You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by ol...@apache.org on 2004/12/13 22:52:47 UTC
cvs commit: jakarta-commons/httpclient/xdocs sslguide.xml
olegk 2004/12/13 13:52:47
Modified: httpclient/xdocs Tag: HTTPCLIENT_2_0_BRANCH sslguide.xml
Log:
* AuthSSLProtocolSocketFactory description
* "Known limitations and problems" section amended
Revision Changes Path
No revision
No revision
1.2.2.4 +9 -3 jakarta-commons/httpclient/xdocs/sslguide.xml
Index: sslguide.xml
===================================================================
RCS file: /home/cvs/jakarta-commons/httpclient/xdocs/sslguide.xml,v
retrieving revision 1.2.2.3
retrieving revision 1.2.2.4
diff -u -r1.2.2.3 -r1.2.2.4
--- sslguide.xml 11 May 2004 21:46:38 -0000 1.2.2.3
+++ sslguide.xml 13 Dec 2004 21:52:47 -0000 1.2.2.4
@@ -183,6 +183,11 @@
<a href="http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH">
StrictSSLProtocolSocketFactory</a> can be used to create SSL connections that can optionally perform host name verification in order to help preventing man-in-the-middle type of attacks.
</li>
+ <li>
+ <a href="http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH">
+ AuthSSLProtocolSocketFactory</a> can be used to optionally enforce mutual client/server authentication. This is the most flexible
+ implementation of a protocol socket factory. It allows for customization of most, if not all, aspects of the SSL authentication.
+ </li>
</ul>
@@ -273,8 +278,9 @@
"Socket closed" exception).
</p>
<p>
- <strong>Solution:</strong> Make sure that you have all the latest fix packs applied. HttpClient users
- have reported that IBM Websphere Application Server versions 4.0.6, 5.0.2.2, 5.1 do not exhibit the problem.
+ <strong>Solution:</strong> Make sure that you have all the latest Websphere fix packs applied and IBMJSSE
+ is at least version 1.0.3. HttpClient users have reported that IBM Websphere Application Server versions
+ 4.0.6, 5.0.2.2, 5.1.0 and above do not exhibit this problem.
</p>
</li>
</ol>
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org