tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Costin Manolache <cos...@eng.sun.com>
Subject Re: Request is secure is wrong...
Date Wed, 05 Jul 2000 04:23:56 GMT
>
> > What I would do is add a processRequest( Request req ) in SocketFactory (
> > as a hack ), and the method will also add certificates or whatever is
> > necesary.
>
> Does processRequest automatically get called when a factory is created?

Right now processRequest doesn't exist - we can call it whenever we need
if we go this route.

> > SSLSocketFactory  needs a bit more "power" - it will also be used for
> > cert. authentication, etc.
>
> Have you looked at the patch I submitted?  It now allows the user to specify
> Client Authentication, once that is turned on it automatically goes through
> the certificate chain and verifies they are who they say they are.  What
> other attributes do you think are need in the SSLSocketFactory?

I just returned from the long weekend, have a lot of mail. I will certainly look

at the patch, I hope I'll find the time soon.

Costin


Mime
View raw message