You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Alan Marcinkowski <al...@covergence.com> on 2007/01/22 21:48:58 UTC
Replace SSLServerSocketFactory?
Hello All,
I know that there used to be (in tomcat 4) a way to replace the
SSLServerSocketFactory that got used to create the listener. I'm using
5.5 and want to put in a custom socket factory with a custom
TrustManager that uses external configuration to make client
authentication decisions. We're using tomcat embedded (writing code
around the org.apache.catalina.startup.Embedded class) to try and setup
the server. I looked at the Catalina source code and found in
Http11BaseProtocol.java:
private void checkSocketFactory() throws Exception {
if (secure) {
try {
// The SSL setup code has been moved into
// SSLImplementation since SocketFactory doesn't
// provide a wide enough interface
sslImplementation =
SSLImplementation.getInstance(sslImplementationName);
socketFactory =
sslImplementation.getServerSocketFactory();
ep.setServerSocketFactory(socketFactory);
} catch (ClassNotFoundException e){
throw e;
}
} else if (socketFactoryName != null) {
try {
socketFactory = string2SocketFactory(socketFactoryName);
ep.setServerSocketFactory(socketFactory);
} catch(Exception sfex) {
throw sfex;
}
}
}
Which leads me to believe that directly overriding the factory is no
longer doable (also noticing that the <Factory> element is gone from the
XML server configuration file. Does anyone know a way to provide a
custom SSL implementation in 5.5 without rebuilding / rewriting the
actual Catalina code?
TIA,
Alan