tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject RE: Tomcat SSL handshaking
Date Fri, 07 Dec 2007 19:39:29 GMT
 

> -----Original Message-----
> From: Filip Hanik - Dev Lists [mailto:devlists@hanik.com] 
> Sent: Friday, December 07, 2007 10:46 AM
> To: Tomcat Developers List
> Subject: Re: Tomcat SSL handshaking
> 
> really only one way of doing it.
> In the BIO connector 
> protocol="org.apache.coytote.http11.Http11Protocol", the handshake 
> happens inside the blocking streams (at the JSSE layer), so I don't 
> think you can control it here.

Actually, you can specify your own SSLImplementation class here, and do
anything you like with the SSL protocol.  JSSE is just what you get when it
can't find anything else.

> In the APR connector 
> protocol="org.apache.coytote.http11.Http11AprProtocol", the handshake 
> happens inside the openssl layer, so you can't do it there
> 
> In the NIO connector 
> protocol="org.apache.coytote.http11.Http11NioProtocol", the handshake 
> happens inside the SSLEngine, but you could swap that out, 
> since this is 
> the only connector that actually gets hold of the bytes that get sent 
> over the network. The code for this would be 
> org/apache/tomcat/util/net/SecureNioChannel.java, look at the 
> handshake 
> method
> 
> http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apa
> che/tomcat/util/net/SecureNioChannel.java?view=markup
> 
> Filip
> 
> Md. Jahid Shohel wrote:
> > Hi,
> >
> > I am really sorry to mailing here for such a question. I am mailing
> > here because I didn't get any help from other places. My question is
> > ---
> >
> >
> > How I can take the control of SSL handshaking from tomcat, so that I
> > can do the handshaking process by myself.
> >
> > Regards.
> >
> >
> > Jahid
> >
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: dev-help@tomcat.apache.org
> >
> >
> >
> >   
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
> 
> 
> 



This message is intended only for the use of the person(s) listed above as the intended recipient(s),
and may contain information that is PRIVILEGED and CONFIDENTIAL.  If you are not an intended
recipient, you may not read, copy, or distribute this message or any attachment. If you received
this communication in error, please notify us immediately by e-mail and then delete all copies
of this message and any attachments.

In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet
is not secure. Do not send confidential or sensitive information, such as social security
numbers, account numbers, personal identification numbers and passwords, to us via ordinary
(unencrypted) e-mail.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message