New SSL code (using sockets)

["Nelson, Christopher" <cn...@synchrony.net>]

Ok guys, I've got some code for you all to test.  I've given a run through
some of the samples, and it appears to work, but nothing super thorough.
The code to do the SSL socket is very simple.  I wanted to not build in a
dependancy on JSSE for those who don't want/need SSL, so I introduced a
separate class to the SSL socket creation, which I call through reflection
to avoid the compile time dependency.  Please give this a go and report any
problems.  If it gets the green light I'll check it in.  Oh, to run this
code you will need to add a system property to build an https url.  And of
course, you'll need JSSE and a SSL capable webserver.  call java with: 
-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol

Thanks,

Chris Nelson
Product Engineer
Synchrony Communications

-----Original Message-----
From: nathanwray [mailto:nwray@mich.com]
Sent: Wednesday, November 29, 2000 1:32 PM
To: soap-dev@xml.apache.org
Subject: Re: SSL - results of today's chat




How is this progressing Chris?  I'd be happy to take a crack at it but I'd
hate
to duplicate effort.

-Nathan



"Nelson, Christopher" wrote:

> For those that were there, sorry I missed the end, had to step away.  It
> seems like be basically concluded that URLConnection will not work for SSL
> due to a bug (feature) that prevents retrieving content when the server
> returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> will attempt to use the JSSE SSLSocket to do the SSL communication.  I
don'
> t think this will be difficult,  and will try to have this done by
> tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
>
> Thanks,
>
> Chris Nelson
> Product Engineer
> Synchrony Communications

--
Nathan Wray
nwray@mich.com
--
If you lend someone $20, and never see that
person again, it was probably worth it.

Re: New SSL code (using sockets)

[Niclas Olofsson <gu...@acc.umu.se>]

I have been using tomcat to do a secure website based on HTTPS. I just
couldn't get it working properly because the URL constantly transforms
from https://xxx to http://xxx:143. I think they have fixed this in
tomcat by now and it strikes me that whatever SSL solution that is
presented here should be eqvavilent to the one used in tomcat. If tomcat
still have this problem, I see no reason why they wouldn't be interested
in a working solution from Soap Apache.
I ended up implementing my own sort of URL rewriting for the application
I was writing because I'm on fBSD and we're not used to getting late
breaking fixes.

Maybe somone here can clarify this for me?

/Niclas

nathan wray wrote:
> I was wondering about the call through reflection for the socket creation, does
> this have a runtime impact?  This happens on every call so it could be
> significant.  Does anyone know if reflection creates a noticible performance hit?
> 
> Would it be possible instead to create a setter method on the HTTPUrils class that
> accepts a SocketFactory and protocol.  Then the isolation class could create an
> SSLSocketFactory and register it with the HTTPUtils class as the factory for
> "https".  That would take advantage of the subclassing of the SocketFactory and
> isolate the security code without resorting to reflection.  I think there are
> several patterns in Java that allow the registering of factories that we could use
> as a model.
> 
> Sanjiva Weerawarana wrote:
> 
> > I'd like to get the base client-side SSL code that Chris sent committed.
> > Does anyone object?
> >
> > Chris, are you a committer? If not I'd like to nominate you for committer
> > so that u can put it in (and maintain it :-)).
> >
> > Also, you don't use URLConnection right (I'm referring to the discussion
> > ref the problems with it and HTTP 500 errors)?
> >
> > Sanjiva.
> >
> > ----- Original Message -----
> > From: "Nelson, Christopher" <cn...@synchrony.net>
> > To: <so...@xml.apache.org>
> > Cc: "Galluzzo, Eric" <EG...@synchrony.net>
> > Sent: Wednesday, November 29, 2000 11:42 PM
> > Subject: New SSL code (using sockets)
> >
> > > Ok guys, I've got some code for you all to test.  I've given a run through
> > > some of the samples, and it appears to work, but nothing super thorough.
> > > The code to do the SSL socket is very simple.  I wanted to not build in a
> > > dependancy on JSSE for those who don't want/need SSL, so I introduced a
> > > separate class to the SSL socket creation, which I call through reflection
> > > to avoid the compile time dependency.  Please give this a go and report any
> > > problems.  If it gets the green light I'll check it in.  Oh, to run this
> > > code you will need to add a system property to build an https url.  And of
> > > course, you'll need JSSE and a SSL capable webserver.  call java with:
> > > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
> > >
> > > Thanks,
> > >
> > > Chris Nelson
> > > Product Engineer
> > > Synchrony Communications
> > >
> > > -----Original Message-----
> > > From: nathanwray [mailto:nwray@mich.com]
> > > Sent: Wednesday, November 29, 2000 1:32 PM
> > > To: soap-dev@xml.apache.org
> > > Subject: Re: SSL - results of today's chat
> > >
> > >
> > >
> > >
> > > How is this progressing Chris?  I'd be happy to take a crack at it but I'd
> > > hate
> > > to duplicate effort.
> > >
> > > -Nathan
> > >
> > >
> > >
> > > "Nelson, Christopher" wrote:
> > >
> > > > For those that were there, sorry I missed the end, had to step away.  It
> > > > seems like be basically concluded that URLConnection will not work for SSL
> > > > due to a bug (feature) that prevents retrieving content when the server
> > > > returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> > > > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> > > don'
> > > > t think this will be difficult,  and will try to have this done by
> > > > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> > > >
> > > > Thanks,
> > > >
> > > > Chris Nelson
> > > > Product Engineer
> > > > Synchrony Communications
> > >
> > > --
> > > Nathan Wray
> > > nwray@mich.com
> > > --
> > > If you lend someone $20, and never see that
> > > person again, it was probably worth it.
> > >
> > >
> > >
> 
> --
> Nathan Wray
> nathan@nwray.plus.com
> --
> If you lend someone $20, and never see that
> person again, it was probably worth it.

-- 
Niclas Olofsson - http://www.ismobile.com
Product Development, isMobile, Aurorum 2, S-977 75 Luleå, Sweden
Phone: +46(0)920-75550
Mobile: +46(0)70-3726404

Re: New SSL code (using sockets)

[Niclas Olofsson <gu...@acc.umu.se>]

I have been using tomcat to do a secure website based on HTTPS. I just
couldn't get it working properly because the URL constantly transforms
from https://xxx to http://xxx:143. I think they have fixed this in
tomcat by now and it strikes me that whatever SSL solution that is
presented here should be eqvavilent to the one used in tomcat. If tomcat
still have this problem, I see no reason why they wouldn't be interested
in a working solution from Soap Apache.
I ended up implementing my own sort of URL rewriting for the application
I was writing because I'm on fBSD and we're not used to getting late
breaking fixes.

Maybe somone here can clarify this for me?

/Niclas

nathan wray wrote:
> I was wondering about the call through reflection for the socket creation, does
> this have a runtime impact?  This happens on every call so it could be
> significant.  Does anyone know if reflection creates a noticible performance hit?
> 
> Would it be possible instead to create a setter method on the HTTPUrils class that
> accepts a SocketFactory and protocol.  Then the isolation class could create an
> SSLSocketFactory and register it with the HTTPUtils class as the factory for
> "https".  That would take advantage of the subclassing of the SocketFactory and
> isolate the security code without resorting to reflection.  I think there are
> several patterns in Java that allow the registering of factories that we could use
> as a model.
> 
> Sanjiva Weerawarana wrote:
> 
> > I'd like to get the base client-side SSL code that Chris sent committed.
> > Does anyone object?
> >
> > Chris, are you a committer? If not I'd like to nominate you for committer
> > so that u can put it in (and maintain it :-)).
> >
> > Also, you don't use URLConnection right (I'm referring to the discussion
> > ref the problems with it and HTTP 500 errors)?
> >
> > Sanjiva.
> >
> > ----- Original Message -----
> > From: "Nelson, Christopher" <cn...@synchrony.net>
> > To: <so...@xml.apache.org>
> > Cc: "Galluzzo, Eric" <EG...@synchrony.net>
> > Sent: Wednesday, November 29, 2000 11:42 PM
> > Subject: New SSL code (using sockets)
> >
> > > Ok guys, I've got some code for you all to test.  I've given a run through
> > > some of the samples, and it appears to work, but nothing super thorough.
> > > The code to do the SSL socket is very simple.  I wanted to not build in a
> > > dependancy on JSSE for those who don't want/need SSL, so I introduced a
> > > separate class to the SSL socket creation, which I call through reflection
> > > to avoid the compile time dependency.  Please give this a go and report any
> > > problems.  If it gets the green light I'll check it in.  Oh, to run this
> > > code you will need to add a system property to build an https url.  And of
> > > course, you'll need JSSE and a SSL capable webserver.  call java with:
> > > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
> > >
> > > Thanks,
> > >
> > > Chris Nelson
> > > Product Engineer
> > > Synchrony Communications
> > >
> > > -----Original Message-----
> > > From: nathanwray [mailto:nwray@mich.com]
> > > Sent: Wednesday, November 29, 2000 1:32 PM
> > > To: soap-dev@xml.apache.org
> > > Subject: Re: SSL - results of today's chat
> > >
> > >
> > >
> > >
> > > How is this progressing Chris?  I'd be happy to take a crack at it but I'd
> > > hate
> > > to duplicate effort.
> > >
> > > -Nathan
> > >
> > >
> > >
> > > "Nelson, Christopher" wrote:
> > >
> > > > For those that were there, sorry I missed the end, had to step away.  It
> > > > seems like be basically concluded that URLConnection will not work for SSL
> > > > due to a bug (feature) that prevents retrieving content when the server
> > > > returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> > > > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> > > don'
> > > > t think this will be difficult,  and will try to have this done by
> > > > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> > > >
> > > > Thanks,
> > > >
> > > > Chris Nelson
> > > > Product Engineer
> > > > Synchrony Communications
> > >
> > > --
> > > Nathan Wray
> > > nwray@mich.com
> > > --
> > > If you lend someone $20, and never see that
> > > person again, it was probably worth it.
> > >
> > >
> > >
> 
> --
> Nathan Wray
> nathan@nwray.plus.com
> --
> If you lend someone $20, and never see that
> person again, it was probably worth it.

-- 
Niclas Olofsson - http://www.ismobile.com
Product Development, isMobile, Aurorum 2, S-977 75 Luleå, Sweden
Phone: +46(0)920-75550
Mobile: +46(0)70-3726404

Re: New SSL code (using sockets)

[Sanjiva Weerawarana <sa...@watson.ibm.com>]

The reflection call cost is definitely an issue. If using a SocketFactory
can avoid it (by changing HTTPUtils) then let's do that!

Chris, please go ahead and commit your version when you get a chance
and we'll work on improving it after its in.

Thanks,

Sanjiva.

----- Original Message -----
From: "nathan wray" <na...@nwray.plus.com>
To: <so...@xml.apache.org>
Sent: Wednesday, December 06, 2000 7:11 AM
Subject: Re: New SSL code (using sockets)


>
> I was wondering about the call through reflection for the socket creation,
does
> this have a runtime impact?  This happens on every call so it could be
> significant.  Does anyone know if reflection creates a noticible performance
hit?
>
> Would it be possible instead to create a setter method on the HTTPUrils
class that
> accepts a SocketFactory and protocol.  Then the isolation class could create
an
> SSLSocketFactory and register it with the HTTPUtils class as the factory for
> "https".  That would take advantage of the subclassing of the SocketFactory
and
> isolate the security code without resorting to reflection.  I think there
are
> several patterns in Java that allow the registering of factories that we
could use
> as a model.
>
>
> Sanjiva Weerawarana wrote:
>
> > I'd like to get the base client-side SSL code that Chris sent committed.
> > Does anyone object?
> >
> > Chris, are you a committer? If not I'd like to nominate you for committer
> > so that u can put it in (and maintain it :-)).
> >
> > Also, you don't use URLConnection right (I'm referring to the discussion
> > ref the problems with it and HTTP 500 errors)?
> >
> > Sanjiva.
> >
> > ----- Original Message -----
> > From: "Nelson, Christopher" <cn...@synchrony.net>
> > To: <so...@xml.apache.org>
> > Cc: "Galluzzo, Eric" <EG...@synchrony.net>
> > Sent: Wednesday, November 29, 2000 11:42 PM
> > Subject: New SSL code (using sockets)
> >
> > > Ok guys, I've got some code for you all to test.  I've given a run
through
> > > some of the samples, and it appears to work, but nothing super thorough.
> > > The code to do the SSL socket is very simple.  I wanted to not build in
a
> > > dependancy on JSSE for those who don't want/need SSL, so I introduced a
> > > separate class to the SSL socket creation, which I call through
reflection
> > > to avoid the compile time dependency.  Please give this a go and report
any
> > > problems.  If it gets the green light I'll check it in.  Oh, to run this
> > > code you will need to add a system property to build an https url.  And
of
> > > course, you'll need JSSE and a SSL capable webserver.  call java with:
> > > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
> > >
> > > Thanks,
> > >
> > > Chris Nelson
> > > Product Engineer
> > > Synchrony Communications
> > >
> > > -----Original Message-----
> > > From: nathanwray [mailto:nwray@mich.com]
> > > Sent: Wednesday, November 29, 2000 1:32 PM
> > > To: soap-dev@xml.apache.org
> > > Subject: Re: SSL - results of today's chat
> > >
> > >
> > >
> > >
> > > How is this progressing Chris?  I'd be happy to take a crack at it but
I'd
> > > hate
> > > to duplicate effort.
> > >
> > > -Nathan
> > >
> > >
> > >
> > > "Nelson, Christopher" wrote:
> > >
> > > > For those that were there, sorry I missed the end, had to step away.
It
> > > > seems like be basically concluded that URLConnection will not work for
SSL
> > > > due to a bug (feature) that prevents retrieving content when the
server
> > > > returns a 500 status code for faults as per the SOAP spec.  Therefore,
I
> > > > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> > > don'
> > > > t think this will be difficult,  and will try to have this done by
> > > > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> > > >
> > > > Thanks,
> > > >
> > > > Chris Nelson
> > > > Product Engineer
> > > > Synchrony Communications
> > >
> > > --
> > > Nathan Wray
> > > nwray@mich.com
> > > --
> > > If you lend someone $20, and never see that
> > > person again, it was probably worth it.
> > >
> > >
> > >
>
> --
> Nathan Wray
> nathan@nwray.plus.com
> --
> If you lend someone $20, and never see that
> person again, it was probably worth it.
>
>

Re: New SSL code (using sockets)

[Sanjiva Weerawarana <sa...@watson.ibm.com>]

The reflection call cost is definitely an issue. If using a SocketFactory
can avoid it (by changing HTTPUtils) then let's do that!

Chris, please go ahead and commit your version when you get a chance
and we'll work on improving it after its in.

Thanks,

Sanjiva.

----- Original Message -----
From: "nathan wray" <na...@nwray.plus.com>
To: <so...@xml.apache.org>
Sent: Wednesday, December 06, 2000 7:11 AM
Subject: Re: New SSL code (using sockets)


>
> I was wondering about the call through reflection for the socket creation,
does
> this have a runtime impact?  This happens on every call so it could be
> significant.  Does anyone know if reflection creates a noticible performance
hit?
>
> Would it be possible instead to create a setter method on the HTTPUrils
class that
> accepts a SocketFactory and protocol.  Then the isolation class could create
an
> SSLSocketFactory and register it with the HTTPUtils class as the factory for
> "https".  That would take advantage of the subclassing of the SocketFactory
and
> isolate the security code without resorting to reflection.  I think there
are
> several patterns in Java that allow the registering of factories that we
could use
> as a model.
>
>
> Sanjiva Weerawarana wrote:
>
> > I'd like to get the base client-side SSL code that Chris sent committed.
> > Does anyone object?
> >
> > Chris, are you a committer? If not I'd like to nominate you for committer
> > so that u can put it in (and maintain it :-)).
> >
> > Also, you don't use URLConnection right (I'm referring to the discussion
> > ref the problems with it and HTTP 500 errors)?
> >
> > Sanjiva.
> >
> > ----- Original Message -----
> > From: "Nelson, Christopher" <cn...@synchrony.net>
> > To: <so...@xml.apache.org>
> > Cc: "Galluzzo, Eric" <EG...@synchrony.net>
> > Sent: Wednesday, November 29, 2000 11:42 PM
> > Subject: New SSL code (using sockets)
> >
> > > Ok guys, I've got some code for you all to test.  I've given a run
through
> > > some of the samples, and it appears to work, but nothing super thorough.
> > > The code to do the SSL socket is very simple.  I wanted to not build in
a
> > > dependancy on JSSE for those who don't want/need SSL, so I introduced a
> > > separate class to the SSL socket creation, which I call through
reflection
> > > to avoid the compile time dependency.  Please give this a go and report
any
> > > problems.  If it gets the green light I'll check it in.  Oh, to run this
> > > code you will need to add a system property to build an https url.  And
of
> > > course, you'll need JSSE and a SSL capable webserver.  call java with:
> > > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
> > >
> > > Thanks,
> > >
> > > Chris Nelson
> > > Product Engineer
> > > Synchrony Communications
> > >
> > > -----Original Message-----
> > > From: nathanwray [mailto:nwray@mich.com]
> > > Sent: Wednesday, November 29, 2000 1:32 PM
> > > To: soap-dev@xml.apache.org
> > > Subject: Re: SSL - results of today's chat
> > >
> > >
> > >
> > >
> > > How is this progressing Chris?  I'd be happy to take a crack at it but
I'd
> > > hate
> > > to duplicate effort.
> > >
> > > -Nathan
> > >
> > >
> > >
> > > "Nelson, Christopher" wrote:
> > >
> > > > For those that were there, sorry I missed the end, had to step away.
It
> > > > seems like be basically concluded that URLConnection will not work for
SSL
> > > > due to a bug (feature) that prevents retrieving content when the
server
> > > > returns a 500 status code for faults as per the SOAP spec.  Therefore,
I
> > > > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> > > don'
> > > > t think this will be difficult,  and will try to have this done by
> > > > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> > > >
> > > > Thanks,
> > > >
> > > > Chris Nelson
> > > > Product Engineer
> > > > Synchrony Communications
> > >
> > > --
> > > Nathan Wray
> > > nwray@mich.com
> > > --
> > > If you lend someone $20, and never see that
> > > person again, it was probably worth it.
> > >
> > >
> > >
>
> --
> Nathan Wray
> nathan@nwray.plus.com
> --
> If you lend someone $20, and never see that
> person again, it was probably worth it.
>
>

Re: New SSL code (using sockets)

[nathan wray <na...@nwray.plus.com>]

I was wondering about the call through reflection for the socket creation, does
this have a runtime impact?  This happens on every call so it could be
significant.  Does anyone know if reflection creates a noticible performance hit?

Would it be possible instead to create a setter method on the HTTPUrils class that
accepts a SocketFactory and protocol.  Then the isolation class could create an
SSLSocketFactory and register it with the HTTPUtils class as the factory for
"https".  That would take advantage of the subclassing of the SocketFactory and
isolate the security code without resorting to reflection.  I think there are
several patterns in Java that allow the registering of factories that we could use
as a model.


Sanjiva Weerawarana wrote:

> I'd like to get the base client-side SSL code that Chris sent committed.
> Does anyone object?
>
> Chris, are you a committer? If not I'd like to nominate you for committer
> so that u can put it in (and maintain it :-)).
>
> Also, you don't use URLConnection right (I'm referring to the discussion
> ref the problems with it and HTTP 500 errors)?
>
> Sanjiva.
>
> ----- Original Message -----
> From: "Nelson, Christopher" <cn...@synchrony.net>
> To: <so...@xml.apache.org>
> Cc: "Galluzzo, Eric" <EG...@synchrony.net>
> Sent: Wednesday, November 29, 2000 11:42 PM
> Subject: New SSL code (using sockets)
>
> > Ok guys, I've got some code for you all to test.  I've given a run through
> > some of the samples, and it appears to work, but nothing super thorough.
> > The code to do the SSL socket is very simple.  I wanted to not build in a
> > dependancy on JSSE for those who don't want/need SSL, so I introduced a
> > separate class to the SSL socket creation, which I call through reflection
> > to avoid the compile time dependency.  Please give this a go and report any
> > problems.  If it gets the green light I'll check it in.  Oh, to run this
> > code you will need to add a system property to build an https url.  And of
> > course, you'll need JSSE and a SSL capable webserver.  call java with:
> > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
> >
> > Thanks,
> >
> > Chris Nelson
> > Product Engineer
> > Synchrony Communications
> >
> > -----Original Message-----
> > From: nathanwray [mailto:nwray@mich.com]
> > Sent: Wednesday, November 29, 2000 1:32 PM
> > To: soap-dev@xml.apache.org
> > Subject: Re: SSL - results of today's chat
> >
> >
> >
> >
> > How is this progressing Chris?  I'd be happy to take a crack at it but I'd
> > hate
> > to duplicate effort.
> >
> > -Nathan
> >
> >
> >
> > "Nelson, Christopher" wrote:
> >
> > > For those that were there, sorry I missed the end, had to step away.  It
> > > seems like be basically concluded that URLConnection will not work for SSL
> > > due to a bug (feature) that prevents retrieving content when the server
> > > returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> > > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> > don'
> > > t think this will be difficult,  and will try to have this done by
> > > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> > >
> > > Thanks,
> > >
> > > Chris Nelson
> > > Product Engineer
> > > Synchrony Communications
> >
> > --
> > Nathan Wray
> > nwray@mich.com
> > --
> > If you lend someone $20, and never see that
> > person again, it was probably worth it.
> >
> >
> >

--
Nathan Wray
nathan@nwray.plus.com
--
If you lend someone $20, and never see that
person again, it was probably worth it.

Re: New SSL code (using sockets)

[nathan wray <na...@nwray.plus.com>]

I was wondering about the call through reflection for the socket creation, does
this have a runtime impact?  This happens on every call so it could be
significant.  Does anyone know if reflection creates a noticible performance hit?

Would it be possible instead to create a setter method on the HTTPUrils class that
accepts a SocketFactory and protocol.  Then the isolation class could create an
SSLSocketFactory and register it with the HTTPUtils class as the factory for
"https".  That would take advantage of the subclassing of the SocketFactory and
isolate the security code without resorting to reflection.  I think there are
several patterns in Java that allow the registering of factories that we could use
as a model.


Sanjiva Weerawarana wrote:

> I'd like to get the base client-side SSL code that Chris sent committed.
> Does anyone object?
>
> Chris, are you a committer? If not I'd like to nominate you for committer
> so that u can put it in (and maintain it :-)).
>
> Also, you don't use URLConnection right (I'm referring to the discussion
> ref the problems with it and HTTP 500 errors)?
>
> Sanjiva.
>
> ----- Original Message -----
> From: "Nelson, Christopher" <cn...@synchrony.net>
> To: <so...@xml.apache.org>
> Cc: "Galluzzo, Eric" <EG...@synchrony.net>
> Sent: Wednesday, November 29, 2000 11:42 PM
> Subject: New SSL code (using sockets)
>
> > Ok guys, I've got some code for you all to test.  I've given a run through
> > some of the samples, and it appears to work, but nothing super thorough.
> > The code to do the SSL socket is very simple.  I wanted to not build in a
> > dependancy on JSSE for those who don't want/need SSL, so I introduced a
> > separate class to the SSL socket creation, which I call through reflection
> > to avoid the compile time dependency.  Please give this a go and report any
> > problems.  If it gets the green light I'll check it in.  Oh, to run this
> > code you will need to add a system property to build an https url.  And of
> > course, you'll need JSSE and a SSL capable webserver.  call java with:
> > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
> >
> > Thanks,
> >
> > Chris Nelson
> > Product Engineer
> > Synchrony Communications
> >
> > -----Original Message-----
> > From: nathanwray [mailto:nwray@mich.com]
> > Sent: Wednesday, November 29, 2000 1:32 PM
> > To: soap-dev@xml.apache.org
> > Subject: Re: SSL - results of today's chat
> >
> >
> >
> >
> > How is this progressing Chris?  I'd be happy to take a crack at it but I'd
> > hate
> > to duplicate effort.
> >
> > -Nathan
> >
> >
> >
> > "Nelson, Christopher" wrote:
> >
> > > For those that were there, sorry I missed the end, had to step away.  It
> > > seems like be basically concluded that URLConnection will not work for SSL
> > > due to a bug (feature) that prevents retrieving content when the server
> > > returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> > > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> > don'
> > > t think this will be difficult,  and will try to have this done by
> > > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> > >
> > > Thanks,
> > >
> > > Chris Nelson
> > > Product Engineer
> > > Synchrony Communications
> >
> > --
> > Nathan Wray
> > nwray@mich.com
> > --
> > If you lend someone $20, and never see that
> > person again, it was probably worth it.
> >
> >
> >

--
Nathan Wray
nathan@nwray.plus.com
--
If you lend someone $20, and never see that
person again, it was probably worth it.

Re: New SSL code (using sockets)

[Sanjiva Weerawarana <sa...@watson.ibm.com>]

I'd like to get the base client-side SSL code that Chris sent committed.
Does anyone object?

Chris, are you a committer? If not I'd like to nominate you for committer
so that u can put it in (and maintain it :-)).

Also, you don't use URLConnection right (I'm referring to the discussion
ref the problems with it and HTTP 500 errors)?

Sanjiva.

----- Original Message -----
From: "Nelson, Christopher" <cn...@synchrony.net>
To: <so...@xml.apache.org>
Cc: "Galluzzo, Eric" <EG...@synchrony.net>
Sent: Wednesday, November 29, 2000 11:42 PM
Subject: New SSL code (using sockets)


> Ok guys, I've got some code for you all to test.  I've given a run through
> some of the samples, and it appears to work, but nothing super thorough.
> The code to do the SSL socket is very simple.  I wanted to not build in a
> dependancy on JSSE for those who don't want/need SSL, so I introduced a
> separate class to the SSL socket creation, which I call through reflection
> to avoid the compile time dependency.  Please give this a go and report any
> problems.  If it gets the green light I'll check it in.  Oh, to run this
> code you will need to add a system property to build an https url.  And of
> course, you'll need JSSE and a SSL capable webserver.  call java with:
> -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
>
> Thanks,
>
> Chris Nelson
> Product Engineer
> Synchrony Communications
>
> -----Original Message-----
> From: nathanwray [mailto:nwray@mich.com]
> Sent: Wednesday, November 29, 2000 1:32 PM
> To: soap-dev@xml.apache.org
> Subject: Re: SSL - results of today's chat
>
>
>
>
> How is this progressing Chris?  I'd be happy to take a crack at it but I'd
> hate
> to duplicate effort.
>
> -Nathan
>
>
>
> "Nelson, Christopher" wrote:
>
> > For those that were there, sorry I missed the end, had to step away.  It
> > seems like be basically concluded that URLConnection will not work for SSL
> > due to a bug (feature) that prevents retrieving content when the server
> > returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> don'
> > t think this will be difficult,  and will try to have this done by
> > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> >
> > Thanks,
> >
> > Chris Nelson
> > Product Engineer
> > Synchrony Communications
>
> --
> Nathan Wray
> nwray@mich.com
> --
> If you lend someone $20, and never see that
> person again, it was probably worth it.
>
>
>

Re: New SSL code (using sockets)

[Sanjiva Weerawarana <sa...@watson.ibm.com>]

I'd like to get the base client-side SSL code that Chris sent committed.
Does anyone object?

Chris, are you a committer? If not I'd like to nominate you for committer
so that u can put it in (and maintain it :-)).

Also, you don't use URLConnection right (I'm referring to the discussion
ref the problems with it and HTTP 500 errors)?

Sanjiva.

----- Original Message -----
From: "Nelson, Christopher" <cn...@synchrony.net>
To: <so...@xml.apache.org>
Cc: "Galluzzo, Eric" <EG...@synchrony.net>
Sent: Wednesday, November 29, 2000 11:42 PM
Subject: New SSL code (using sockets)


> Ok guys, I've got some code for you all to test.  I've given a run through
> some of the samples, and it appears to work, but nothing super thorough.
> The code to do the SSL socket is very simple.  I wanted to not build in a
> dependancy on JSSE for those who don't want/need SSL, so I introduced a
> separate class to the SSL socket creation, which I call through reflection
> to avoid the compile time dependency.  Please give this a go and report any
> problems.  If it gets the green light I'll check it in.  Oh, to run this
> code you will need to add a system property to build an https url.  And of
> course, you'll need JSSE and a SSL capable webserver.  call java with:
> -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol
>
> Thanks,
>
> Chris Nelson
> Product Engineer
> Synchrony Communications
>
> -----Original Message-----
> From: nathanwray [mailto:nwray@mich.com]
> Sent: Wednesday, November 29, 2000 1:32 PM
> To: soap-dev@xml.apache.org
> Subject: Re: SSL - results of today's chat
>
>
>
>
> How is this progressing Chris?  I'd be happy to take a crack at it but I'd
> hate
> to duplicate effort.
>
> -Nathan
>
>
>
> "Nelson, Christopher" wrote:
>
> > For those that were there, sorry I missed the end, had to step away.  It
> > seems like be basically concluded that URLConnection will not work for SSL
> > due to a bug (feature) that prevents retrieving content when the server
> > returns a 500 status code for faults as per the SOAP spec.  Therefore, I
> > will attempt to use the JSSE SSLSocket to do the SSL communication.  I
> don'
> > t think this will be difficult,  and will try to have this done by
> > tommorrow.  Sanjiva and Wouter, please let me know if this is correct.
> >
> > Thanks,
> >
> > Chris Nelson
> > Product Engineer
> > Synchrony Communications
>
> --
> Nathan Wray
> nwray@mich.com
> --
> If you lend someone $20, and never see that
> person again, it was probably worth it.
>
>
>