olegk 2004/12/13 13:52:47 Modified: httpclient/xdocs Tag: HTTPCLIENT_2_0_BRANCH sslguide.xml Log: * AuthSSLProtocolSocketFactory description * "Known limitations and problems" section amended Revision Changes Path No revision No revision 1.2.2.4 +9 -3 jakarta-commons/httpclient/xdocs/sslguide.xml Index: sslguide.xml =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/xdocs/sslguide.xml,v retrieving revision 1.2.2.3 retrieving revision 1.2.2.4 diff -u -r1.2.2.3 -r1.2.2.4 --- sslguide.xml 11 May 2004 21:46:38 -0000 1.2.2.3 +++ sslguide.xml 13 Dec 2004 21:52:47 -0000 1.2.2.4 @@ -183,6 +183,11 @@ <a href="http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH"> StrictSSLProtocolSocketFactory</a> can be used to create SSL connections that can optionally perform host name verification in order to help preventing man-in-the-middle type of attacks. </li> + <li> + <a href="http://cvs.apache.org/viewcvs.cgi/jakarta-commons/httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/?only_with_tag=HTTPCLIENT_2_0_BRANCH"> + AuthSSLProtocolSocketFactory</a> can be used to optionally enforce mutual client/server authentication. This is the most flexible + implementation of a protocol socket factory. It allows for customization of most, if not all, aspects of the SSL authentication. + </li> </ul> @@ -273,8 +278,9 @@ "Socket closed" exception). </p> <p> - <strong>Solution:</strong> Make sure that you have all the latest fix packs applied. HttpClient users - have reported that IBM Websphere Application Server versions 4.0.6, 5.0.2.2, 5.1 do not exhibit the problem. + <strong>Solution:</strong> Make sure that you have all the latest Websphere fix packs applied and IBMJSSE + is at least version 1.0.3. HttpClient users have reported that IBM Websphere Application Server versions + 4.0.6, 5.0.2.2, 5.1.0 and above do not exhibit this problem. </p> </li> </ol>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]