You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by "M.Zdila/EpiSoftware Slovakia Ltd." <m....@episoftware.com> on 2006/09/19 18:27:55 UTC
SSLSocket
Hello
In my application I am extending Socket to override getInputStream and
getOutputStream to add custom low-level "filtering". I use this socket in my
custom ProtocolSocketFactory that is registered to httpclient with
Protocol.registerProtocol. This is for HTTP protocol. Now I need the same
with HTTPS protocol. I use EasySSLProtocolSocketFactory from contrib. The
problem is that I can't implement MyCustomSSLSocket that extend SSLSocket,
because this SSLSocket is created by SSLContext -> SSLSocketFactory.
javax.net.SSLContext is abstract. Any hints to solve this problem? Should I
use some other JSSE like Jessie?
Thanks in advance.
Regards
--
Martin Zdila
Analyst/Developer
EpiSoftware Slovakia Ltd.
Letna 27, 043 14 Kosice
cellular: +421 908 363 848
phone: +421 55 6770 420
fax: +421 55 6770 420
e-mail: m.zdila@episoftware.com
www: www.episoftware.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
RE: SSLSocket
Posted by Julius Davies <ju...@cucbc.com>.
Hi,
I like this idea. I've added it to the draft version of "commons-ssl".
http://juliusdavies.ca/commons-ssl/
If you use commons-ssl.jar, you can now do this:
First, extend the SSLSocketWrapper provided by commons-ssl, and override the methods you want to take over:
public static class MySSLSocket extends SSLSocketWrapper
{
MySSLSocket( SSLSocket s ) { super( s ); }
public InputStream getInputStream() throws IOException
{
// Just an simple example. Real world would probably do more
// interesting things.
InputStream original = super.getInputStream();
return new BufferedInputStream( original );
}
}
Next, create your own SSLWrapperFactory implementation, and set it on your SSLClient (SSLClient extends SSLSocketFactory):
SSLClient client = new SSLClient();
// Let's trust usual "cacerts" that come with Java.
// Plus, let's also trust a self-signed cert we know of.
// We have some additional certs to trust inside a java keystore file.
client.addTrustMaterial( TrustMaterial.CACERTS );
client.addTrustMaterial( new TrustMaterial( "/path/to/self-signed.pem" ) );
client.addTrustMaterial( new KeyMaterial( "/path/to/keystore.jks", "changeit".toCharArray() ) );
SSLWrapperFactory myWrapper = new SSLWrapperFactory()
{
public SSLSocket wrap( SSLSocket s ) { return new MySSLSocket( s ); }
public SSLServerSocket wrap( SSLServerSocket s ) { return null; }
};
client.setSSLWrapperFactory( myWrapper );
yours,
Julius Davies
-----Original Message-----
From: M.Zdila/EpiSoftware Slovakia Ltd. [mailto:m.zdila@episoftware.com]
Sent: Tue 9/19/2006 9:45 AM
To: HttpClient User Discussion
Cc:
Subject: Re: SSLSocket
Hi Roland
I was starting to write a wrapper but I thought I went a wrong way :-) So I'll
try it again. Thanks for kicking me back to the right way ;-)
On Tuesday 19 September 2006 18:34, Roland Weber wrote:
> Hi,
>
> > In my application I am extending Socket to override getInputStream and
> > getOutputStream to add custom low-level "filtering". I use this socket in
> > my custom ProtocolSocketFactory that is registered to httpclient with
> > Protocol.registerProtocol. This is for HTTP protocol. Now I need the same
> > with HTTPS protocol. I use EasySSLProtocolSocketFactory from contrib. The
> > problem is that I can't implement MyCustomSSLSocket that extend
> > SSLSocket, because this SSLSocket is created by SSLContext ->
> > SSLSocketFactory. javax.net.SSLContext is abstract. Any hints to solve
> > this problem? Should I use some other JSSE like Jessie?
>
> Have you considered using a wrapper instead of extending the class
> that gets instantiated? In other words:
> - MyCustomSSLSocket extends SSLSocket
> - keep the wrapped socket from SSLSocketFactory as an attribute
> - delegate *all* calls of the SSLSocket class to the wrapped socket
> - add your custom modifications to the get{In|Out}putStream methods
>
> Some IDEs have tools that can generate basic wrappers automatically.
> One of the few occasions where I admit that IDEs have advantages :-)
>
> hope that helps,
> Roland
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
--
Martin Zdila
Analyst/Developer
EpiSoftware Slovakia Ltd.
Letna 27, 043 14 Kosice
cellular: +421 908 363 848
phone: +421 55 6770 420
fax: +421 55 6770 420
e-mail: m.zdila@episoftware.com
www: www.episoftware.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: SSLSocket
Posted by "M.Zdila/EpiSoftware Slovakia Ltd." <m....@episoftware.com>.
Hi Roland
I was starting to write a wrapper but I thought I went a wrong way :-) So I'll
try it again. Thanks for kicking me back to the right way ;-)
On Tuesday 19 September 2006 18:34, Roland Weber wrote:
> Hi,
>
> > In my application I am extending Socket to override getInputStream and
> > getOutputStream to add custom low-level "filtering". I use this socket in
> > my custom ProtocolSocketFactory that is registered to httpclient with
> > Protocol.registerProtocol. This is for HTTP protocol. Now I need the same
> > with HTTPS protocol. I use EasySSLProtocolSocketFactory from contrib. The
> > problem is that I can't implement MyCustomSSLSocket that extend
> > SSLSocket, because this SSLSocket is created by SSLContext ->
> > SSLSocketFactory. javax.net.SSLContext is abstract. Any hints to solve
> > this problem? Should I use some other JSSE like Jessie?
>
> Have you considered using a wrapper instead of extending the class
> that gets instantiated? In other words:
> - MyCustomSSLSocket extends SSLSocket
> - keep the wrapped socket from SSLSocketFactory as an attribute
> - delegate *all* calls of the SSLSocket class to the wrapped socket
> - add your custom modifications to the get{In|Out}putStream methods
>
> Some IDEs have tools that can generate basic wrappers automatically.
> One of the few occasions where I admit that IDEs have advantages :-)
>
> hope that helps,
> Roland
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
--
Martin Zdila
Analyst/Developer
EpiSoftware Slovakia Ltd.
Letna 27, 043 14 Kosice
cellular: +421 908 363 848
phone: +421 55 6770 420
fax: +421 55 6770 420
e-mail: m.zdila@episoftware.com
www: www.episoftware.com
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
Re: SSLSocket
Posted by Roland Weber <ht...@dubioso.net>.
Hi,
> In my application I am extending Socket to override getInputStream and
> getOutputStream to add custom low-level "filtering". I use this socket in my
> custom ProtocolSocketFactory that is registered to httpclient with
> Protocol.registerProtocol. This is for HTTP protocol. Now I need the same
> with HTTPS protocol. I use EasySSLProtocolSocketFactory from contrib. The
> problem is that I can't implement MyCustomSSLSocket that extend SSLSocket,
> because this SSLSocket is created by SSLContext -> SSLSocketFactory.
> javax.net.SSLContext is abstract. Any hints to solve this problem? Should I
> use some other JSSE like Jessie?
Have you considered using a wrapper instead of extending the class
that gets instantiated? In other words:
- MyCustomSSLSocket extends SSLSocket
- keep the wrapped socket from SSLSocketFactory as an attribute
- delegate *all* calls of the SSLSocket class to the wrapped socket
- add your custom modifications to the get{In|Out}putStream methods
Some IDEs have tools that can generate basic wrappers automatically.
One of the few occasions where I admit that IDEs have advantages :-)
hope that helps,
Roland
---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org