-- Weinan Li
On Wednesday, September 4, 2013 at 3:16 AM, Mukul Panwar wrote: > Hi Wenian > > I also tried now the similar approach by using a Http apache client library > whic is handling some internally and reusing the handshake. > > But I want to user resteasy client library only and some how i want to reuse > that Ssl handshake. > > Plz suggest something about resteasy api to handle it . Hi Mukul, I haven't looked into details of the JAX-RS 2.0 Client API . I'll do some research and give you my findings soon. > > Thanks > Mukul > > > > On Sep 3, 2013, at 6:44 PM, "Weinan Li" <l.wei...@gmail.com > (mailto:l.wei...@gmail.com)> wrote: > > > > > > > -- > > Weinan Li > > > > > > On Tuesday, September 3, 2013 at 2:42 PM, Mukul Panwar wrote: > > > > > > > > Hi > > > > > > Sorry for late reply, I am using JBoss AS provided SSL connector and my > > > configuration as: > > > > > > <connector name="https" protocol="HTTP/1.1" scheme="https" > > > socket-binding="https" secure="true"> > > > <ssl name="ssl" key-alias="jbosskey" password="changeit" > > > certificate-key-file="D:/Software/server/jboss-as-7.1.1.Final/standalone/configuration/server.keystore" > > > verify-client="want" > > > ca-certificate-file="D:/Software/server/jboss-as-7.1.1.Final/standalone/configuration/server.keystore"/> > > > > > > > > > > Server side config looks fine. > > > </connector> and when I am calling from client code look like as: > > > > > > void initializedCredential(){ > > > > > > System.setProperty("javax.net.ssl.trustStore", "D:/temp/client.jks"); > > > System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); > > > // keystore has the certificates presented to the server when a server > > > // requests one to authenticate this application to the server > > > System.setProperty("javax.net.ssl.keyStore", "D:/temp/client.jks"); > > > System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); > > > } > > > > > > > > > > I believe the problem is that you haven't stored the SSLContext in client > > so that it creates a new one(with SSL handshake) each time. > > > > Here are some codes that I have used before that holding the context in > > client side: > > > > private Socket clientWithCert() throws Exception { > > SSLContext context = SSLContext.getInstance("TLS"); > > KeyStore ks = KeyStore.getInstance("jceks"); > > > > ks.load(new FileInputStream(CLIENT_KEY_STORE), null); > > KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509"); > > kf.init(ks, CLIENT_KEY_STORE_PASSWORD.toCharArray()); > > context.init(kf.getKeyManagers(), null, null); > > > > SocketFactory factory = context.getSocketFactory(); > > Socket s = factory.createSocket("localhost", 8443); > > return s; > > } > > > > With above method you have to use Socket intend of RESTEasy client api. If > > you reuse the context then you don't have to do a new SSL handshake with > > Server each time. > > > > I haven't looked into JAX-RS 2.0 Client API throughly so I'm not sure how > > it could be setup to use SSL. I'll do more research on it and give you > > feedback soon. > > > > > public <T> Object post (String url, Map obj, Class<T> class1) > > > {initializedCredential(); > > > url = webServiceUrlUtil.getSearchClaimantURL() + url; > > > clientRequest = new ClientRequest(url); > > > ClientResponse<T> res = null; > > > try { > > > res = clientRequest.post(class1); > > > if (res == null) { > > > return null; > > > } > > > if (res != null && res.getStatus() != 200) { > > > logger.debug("GET Response not getting correct , Status Code: " > > > + res.getStatus()); > > > throw new RuntimeException("Failed : HTTP Webservice error : " > > > + res.serverError()); > > > } > > > > > > } catch (Exception e) { > > > // TODO Auto-generated catch block > > > e.printStackTrace(); > > > } > > > return res.getEntity(); > > > } > > > > > > Thanks > > > Mukul > > > > > > -----Original Message----- > > > From: Weinan Li [mailto:l.wei...@gmail.com] > > > Sent: Friday, August 30, 2013 8:12 AM > > > To: Mukul Panwar > > > Cc: Bill Burke; resteasy-users@lists.sourceforge.net > > > (mailto:resteasy-users@lists.sourceforge.net) > > > Subject: Re: [Resteasy-users] Fwd: Regarding Ssl handshake during > > > certificate authentication on jboss > > > > > > > > > > > > -- > > > Weinan Li > > > > > > > > > On Friday, August 30, 2013 at 12:20 AM, Mukul Panwar wrote: > > > > > > > Hi Bill > > > > > > > > I also tried successfully to implement certificate authentication but > > > > SsL handshake doing every time of request. Which should reuse the first > > > > handshake session. Please suggest about it. > > > > > > Hi Mukul, are you using the RESTEasy provided security solution (like > > > skeleton and resteasy-crypto) or JBoss AS provided SSL connector? > > > > > > If you are using the SSL connection provided by JBoss AS, it could be a > > > configuration problem. Could you please provide the configs you've used > > > so that I could check it for you? > > > > > > > > Thanks > > > > Mukul > > > > > > > > On Aug 29, 2013, at 7:11 PM, "Bill Burke" <bbu...@redhat.com > > > > (mailto:bbu...@redhat.com)> wrote: > > > > > > > > > I have used certs successfully before. > > > > > > > > > > On 8/29/2013 9:31 AM, Mukul Panwar wrote: > > > > > > > > > > > > > > > > > > Sent from my iPhone > > > > > > > > > > > > Begin forwarded message: > > > > > > > > > > > > > *From:* <muku...@hcl.com <mailto:muku...@hcl.com>> > > > > > > > *Date:* August 29, 2013, 7:00:06 AM GMT+05:30 > > > > > > > *To:* Bill Burke <bbu...@redhat.com <mailto:bbu...@redhat.com>> > > > > > > > *Cc:* <resteasy-users@lists.sourceforge.net > > > > > > > (mailto:resteasy-users@lists.sourceforge.net) > > > > > > > <mailto:resteasy-users@lists.sourceforge.net>> > > > > > > > *Subject:* *Regarding Ssl handshake during certificate > > > > > > > authentication > > > > > > > on jboss* > > > > > > > > > > > > > > Hi Bill > > > > > > > > > > > > > > I have a resteasy client and doing post request . I also set the > > > > > > > keystore as trusted and cert key entries before sending the > > > > > > > request. > > > > > > > > > > > > > > The server also having import the client key in their keystore > > > > > > > certificate. > > > > > > > > > > > > > > Means we are doing Two way mutual certificate authentication . > > > > > > > > > > > > > > The client and server doing handshake successfully . But for each > > > > > > > request there is a new handshake where as they should use the > > > > > > > session > > > > > > > of first Ssl handshake. Please suggest about or give any > > > > > > > reference for > > > > > > > this. > > > > > > > > > > > > > > Thanks > > > > > > > Mukul > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ::DISCLAIMER:: > > > > > > ---------------------------------------------------------------------------------------------------------------------------------------------------- > > > > > > > > > > > > The contents of this e-mail and any attachment(s) are confidential > > > > > > and > > > > > > intended for the named recipient(s) only. > > > > > > E-mail transmission is not guaranteed to be secure or error-free as > > > > > > information could be intercepted, corrupted, > > > > > > lost, destroyed, arrive late or incomplete, or may contain viruses > > > > > > in > > > > > > transmission. The e mail and its contents > > > > > > (with or without referred errors) shall therefore not attach any > > > > > > liability on the originator or HCL or its affiliates. > > > > > > Views or opinions, if any, presented in this email are solely those > > > > > > of > > > > > > the author and may not necessarily reflect the > > > > > > views or opinions of HCL or its affiliates. Any form of > > > > > > reproduction, > > > > > > dissemination, copying, disclosure, modification, > > > > > > distribution and / or publication of this message without the prior > > > > > > written consent of authorized representative of > > > > > > HCL is strictly prohibited. If you have received this email in error > > > > > > please delete it and notify the sender immediately. > > > > > > Before opening any email and/or attachments, please check them for > > > > > > viruses and other defects. > > > > > > > > > > > > ---------------------------------------------------------------------------------------------------------------------------------------------------- > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, > > > > > > more! > > > > > > Discover the easy way to master current and previous Microsoft > > > > > > technologies > > > > > > and advance your career. Get an incredible 1,500+ hours of > > > > > > step-by-step > > > > > > tutorial videos with LearnDevNow. Subscribe today and save! > > > > > > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > Resteasy-users mailing list > > > > > > Resteasy-users@lists.sourceforge.net > > > > > > (mailto:Resteasy-users@lists.sourceforge.net) > > > > > > https://lists.sourceforge.net/lists/listinfo/resteasy-users > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Bill Burke > > > > > JBoss, a division of Red Hat > > > > > http://bill.burkecentral.com > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > > > > > Discover the easy way to master current and previous Microsoft > > > > > technologies > > > > > and advance your career. Get an incredible 1,500+ hours of > > > > > step-by-step > > > > > tutorial videos with LearnDevNow. Subscribe today and save! > > > > > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > > > > > _______________________________________________ > > > > > Resteasy-users mailing list > > > > > Resteasy-users@lists.sourceforge.net > > > > > (mailto:Resteasy-users@lists.sourceforge.net) > > > > > https://lists.sourceforge.net/lists/listinfo/resteasy-users > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > > > > Discover the easy way to master current and previous Microsoft > > > > technologies > > > > and advance your career. Get an incredible 1,500+ hours of step-by-step > > > > tutorial videos with LearnDevNow. Subscribe today and save! > > > > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > > > > _______________________________________________ > > > > Resteasy-users mailing list > > > > Resteasy-users@lists.sourceforge.net > > > > (mailto:Resteasy-users@lists.sourceforge.net) > > > > https://lists.sourceforge.net/lists/listinfo/resteasy-users > > > > > > ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk _______________________________________________ Resteasy-users mailing list Resteasy-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/resteasy-users
