You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Canbay, Özkan" <O....@hzd.hessen.de> on 2003/05/08 17:11:32 UTC
How to implement a bi-directional SSL sheme ?
Hi,
currently I am implementing the "clients authenticate servers and servers
authenticate clients" scheme by using net and jsse library.
How can I implement the following by using httpclient ?
public String getData(String targetURLString, String cookiename, String
sessionid, String xmlData) {
System.setProperty( "javax.net.ssl.trustStore", "abc.jks");
System.setProperty( "javax.net.ssl.trustStorePassword",
"blabla");
System.setProperty( "javax.net.ssl.keyStore", "abc.jks");
System.setProperty( "javax.net.ssl.keyStorePassword", "blabla");
URL target = new URL( targetURLString);
HttpURLConnection conn = (HttpURLConnection)
target.openConnection();
conn.setRequestMethod("POST");
try {
com.sun.net.ssl.HttpsURLConnection secureConnection =
(com.sun.net.ssl.HttpsURLConnection) conn;
secureConnection.setHostnameVerifier(getHostnameVerifier());
} catch (ClassCastException e) {
System.out.println( "Connection is not HTTPS or not
provided by sun, cannot set
HostnameVerifier");
}
conn.setRequestProperty("Cookie", cookiename + "=" + sessionid);
conn.setUseCaches(false);
conn.setDoOutput(true);
conn.connect();
BufferedWriter writer = new BufferedWriter(new
OutputStreamWriter(conn.getOutputStream()));
this.getRequestContent().writeContent(new PrintWriter(writer));
writer.write( xmlData);
writer.flush();
writer.close();
BufferedReader reader = new BufferedReader(new
InputStreamReader(conn.getInputStream()));
resultContentString = new StringBuffer();
while ((text = reader.readLine()) != null) {
resultContentString.append(text + "\n");
}
return resultContentString.toString();
}
...
I started implementing by looking at the examples but I don't know what to
to if I recognize that the
connection is a secure(SSL) connection.
public String responseXMLDatagramm(String request) {
String response = null;
int status;
try {
URI uri = new URI(azrURI.toCharArray());
String host = uri.getHost();
int port = uri.getPort();
Protocol protocol = Protocol.getProtocol(uri.getScheme());
HttpConnection connection = new HttpConnection(host, port, protocol);
if (connection.isSecure()) {
--> // What to do here ?? <--
}
HttpState state = new HttpState();
PostMethod post = new PostMethod(uri.toString());
post.setRequestBody(request);
status = post.execute(state, connection);
response = post.getResponseBodyAsString();
Regards
Özkan
Re: How to implement a bi-directional SSL sheme ?
Posted by Oleg Kalnichevski <o....@dplanet.ch>.
Have a look at the following sample code. It's not exactly what you
need, but at least it may give you a fair understanding as to how
HttpClient can be extended to support custom SSL protocol
implementations:
http://cvs.apache.org/viewcvs/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/
Cheers
Oleg
On Thu, 2003-05-08 at 17:11, "Canbay, Özkan" wrote:
> Hi,
>
> currently I am implementing the "clients authenticate servers and servers
> authenticate clients" scheme by using net and jsse library.
> How can I implement the following by using httpclient ?
>
> public String getData(String targetURLString, String cookiename, String
> sessionid, String xmlData) {
> System.setProperty( "javax.net.ssl.trustStore", "abc.jks");
> System.setProperty( "javax.net.ssl.trustStorePassword",
> "blabla");
> System.setProperty( "javax.net.ssl.keyStore", "abc.jks");
> System.setProperty( "javax.net.ssl.keyStorePassword", "blabla");
> URL target = new URL( targetURLString);
> HttpURLConnection conn = (HttpURLConnection)
> target.openConnection();
> conn.setRequestMethod("POST");
> try {
> com.sun.net.ssl.HttpsURLConnection secureConnection =
> (com.sun.net.ssl.HttpsURLConnection) conn;
>
> secureConnection.setHostnameVerifier(getHostnameVerifier());
> } catch (ClassCastException e) {
> System.out.println( "Connection is not HTTPS or not
> provided by sun, cannot set
> HostnameVerifier");
> }
> conn.setRequestProperty("Cookie", cookiename + "=" + sessionid);
> conn.setUseCaches(false);
> conn.setDoOutput(true);
> conn.connect();
> BufferedWriter writer = new BufferedWriter(new
> OutputStreamWriter(conn.getOutputStream()));
> this.getRequestContent().writeContent(new PrintWriter(writer));
> writer.write( xmlData);
> writer.flush();
> writer.close();
> BufferedReader reader = new BufferedReader(new
> InputStreamReader(conn.getInputStream()));
> resultContentString = new StringBuffer();
> while ((text = reader.readLine()) != null) {
> resultContentString.append(text + "\n");
> }
> return resultContentString.toString();
> }
> ...
>
>
> I started implementing by looking at the examples but I don't know what to
> to if I recognize that the
> connection is a secure(SSL) connection.
>
> public String responseXMLDatagramm(String request) {
> String response = null;
> int status;
> try {
> URI uri = new URI(azrURI.toCharArray());
> String host = uri.getHost();
> int port = uri.getPort();
> Protocol protocol = Protocol.getProtocol(uri.getScheme());
> HttpConnection connection = new HttpConnection(host, port, protocol);
>
> if (connection.isSecure()) {
> --> // What to do here ?? <--
> }
>
> HttpState state = new HttpState();
> PostMethod post = new PostMethod(uri.toString());
> post.setRequestBody(request);
>
> status = post.execute(state, connection);
> response = post.getResponseBodyAsString();
>
>
>
> Regards
>
> Özkan