Http client API (original) (raw)
Xuelei Fan xuelei.fan at oracle.com
Wed Aug 8 05:10:27 PDT 2012
- Previous message: Http client API
- Next message: Http client API
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
From JDK 7, JSSE introduces a new hostname verifying approach. It is call "endpoint identification" in JSSE context. It can be used to replace the HostnameVerifier on SSLSession. A typical user case looks like:
implement a X509ExtendedTrustManager. It is required to check the endpoint identification in the following methods: checkClientTrusted(X509Certificate[], String, Socket) checkClientTrusted(X509Certificate[], String, SSLEngine) checkServerTrusted(X509Certificate[], String, Socket) checkServerTrusted(X509Certificate[], String, SSLEngine)
initialize a SSLParameters to enable the endpoint identification: sslParameter.setEndpointIdentificationAlgorithm("https");
set the SSLParameters to SSLSocket or SSLEngine, the instance of X509ExtendedTrustManager will check the endpoint (hostname) during handshaking.
Considering the java.net.httpclient.HttpsConfigurator, it is an implementation of HostnameVerifier. So it would support both HostnameVerifier and the above endpoint identification. I think as may be redundant if no compatibility concerns. I was wondering maybe it is OK to detach the HostnameVerifier interface and remove the verify() method.
Maybe, you have other concerns that the HttpsConfigurator.verify() method is really needed.
Thanks, Xuelei
On 8/8/2012 7:09 AM, Michael McMahon wrote:
Hi,
A new revision of the Http client API planned for jdk 8 can be viewed at the following link http://cr.openjdk.java.net/~michaelm/httpclient/v0.3/ We would like to review the api on this mailing list. So, all comments are welcome. Thanks Michael McMahon.
- Previous message: Http client API
- Next message: Http client API
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]