You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by Johannes Koch <jo...@fit.fraunhofer.de> on 2007/09/21 12:28:24 UTC

Access to socket from within HttpProcessor

Hi,

is it possible to access the socket used by the connection from within 
the process methods of a org.apache.http.protocol.HttpProcessor? In case 
of secure HTTP I would like to get some information from the certificates.

I do some experiments with the trunk of httpcore and httpclient.

-- 
Johannes Koch
BIKA Web Compliance Center - Fraunhofer FIT
Schloss Birlinghoven, D-53757 Sankt Augustin, Germany
Phone: +49-2241-142628    Fax: +49-2241-142065

---------------------------------------------------------------------
To unsubscribe, e-mail: httpcomponents-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpcomponents-dev-help@jakarta.apache.org

Re: Access to socket from within HttpProcessor

Posted by Johannes Koch <jo...@fit.fraunhofer.de>.

Oleg Kalnichevski schrieb:
> On Fri, 2007-09-21 at 12:28 +0200, Johannes Koch wrote:
>> is it possible to access the socket used by the connection from within 
>> the process methods of a org.apache.http.protocol.HttpProcessor? In case 
>> of secure HTTP I would like to get some information from the certificates.
>>
>> I do some experiments with the trunk of httpcore and httpclient.
[...]
>     public void process(
>             final HttpRequest request, 
>             final HttpContext context) throws HttpException, 
>                                               IOException {
>         
>         HttpConnection conn = (HttpConnection) context.getAttribute(
>                 ExecutionContext.HTTP_CONNECTION);

Currently I get a 
org.apache.http.impl.conn.tsccm.BasicPooledConnAdapter. 
org.apache.http.impl.conn.AbstractClientConnAdapter has

   protected OperatedClientConnection wrappedConnection;

org.apache.http.conn.OperatedClientConnection has a getSocket() method.

But AbstractClientConnAdapter does not provide access to the 
wrappedConnection.

> We may actually think about exposing SSLSession through the
> ClientConnection or its extension.
 >
> Feel free to open a JIRA ticket for that.

Done
-- 
Johannes Koch
BIKA Web Compliance Center - Fraunhofer FIT
Schloss Birlinghoven, D-53757 Sankt Augustin, Germany
Phone: +49-2241-142628    Fax: +49-2241-142065

---------------------------------------------------------------------
To unsubscribe, e-mail: httpcomponents-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpcomponents-dev-help@jakarta.apache.org

Re: Access to socket from within HttpProcessor

Posted by Oleg Kalnichevski <ol...@apache.org>.

On Fri, 2007-09-21 at 12:28 +0200, Johannes Koch wrote:
> Hi,
> 
> is it possible to access the socket used by the connection from within 
> the process methods of a org.apache.http.protocol.HttpProcessor? In case 
> of secure HTTP I would like to get some information from the certificates.
> 
> I do some experiments with the trunk of httpcore and httpclient.
> 

Hi Johannes,

You can obtain the connection object from the context. The default
implementation of the ClientConnection does not expose the underlying
socket but this can be easily mended by creating a custom super class. 

You will also need to plug in a custom ClientConnectionOperator to the
connection manager.

Something along these lines:

class CertificateProtocolInterceptor implements HttpRequestInterceptor {

    public void process(
            final HttpRequest request, 
            final HttpContext context) throws HttpException, 
                                              IOException {
        
        HttpConnection conn = (HttpConnection) context.getAttribute(
                ExecutionContext.HTTP_CONNECTION);
        
        if (conn instanceof MySSLClientConnection) {
            SSLSocket socket = ((MySSLClientConnection)conn)
               .getSSLSocket();
            
            X509Certificate[] certs = socket.getSession()
                .getPeerCertificateChain();
            if (certs != null) {
                for (int i = 0; i < certs.length; i++) {
                    System.out.println(certs[i]);
                }
                
            }
        }
        
    }
    
}

class MySSLClientConnection extends DefaultClientConnection {
    
    public SSLSocket getSSLSocket() {
        Socket socket = getSocket();
        if (socket instanceof SSLSocket) {
            return (SSLSocket) socket;
        } else {
            return null;
        }
    }
    
}

We may actually think about exposing SSLSession through the
ClientConnection or its extension.

Feel free to open a JIRA ticket for that.

Oleg


---------------------------------------------------------------------
To unsubscribe, e-mail: httpcomponents-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpcomponents-dev-help@jakarta.apache.org