olegk 2004/06/09 14:07:41 Modified: httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl Tag: HTTPCLIENT_2_0_BRANCH EasySSLProtocolSocketFactory.java EasyX509TrustManager.java StrictSSLProtocolSocketFactory.java Added: httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl Tag: HTTPCLIENT_2_0_BRANCH AuthSSLInitializationError.java AuthSSLProtocolSocketFactory.java AuthSSLX509TrustManager.java Log: Contribution of an SSL authenticating socket factory Contributed by Oleg Kalnichevski Reviewed by Michael Becke Revision Changes Path No revision No revision 1.2.2.2 +44 -25 jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java Index: EasySSLProtocolSocketFactory.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java,v retrieving revision 1.2.2.1 retrieving revision 1.2.2.2 diff -u -r1.2.2.1 -r1.2.2.2 --- EasySSLProtocolSocketFactory.java 22 Feb 2004 18:21:12 -0000 1.2.2.1 +++ EasySSLProtocolSocketFactory.java 9 Jun 2004 21:07:41 -0000 1.2.2.2 @@ -21,8 +21,6 @@ * information on the Apache Software Foundation, please see * <http://www.apache.org/>. * - * [Additional notices, if required by prior licensing conditions] - * */ package org.apache.commons.httpclient.contrib.ssl; @@ -31,15 +29,14 @@ import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; -import javax.net.ssl.SSLSocketFactory; - -import com.sun.net.ssl.SSLContext; -import com.sun.net.ssl.TrustManager; import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import com.sun.net.ssl.SSLContext; +import com.sun.net.ssl.TrustManager; + /** * <p> * EasySSLProtocolSocketFactory can be used to creats SSL [EMAIL PROTECTED] Socket}s @@ -51,12 +48,38 @@ * you are perfectly aware of security implications of accepting * self-signed certificates * </p> + * + * <p> + * Example of using custom protocol socket factory for a specific host: + * <pre> + * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443); + * + * HttpClient client = new HttpClient(); + * client.getHostConfiguration().setHost("localhost", 443, easyhttps); + * // use relative url only + * GetMethod httpget = new GetMethod("/"); + * client.executeMethod(httpget); + * </pre> + * </p> + * <p> + * Example of using custom protocol socket factory per default instead of the standard one: + * <pre> + * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443); + * Protocol.registerProtocol("https", easyhttps); + * + * HttpClient client = new HttpClient(); + * GetMethod httpget = new GetMethod("https://localhost/"); + * client.executeMethod(httpget); + * </pre> + * </p> * * @author <a href="mailto:[EMAIL PROTECTED]">Oleg Kalnichevski</a> * + * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate - * to be used without additional customization. + * for use without additional customization. + * </p> */ public class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory { @@ -64,38 +87,35 @@ /** Log object for this class. */ private static final Log LOG = LogFactory.getLog(EasySSLProtocolSocketFactory.class); + private SSLContext sslcontext = null; + /** * Constructor for EasySSLProtocolSocketFactory. - * - * Code sample: - * - * <blockquote> - * Protocol easyhttps = new Protocol( - * "https", new EasySSLProtocolSocketFactory(), 443); - * - * HttpClient client = new HttpClient(); - * client.getHostConfiguration().setHost("localhost", 443, easyhttps); - * </blockquote> */ public EasySSLProtocolSocketFactory() { super(); } - private static SSLSocketFactory getEasySSLSocketFactory() { - SSLContext context = null; + private static SSLContext createEasySSLContext() { try { - context = SSLContext.getInstance("SSL"); + SSLContext context = SSLContext.getInstance("SSL"); context.init( null, new TrustManager[] {new EasyX509TrustManager(null)}, null); + return context; } catch (Exception e) { LOG.error(e.getMessage(), e); throw new RuntimeException(e.toString()); } - return context.getSocketFactory(); } + private SSLContext getSSLContext() { + if (this.sslcontext == null) { + this.sslcontext = createEasySSLContext(); + } + return this.sslcontext; + } /** * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) @@ -107,13 +127,12 @@ int clientPort) throws IOException, UnknownHostException { - Socket socket = getEasySSLSocketFactory().createSocket( + return getSSLContext().getSocketFactory().createSocket( host, port, clientHost, clientPort ); - return socket; } /** @@ -121,7 +140,7 @@ */ public Socket createSocket(String host, int port) throws IOException, UnknownHostException { - return getEasySSLSocketFactory().createSocket( + return getSSLContext().getSocketFactory().createSocket( host, port ); @@ -136,7 +155,7 @@ int port, boolean autoClose) throws IOException, UnknownHostException { - return getEasySSLSocketFactory().createSocket( + return getSSLContext().getSocketFactory().createSocket( socket, host, port, 1.2.2.2 +3 -3 jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java Index: EasyX509TrustManager.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java,v retrieving revision 1.2.2.1 retrieving revision 1.2.2.2 diff -u -r1.2.2.1 -r1.2.2.2 --- EasyX509TrustManager.java 22 Feb 2004 18:21:12 -0000 1.2.2.1 +++ EasyX509TrustManager.java 9 Jun 2004 21:07:41 -0000 1.2.2.2 @@ -21,8 +21,6 @@ * information on the Apache Software Foundation, please see * <http://www.apache.org/>. * - * [Additional notices, if required by prior licensing conditions] - * */ package org.apache.commons.httpclient.contrib.ssl; @@ -54,9 +52,11 @@ * @author <a href="mailto:[EMAIL PROTECTED]">Adrian Sutton</a> * @author <a href="mailto:[EMAIL PROTECTED]">Oleg Kalnichevski</a> * + * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate - * to be used without additional customization. + * for use without additional customization. + * </p> */ public class EasyX509TrustManager implements X509TrustManager 1.1.2.2 +6 -6 jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java Index: StrictSSLProtocolSocketFactory.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- StrictSSLProtocolSocketFactory.java 22 Feb 2004 18:21:12 -0000 1.1.2.1 +++ StrictSSLProtocolSocketFactory.java 9 Jun 2004 21:07:41 -0000 1.1.2.2 @@ -69,11 +69,11 @@ * server certificates "Common Name" field of the "SubjectDN" entry. * * @author <a href="mailto:[EMAIL PROTECTED]">Sebastian Hauer</a> - * @version 1.0 - * + * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate - * to be used without additional customization. + * for use without additional customization. + * </p> */ public class StrictSSLProtocolSocketFactory implements SecureProtocolSocketFactory { No revision Index: StrictSSLProtocolSocketFactory.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- StrictSSLProtocolSocketFactory.java 22 Feb 2004 18:21:12 -0000 1.1.2.1 +++ StrictSSLProtocolSocketFactory.java 9 Jun 2004 21:07:41 -0000 1.1.2.2 @@ -69,11 +69,11 @@ * server certificates "Common Name" field of the "SubjectDN" entry. * * @author <a href="mailto:[EMAIL PROTECTED]">Sebastian Hauer</a> - * @version 1.0 - * + * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate - * to be used without additional customization. + * for use without additional customization. + * </p> */ public class StrictSSLProtocolSocketFactory implements SecureProtocolSocketFactory { No revision Index: StrictSSLProtocolSocketFactory.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.java,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- StrictSSLProtocolSocketFactory.java 22 Feb 2004 18:21:12 -0000 1.1.2.1 +++ StrictSSLProtocolSocketFactory.java 9 Jun 2004 21:07:41 -0000 1.1.2.2 @@ -69,11 +69,11 @@ * server certificates "Common Name" field of the "SubjectDN" entry. * * @author <a href="mailto:[EMAIL PROTECTED]">Sebastian Hauer</a> - * @version 1.0 - * + * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate - * to be used without additional customization. + * for use without additional customization. + * </p> */ public class StrictSSLProtocolSocketFactory implements SecureProtocolSocketFactory { 1.1.2.1 +65 -0 jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/Attic/AuthSSLInitializationError.java 1.1.2.1 +370 -0 jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/Attic/AuthSSLProtocolSocketFactory.java 1.1.2.1 +113 -0 jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/Attic/AuthSSLX509TrustManager.java
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]