Problems using AuthSSLProtocolSocketFactory to send Client Certificate in HTTPS session handshake

2004-09-25 Thread Dale McIntosh 
I have been trying for quite a wile to get the  AuthSSLProtocolSocketFactory
to send a client certificate and it  doesn't seem to be working. I am
wondering if the server (Oracle single sign-on server) is requesting the
client cert. When the request is made from a browser, the browser does send
the client cert. I have attached, my application, it is relatively simple
and a debug log.  The debug options I used were -
javax.net.debug=ssl,handshake,keymanager.
 
I have looked at the debug log and I do not see a certificate request.
However, when IE is used, IE sends a client certificate.

Any help would be appreciated.

Thanks,
Dale McIntosh
	/*
 * Created on Aug 26, 2004
 *
 * TODO To change the template for this generated file go to
 * Window - Preferences - Java - Code Style - Code Templates
 */
package testpackage
import java.io.*;
import java.net.*;
import org.apache.commons.httpclient.protocol.*;
import org.apache.commons.httpclient.*;
//import org.apache.commons.httpclient.auth.HttpAuthRealm;
import org.apache.commons.httpclient.methods.*;
import org.apache.commons.httpclient.contrib.ssl.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;



/**
 * @author dmcintosh
 *
 * TODO To change the template for this generated type comment go to
 * Window - Preferences - Java - Code Style - Code Templates
 */
public class LoadEventData {


private static final Log LOG = LogFactory.getLog(LoadEventData.class);
private String keyStorePath = ;
private String trustStorePath = ;
private String keyStorePassword = ;

	public LoadEventData(String targetURL, String path, int pauseInterval, String userName, String keyStorePath, String keyStorePassword) 
	{
	this(targetURL, path, pauseInterval, userName, keyStorePath, keyStorePath, keyStorePassword);
	}
	
	
	public LoadEventData(String targetURL, String path, int pauseInterval, String userName, String trustStorePath, String keyStorePath, String keyStorePassword) 
	{
	this.keyStorePath = keyStorePath;
	this.trustStorePath = trustStorePath != null ? trustStorePath : keyStorePath; 
	this.keyStorePassword = keyStorePassword;
	initSocket(targetURL, path, pauseInterval, userName);
	}
	
	public void initSocket(String targetURL, String path, int pauseInterval, String userName)
	{
	File dir = new File(path);
	if (dir.isDirectory())
	{
	do
	{
		File[] fileList = dir.listFiles();
		for (int i = 0; i  fileList.length; i++)
		{
		File evtFile = fileList[i];
		String evtFileName = evtFile.getName();
		if (evtFileName.toLowerCase().equals(quit.txt)) 
		{
		evtFile.delete();
		System.exit(0);
		}
		if (evtFileName.lastIndexOf(.xml) == evtFileName.length() - 4) 
		{
		if (loadEventDataFile(targetURL, userName, evtFile) = 0) System.out.println(File  + evtFileName +  sent to server); 
		else System.out.println(File  + evtFileName +  not processed - processing error);
		evtFile.delete();
		}
	else System.out.println(File  + evtFileName +  not processed - bad type);
		}
		try
		{
		if (pauseInterval  0) Thread.sleep(pauseInterval * 1000);
		}
		catch (InterruptedException e) {};
	} while (pauseInterval = 0);
	}
	}
	
	public int loadEventDataFile(String targetURL, String userName, File evtFile) 
	{
	HttpConnection connection = null;
	HttpConnectionManager connectionManager = new SimpleHttpConnectionManager();
	int status = 0;
	try
	{
	LOG.debug(Here is a logging test);
		String finalURL = targetURL + ?user= + userName;
		MultipartPostMethod filePost = new MultipartPostMethod(finalURL);
		filePost.addParameter(event, evtFile);
		HttpClient client = new HttpClient();
	URL url = new URL(targetURL);
	HttpState state = new HttpState();
	String host = url.getHost();
	int port = url.getPort();
	System.out.println(Host =  + host + ,  + , Port =  + port );
		if (targetURL.trim().indexOf(https://;) == 0)
		{
		port = 443;
		Protocol authhttps = new Protocol(https, 
		(ProtocolSocketFactory) new AuthSSLProtocolSocketFactory(
		new URL(file: + keyStorePath), keyStorePassword, 
		new URL(file: + trustStorePath), keyStorePassword), 443);
		Protocol.registerProtocol(https, authhttps);
		client.getHostConfiguration().setHost(host, port, authhttps);
			GetMethod fileGet = new GetMethod(finalURL);
		status = client.executeMethod(fileGet);
			String responseString = fileGet.getResponseBodyAsString();
			if (responseString != null  responseString.length()  0) System.out.println(Response String :  +

Re: Problems using AuthSSLProtocolSocketFactory to send Client Certificate in HTTPS session handshake

2004-09-25 Thread Dale McIntosh 
Sorry the log didn't get attached

Dale
- Original Message - 
From: Dale McIntosh [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, September 25, 2004 1:26 PM
Subject: Problems using AuthSSLProtocolSocketFactory to send Client
Certificate in HTTPS session handshake


 I have been trying for quite a wile to get the
AuthSSLProtocolSocketFactory
 to send a client certificate and it  doesn't seem to be working. I am
 wondering if the server (Oracle single sign-on server) is requesting the
 client cert. When the request is made from a browser, the browser does
send
 the client cert. I have attached, my application, it is relatively simple
 and a debug log.  The debug options I used were -
 javax.net.debug=ssl,handshake,keymanager.

 I have looked at the debug log and I do not see a certificate request.
 However, when IE is used, IE sends a client certificate.

 Any help would be appreciated.

 Thanks,
 Dale McIntosh







 -
 To unsubscribe, e-mail:
[EMAIL PROTECTED]
 For additional commands, e-mail:
[EMAIL PROTECTED]

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Problems using AuthSSLProtocolSocketFactory to send Client Certificate in HTTPS session handshake

2004-09-25 Thread Oleg Kalnichevski 
Dale,
Do you know if the client authentication has been configured as required
or optional? Does the server reject the connection when attempt is made
to authenticate with an invalid certificate? The fact that IE pops up
the certificate dialog does not not actually mean that the server
validates the certificate or requests a client certificate at all. I
tend to trust more the SSL log showing that the server did not request a
client certificate.

I retested the AuthSSLProtocolSocketFactory against Apache 2.0.51 with
mod_ssl one more time and everything appeared to be OK. 

Oleg



On Sat, 2004-09-25 at 22:26, Dale McIntosh wrote:
 I have been trying for quite a wile to get the  AuthSSLProtocolSocketFactory
 to send a client certificate and it  doesn't seem to be working. I am
 wondering if the server (Oracle single sign-on server) is requesting the
 client cert. When the request is made from a browser, the browser does send
 the client cert. I have attached, my application, it is relatively simple
 and a debug log.  The debug options I used were -
 javax.net.debug=ssl,handshake,keymanager.
  
 I have looked at the debug log and I do not see a certificate request.
 However, when IE is used, IE sends a client certificate.
 
 Any help would be appreciated.
 
 Thanks,
 Dale McIntosh
 
 __
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]