Hello All,
I know that there used to be (in tomcat 4) a way to replace the SSLServerSocketFactory that got used to create the listener. I'm using 5.5 and want to put in a custom socket factory with a custom TrustManager that uses external configuration to make client authentication decisions. We're using tomcat embedded (writing code around the org.apache.catalina.startup.Embedded class) to try and setup the server. I looked at the Catalina source code and found in Http11BaseProtocol.java: private void checkSocketFactory() throws Exception { if (secure) { try { // The SSL setup code has been moved into // SSLImplementation since SocketFactory doesn't // provide a wide enough interface sslImplementation = SSLImplementation.getInstance(sslImplementationName); socketFactory = sslImplementation.getServerSocketFactory(); ep.setServerSocketFactory(socketFactory); } catch (ClassNotFoundException e){ throw e; } } else if (socketFactoryName != null) { try { socketFactory = string2SocketFactory(socketFactoryName); ep.setServerSocketFactory(socketFactory); } catch(Exception sfex) { throw sfex; } } } Which leads me to believe that directly overriding the factory is no longer doable (also noticing that the <Factory> element is gone from the XML server configuration file. Does anyone know a way to provide a custom SSL implementation in 5.5 without rebuilding / rewriting the actual Catalina code? TIA, Alan