You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "Asankha C. Perera (JIRA)" <ji...@apache.org> on 2010/02/14 16:11:28 UTC

[jira] Created: (HTTPCORE-217) Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later

Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later
-----------------------------------------------------------------------------------------------------------------------

                 Key: HTTPCORE-217
                 URL: https://issues.apache.org/jira/browse/HTTPCORE-217
             Project: HttpComponents HttpCore
          Issue Type: Improvement
          Components: HttpCore NIO
    Affects Versions: 4.1-alpha1
            Reporter: Asankha C. Perera
            Assignee: Asankha C. Perera
            Priority: Minor
             Fix For: 4.1-beta1


The SSLIOSessionHandler allows one to verify a client hostname and the SSL connection established before the request is processed. If we further pass the IOSession to this method from the SSLIOSession invoking the verify() method, it would be possible to set values of interest on the context for subsequent processing - e.g. the client certificate DN.

See http://markmail.org/thread/6grtzrngyzcuhnor

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

[jira] Commented: (HTTPCORE-217) Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later

Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/HTTPCORE-217?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12835757#action_12835757 ] 

Oleg Kalnichevski commented on HTTPCORE-217:
--------------------------------------------

Patch checked in. Please review

Oleg

> Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-217
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-217
>             Project: HttpComponents HttpCore
>          Issue Type: Improvement
>          Components: HttpCore NIO
>    Affects Versions: 4.1-alpha1
>            Reporter: Asankha C. Perera
>            Assignee: Asankha C. Perera
>            Priority: Minor
>             Fix For: 4.1-beta1
>
>         Attachments: HTTPCORE-217-alternative.patch
>
>
> The SSLIOSessionHandler allows one to verify a client hostname and the SSL connection established before the request is processed. If we further pass the IOSession to this method from the SSLIOSession invoking the verify() method, it would be possible to set values of interest on the context for subsequent processing - e.g. the client certificate DN.
> See http://markmail.org/thread/6grtzrngyzcuhnor

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

[jira] Commented: (HTTPCORE-217) Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later

Posted by "Asankha C. Perera (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/HTTPCORE-217?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12834225#action_12834225 ] 

Asankha C. Perera commented on HTTPCORE-217:
--------------------------------------------

Hi Oleg

I think the patch file did not pickup the new file SSLIOSessionHandlerAdaptor.java, but thats fine as this solution looks better.. Could you please checkin the suggested change

thanks
asankha

> Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-217
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-217
>             Project: HttpComponents HttpCore
>          Issue Type: Improvement
>          Components: HttpCore NIO
>    Affects Versions: 4.1-alpha1
>            Reporter: Asankha C. Perera
>            Assignee: Asankha C. Perera
>            Priority: Minor
>             Fix For: 4.1-beta1
>
>         Attachments: HTTPCORE-217-alternative.patch
>
>
> The SSLIOSessionHandler allows one to verify a client hostname and the SSL connection established before the request is processed. If we further pass the IOSession to this method from the SSLIOSession invoking the verify() method, it would be possible to set values of interest on the context for subsequent processing - e.g. the client certificate DN.
> See http://markmail.org/thread/6grtzrngyzcuhnor

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

[jira] Resolved: (HTTPCORE-217) Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later

Posted by "Asankha C. Perera (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/HTTPCORE-217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Asankha C. Perera resolved HTTPCORE-217.
----------------------------------------

    Resolution: Fixed

Fixed - now an extended SSLIOSessionHandlerExt interface is introduced, to maintain backwards compatibility and still expose the enhanced method, as per the suggestion by Oleg

> Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-217
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-217
>             Project: HttpComponents HttpCore
>          Issue Type: Improvement
>          Components: HttpCore NIO
>    Affects Versions: 4.1-alpha1
>            Reporter: Asankha C. Perera
>            Assignee: Asankha C. Perera
>            Priority: Minor
>             Fix For: 4.1-beta1
>
>
> The SSLIOSessionHandler allows one to verify a client hostname and the SSL connection established before the request is processed. If we further pass the IOSession to this method from the SSLIOSession invoking the verify() method, it would be possible to set values of interest on the context for subsequent processing - e.g. the client certificate DN.
> See http://markmail.org/thread/6grtzrngyzcuhnor

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

[jira] Updated: (HTTPCORE-217) Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later

Posted by "Oleg Kalnichevski (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/HTTPCORE-217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski updated HTTPCORE-217:
---------------------------------------

    Attachment: HTTPCORE-217-alternative.patch

Hi Asankha

Here's a slightly different take on the same problem, which makes the extended interface unnecessary. See if you like it better.

The downside of this approach is that SSLClientIOEventDispatch / SSLServerIOEventDispatch classes would need to be changed or deprecated.

Cheers

Oleg

> Enhance the SSLIOSessionHandler to pass the IOSession, so that verified client information be saved and processed later
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-217
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-217
>             Project: HttpComponents HttpCore
>          Issue Type: Improvement
>          Components: HttpCore NIO
>    Affects Versions: 4.1-alpha1
>            Reporter: Asankha C. Perera
>            Assignee: Asankha C. Perera
>            Priority: Minor
>             Fix For: 4.1-beta1
>
>         Attachments: HTTPCORE-217-alternative.patch
>
>
> The SSLIOSessionHandler allows one to verify a client hostname and the SSL connection established before the request is processed. If we further pass the IOSession to this method from the SSLIOSession invoking the verify() method, it would be possible to set values of interest on the context for subsequent processing - e.g. the client certificate DN.
> See http://markmail.org/thread/6grtzrngyzcuhnor

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org