[
https://issues.apache.org/jira/browse/HTTPCORE-55?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Asankha C. Perera reopened HTTPCORE-55:
---------------------------------------
Hi Oleg
Sorry for discovering an issue with this code again. The SSLSession may not be
established after a call to the doHandshake() method of the SSLIOSession to
perform hostname verification.
However, the good news is we could move that code to within the doHandshake()
method, and check on the result of the wrap/unwrap to find out if the handshake
completed just then - and perform verification.
(http://java.sun.com/j2se/1.5.0/docs/api/javax/net/ssl/SSLEngineResult.HandshakeStatus.html#FINISHED)
I have attached the fix for it herewith
thanks
asankha
> Ability to Request for Client Authentication when using NIO SSL in server mode
> ------------------------------------------------------------------------------
>
> Key: HTTPCORE-55
> URL: https://issues.apache.org/jira/browse/HTTPCORE-55
> Project: HttpComponents Core
> Issue Type: Bug
> Components: HttpCore NIO
> Reporter: Asankha C. Perera
> Assigned To: Oleg Kalnichevski
> Priority: Critical
> Fix For: 4.0-alpha4
>
> Attachments: 20070311-niosslinit.patch, includehostname.patch
>
>
> It would be great if the SSLIOSession.initialize() could expect to know if
> client authentication is wanted, required or not-wanted through a parameter
> passed in, when operating in the server mode to configure the underlying
> SSLEngine.
> This maybe something like the Apache SSLClientAuth directive that could be
> set into the HttpParams as none/required/optional, and passed in by the
> SSLServerIOEventDispatch
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
