I finally got the chance to test my theory and it works with JSSE1.0.2. I added the
following
to HttpConnection (sorry, I'm working on Windows today and don't have a diff tool
handy):
/**
* Return my alternative SSLSocketFactory.
* @return my alternative SSLSocketFactory.
*/
public SSLSocketFactory getSSLSocketFactory() {
return _SSLSocketFactory;
}
/**
* Set the alternative SSLSocketFactory.
* @param factory alternative SSLSocketFactory.
*/
public void setSSLSocketFactory(SSLSocketFactory factory) {
_SSLSocketFactory = factory;
}
...
/**
* Open this connection to the current host and port
* (via a proxy if so configured).
*/
public void open() throws IOException {
log.debug("HttpConnection.open()");
assertNotOpen(); // ??? is this worth doing?
try {
if (null == _socket) {
String host = (null == _proxyHost) ? _host : _proxyHost;
int port = (null == _proxyHost) ? _port : _proxyPort;
if (_ssl) {
//_socket = SSLSocketFactory.getDefault().createSocket(host,port);
if (_SSLSocketFactory != null) {
_socket = _SSLSocketFactory.createSocket(host,port);
} else {
_socket =
SSLSocketFactory.getDefault().createSocket(host,port);
}
} else {
_socket = new Socket(host,port);
}
}
_input = _socket.getInputStream();
_output = _socket.getOutputStream();
_open = true;
} catch (IOException e) {
// Connection wasn't opened properly
// so close everything out
closeSocketAndStreams();
throw e;
}
}
...
/** My alternative SSLSocketFactory. */
private SSLSocketFactory _SSLSocketFactory = null;
I'm using the SSLTunnelSocketFactory code from the JDC Forum link I mentioned
previously. It
works fine with both squid (http://www.squid-cache.org/) and muffin
(http://muffin.doit.org/)
proxy servers.
Bill
Bill Cutshall wrote:
> dIon,
>
> Thanks for the response. Let me at least partially answer my own question #2.
>
> 2. HttpClient does, in fact, support proxying (with a few caveats). You get
> SOCKS support for free by setting the system properties socks.proxyHost and
> socks.proxyPort and NOT setting the proxyHost and proxyPort in HttpConnection.
> Non-SOCKS proxying works for HTTP but not HTTPS. Ari Luotonen outlines the
> reasons why in his draft document "Tunneling TCP based protocols through Web
> proxy servers" at
>
>http://www.web-cache.com/Writings/Internet-Drafts/draft-luotonen-web-proxy-tunneling-01.txt.
> So, it is necessary to "tunnel" through the proxy server. Pua Yeow Cheong had an
> "Tips 'N Tricks" article in JavaWorld
> (http://www.javaworld.com/javaworld/javatips/jw-javatip111_p.html) that covers
> this as does the following post in Sun's Java Developer Connection -
> http://forum.java.sun.com/thread.jsp?forum=2&thread=172538. It seems like it
> should be possible to add getter/setter methods to HttpConnection for a property
> that specifies an alternative SSLSocketFactory. I haven't had the time to try it
> yet.
>
> dIon Gillard wrote:
>
> > Bill Cutshall wrote:
> >
> > >I just discovered Http Client about a week ago. It's just what I need
> > >for a project that I'm working on. I have a few questions, though:
> > >
> > >1. In message
> > >http://www.mail-archive.com/commons-dev@jakarta.apache.org/msg03518.html
> > >Rodney intimates that that Http Client is close to being a 2.0 release.
> > >How close is it to being officially released?
> > >
> > As close as Rodney, or another committer coming up with a release plan.
> >
> > >2. Does Http Client support SOCKS proxies? Which of the system
> > >properties (e.g., socks.proxyHost, socks.proxyPort) do I need to set for
> > >both SOCKS and non-SOCKS proxies?
> > >
> > Don't know for sure....can check if you don't want to scour the source.
> >
> > >3. Part of my application needs to download binary files. I currently
> > >do it in a loop "read"ing bytes from a BufferedInputStream chained to a
> > >URLConnection's InputStream. I tried a similar approach with
> > >HttpConnection's ResponseInputStream but the BufferedInputStream returns
> > >eof (-1) on the first read. PostMethod.getResponseBody seems to work
> > >fine but was slower than my current implementation. Can anyone give me
> > >a good approach for binary file download?
> > >
> > I can't help on this one....anyone else?
> >
> > >
> > >Thanks,
> > >
> > >Bill Cutshall
> > >Carnegie Technology Education
> > >[EMAIL PROTECTED]
> > >
> > --
> > dIon Gillard, Multitask Consulting
> > http://adslgateway.multitask.com.au/developers
> >
> > --
> > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
