BayeuxClient support for SSL

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 7.0.0.pre5, 6.1.14
Fix Version/s: None
Component/s: Bayeux, Client
Labels:
None

Number of attachments :
0

Description

The BayeuxClient class does not support SSL (HTTPS) connections. Greg W. commented that one could extend the customize(HttpExchange exchange) method to properly configure the HTTPS protocol, but that gets into an area I'm not terribly familiar with. Presumably, the correct headers need to be set, the proper handshaking done, as well as (of course) encoding of the request envelope.

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Shahak Nagiel added a comment - 04/Feb/09 12:18 PM

After wrestling with this issue for the last day, I finally got things to work. First, there's no need to modify the customize() method--The SslSelectChannelConnector automatically takes care of all those details.

The key was to properly configure the HttpClient instance, passing in the correct values for the keystore and truststore.

There is, however, a problem of hidden access to certain fields in both HttpClient (e.g. _keyStoreType) and BayeuxClient (which hard-codes non-SSL access). These two classes should offer setters (or constructor-time parameters) for modifying ALL relevant security implementations to work properly.

Show

Shahak Nagiel added a comment - 04/Feb/09 12:18 PM After wrestling with this issue for the last day, I finally got things to work. First, there's no need to modify the customize() method--The SslSelectChannelConnector automatically takes care of all those details. The key was to properly configure the HttpClient instance, passing in the correct values for the keystore and truststore. There is, however, a problem of hidden access to certain fields in both HttpClient (e.g. _keyStoreType) and BayeuxClient (which hard-codes non-SSL access). These two classes should offer setters (or constructor-time parameters) for modifying ALL relevant security implementations to work properly.

Simone Bordet made changes - 09/Feb/09 5:43 AM

Field	Original Value	New Value
Assignee		Simone Bordet [ sbordet ]

Simone Bordet made changes - 09/Feb/09 5:43 AM

Status

Open [ 1 ]

In Progress [ 3 ]

Jesse McConnell made changes - 20/Sep/11 3:02 PM

Original Estimate		0 minutes [ 0 ]
Remaining Estimate		0 minutes [ 0 ]

Hide

Permalink

Jesse McConnell added a comment - 20/Sep/11 3:02 PM

fixed long ago as part of cometd project I believe

Show

Jesse McConnell added a comment - 20/Sep/11 3:02 PM fixed long ago as part of cometd project I believe

Jesse McConnell made changes - 20/Sep/11 3:02 PM

Status	In Progress [ 3 ]	Closed [ 6 ]
Resolution		Fixed [ 1 ]

People

Assignee:

Simone Bordet

Reporter:

Shahak Nagiel

Vote (0)

Watch (1)

Dates

Created:

03/Feb/09 2:11 PM

Updated:

20/Sep/11 3:02 PM

Resolved:

20/Sep/11 3:02 PM