieh.Markel@central.sun.com>
> Subject: Re: Bridging org.apache.tomcat.net.ServerSocketFactory with javax.net
> X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N
> 
> > The difference results from the fact that the tomcat and the javax.net
> > classes have (almost) similar signatures, yet they are different.
> 
> > 	DefaultSSLServerSocketFactory.java
> > 	SSLPoolTcpConnector.java
> > 	SSLServerSocketFactory.java
> > 	ServerSocketFactoryWrapper.java
> 
> I think all we need is a SSLSocketFactory extends
> org.apache.tomcat.net.ServerSocketFactory.
> 
> You can use the un-modified PoolTcpConnector, with 
>    setAttribute( "socketFactory", my_factory );
> 
> What I did ( in my workspace ) is:
> 
> <Connector .... (PoolTcpConnector) >
>     <parameter   name="socketFactoryClass" 
>                  value="class.name.of.sslFactory" >
>     <parameter name="keyStore" value="foo " >
>    ...
> </Connector >
> 
> I added a setAttribute() in tomcat factory and pass all the connector
> attributes  to the factory.
> 
> This seems to work - I just need to plug in the javax.net.ssl code. It
> would be great if you could provide this.

The problem is that the code in the PoolTcpConnector does not do instantiation
of the 'socketFactoryClass'.

I believe that there is some effort needed on the processing of the
'socketFactoryClass' for an SSL factory.

I am enclosing a program I have played with to 'get the feel' for working
with SSL.

The program just exercises the creation of a factory with a keystore,
a passphrase, and associates a port (8090) with the factory.

It also tests the ciphers to verify access to the factory.

The program needs to pass as an argument the name of the file holding
the keystore.

Arieh

> 
> Of course, I don't mind a different solution - but it seems that we can do
> that with only one class ( the SSLFactory ) and few small changes.
> We can start with that and then add the rest if we need.

I would like that solution. Just that without modification to the
PoolTcpConnector, I could not see how you could automagically
instantiate the SSL factory.



> 
> ( J2EE works fine using only the current hook - but they don't have to
> deal with  server.xml config )
> 
> Costin 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org

--
 Arieh Markel		                Sun Microsystems Inc.
 Network Storage                        500 Eldorado Blvd. MS UBRM11-194
 e-mail: arieh.markel@sun.COM           Broomfield, CO 80021
 Let's go Panthers !!!!                 Phone: (303) 272-8547 x78547
 (e-mail me with subject SEND PUBLIC KEY to get public key)

Mime
View raw message