Re: How to set proxy information in httpClient object from browser

Thu, 20 Sep 2007 21:54:18 -0700 

thank you roland.. yes.. it works with the version 3.1 by registering the
protocol with the ID "http"..

I have one more question regarding the StrictSSLProtocolSocketFactory
implementation..  :)

in the implementation they say that you need to write this...

Protocol stricthttps = new Protocol( "https", new
StrictSSLProtocolSocketFactory(true), 443);
     HttpClient client = new HttpClient();
     client.getHostConfiguration().setHost("hostname", 443, stricthttps);

Now this Factory implementation stops the man in the middle attack... by
verifying the hostName... TRUE passed in its constructor..

But doesnt it mean that it should also call this classes' createSocket()
method??? because that method has the method verifyHostName() which should
be called so that hostname is verified???

By implementing the above code I see that the createSocket() method of
StrictSSLProtocolSocketFactory class doesnt get called.. why is that??? or i
m missing something here????

thanks again...

cheers,
nitya

On 9/19/07, Roland Weber <[EMAIL PROTECTED]> wrote:
>
> nitya vyas wrote:
> > i m using 2.0 but the code is same..
>
> No it's not. Upgrade! 2.0 has been unsupported for an eternity.
>
> > in 3.1 also i will have isSecure() and
> > isProxied() true.... because i want https and proxy server both...
>
> Yes.
>
> > So that
> > means that DefaultProtocolSocketFactory will get initialized and not the
> > other one..
>
> No it doesn't. Look at the code fragment I quoted:
>
> >>         if (isSecure() && isProxied()) {
> >>             Protocol defaultprotocol = Protocol.getProtocol("http");
> >>             socketFactory = defaultprotocol.getSocketFactory();
> >>         } else {
> >>             socketFactory = this.protocolInUse.getSocketFactory();
> >>         }
>
> The factory is obtained from a protocol, which is *registered*
> under the name "http". You can register _your_own_ protocol with
> that name, and then _your_ socket factory is used.
>
> Let me know when you have upgraded to 3.1.
> Until then, don't expect me to help you out.
>
> cheers,
>   Roland
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Reply via email to