Hi, Here is the stuff I promised. It is not compeletely finished, but I thought you'd better receive this working version as soon as possible, otherwise Axis code might change quite a lot. So this is a modified HTTPSender, which supports some Digest authentication. More SSL customization is in progress, I'll send you as soon as I can, next week. There are some constant values in the class, marked with capital letters, and all beginning with "X_". Those should be inculded in HTTPConstants. Every addition made by me is inculded in a
/**
* @todo something
*/
...
//<-------------
tag. This way I could find my modifications easily in JBuilder. :)
BTW, this code was made upon nightly build 2002-06-20. Next
week I'll adapt to the latest nightly.
Br, Geza
P.S. This time the class doesn't include extra imports. :)
>
> Great! Looking forward to your participation.
>
> About participation and CVS access, please read the following:
> http://xml.apache.org/overview.html
> http://jakarta.apache.org/site/roles.html
>
> Thanks,
> dims
>
> --- [EMAIL PROTECTED] wrote:
> > > It will be AWESOME if you could update HTTPSender with all
> > > the other modifications that you need
> > > WITHOUT using any proprietary dependencies. Otherwise it is
> > > of no use to anyone.
> >
> > Okkay. That's what I thought. I just wanted to know if it worth the
> > trouble to do the modifications. If nobody uses it, it's
> useless, right ?
> >
> > > About the sources, The easiest for you would be to pick up a
> > > nightly drop from http://xml.apache.org/dist/axis/nightly.
> >
> > Very well. Is there any way to access the CVS ? Maybe I'll have some
> > time to maintain this part of Axis in the future.
> >
> > Anyway, I'll do the modifications and send you the file again
> > hopefully this week. Bye ! Geza
> >
> >
> > >
> > > Thanks,
> > > dims
> > >
> > > --- [EMAIL PROTECTED] wrote:
> > > > Hi !
> > > >
> > > > > Are the following class available for download? under what
> > > > > license? Hope it's not a joke :)
> > > >
> > > > It's definitely not a joke. :) Sorry for sending in such a code
> > > > fragment. Those classes are not available, of course I can send
> > > > you, but they won't be very useful for you. Those were needed in
> > > > my project, but they should not be included in HTTPSender.
> > > > The code I sent you in this form cannot be inculded in Axis,
> > > > it needs some minor modification, like moving that bag
> property in
> > > > some other place (still in the bag).
> > > >
> > > > I just wanted to know if somebody is interested in this. If so,
> > > > that I can make those "cosmetic" adjustments.
> > > >
> > > > At this time maybe the digest creation part can be extracted.
> > > >
> > > > If you tell me to do it, than I'll rewrite the whole thing in
> > > > a way that it can replace the HTTPSender class totally.
> I'll just
> > > > fetch the latest nightly build and insert the digest creation.
> > > > Of course some new properties would be needed in the bag, like
> > > > the authentication method (Basic/Digest).
> > > > What do you think ?
> > > > Br, Geza
> > > >
> > > >
> > > > P.S. I still have some troubles accessing the CVS, I'm behind
> > > > a corporate firewall. :( Any tips ?
> > > >
> > > >
> > > > >
> > > > > > import com.nokia.joker.sack.Constants;
> > > > > > import com.nokia.joker.sack.SADBIf;
> > > > > > import com.nokia.joker.main.Main;
> > > > >
> > > > > Thanks,
> > > > > dims
> > > > >
> > > > >
> > > > > --- [EMAIL PROTECTED] wrote:
> > > > > > Hi,
> > > > > >
> > > > > > I attached a class, HTTPTransportHandler which is
> an upgraded
> > > > > > version of HTTPSender. I included HTTP Digest
> > > authentication in the > > > code. The SSL socket creation was
> > > also changed a bit, but this is
> > > > > > a special case: I wanted to support choosing a client
> > > certificate
> > > > > > based on alias. Let's say it is a hack for a special case.
> > > > > > I'm using some own properties which I insert in the
> > > bag, but these
> > > > > > can be changed easily if needed in Axis. Also constants can
> > > > > be moved
> > > > > > in HTTPConstants.
> > > > > > Please somebody, who knows more about security and
> > > HTTP, look at
> > > > > > this contribution and feel free to insert it (and upgrade
> > > > > it) into HTTPSender.
> > > > > > If there is a need, I can do some more
> modifications myself to
> > > > > > the code to make it more suitable. I would be glad to
> > > maintain this
> > > > > > class in the CVS also, but I don't know how can I
> gain access to
> > > > > > the code repository.
> > > > > >
> > > > > > Regards, and good work, Geza
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: ext [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > > > > > Sent: 07. June 2002 21:20
> > > > > > To: Szocs Geza (NMP/Budapest); [EMAIL PROTECTED]
> > > > > > Subject: Re: code contribution
> > > > > >
> > > > > >
> > > > > > I myself have no opinion about Digest authentication, but
> > > > > if you want to contribute code, then
> > > > > > axis-dev is the better place to post it than axis-user.
> > > > > Perhaps if you post something, someone
> > > > > > who knows more about security (dims?) will find the time to
> > > > > look at your contribution.
> > > > > >
> > > > > > Russell Butek
> > > > > > [EMAIL PROTECTED]
> > > > > >
> > > > > >
> > > > > > Please respond to [EMAIL PROTECTED]
> > > > > > To: <[EMAIL PROTECTED]>
> > > > > > cc:
> > > > > > Subject: code contribution
> > > > > >
> > > > > >
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > This is not a question about Axis.
> > > > > > I wrote several mails to the user list, but no reaction.
> > > > > > So I thought I'll give it a shot on this list also.
> > > > > > My mail is mainly about Digest authentication in
> > > > > > HTTPSender class. I was playing around with this issue,
> > > > > > because my project need both Basic and Digest
> authentication.
> > > > > > So I "upgraded" HTTSender to support both authentication
> > > > > > methods. It seems to work, but for now it only support MD5,
> > > > > > and has a few more restrictions.
> > > > > > I also played with SSL and client certificates. What I
> > > > > > did is to enable the code to let the user choose
> the certificate
> > > > > > to be sent based on alias. I don't know if this is useful
> > > > > > or not, it is a stupid thing to have several
> certificates, but
> > > > > > this was also a requirement from me. So I hacked
> this one too.
> > > > > > Anyway I thought I'll ask you if Axis developer group is
> > > > > > interested about these issues. I'd be most happy to
> contribute
> > > > > > to Axis. In this case I'll try to make HTTPSender ever more
> > > > > > clever and maybe support other (digest) algorithms too.
> > > > > >
> > > > > > So, what do you think ? Is Digest authentication
> planned into
> > > > > > Axis ?
> > > > > >
> > > > > > Regards, Geza
> > > > > >
> > > > > >
> > > > > >
> ________________________________________________________________
> > > > > > Szôcs Géza
> > > > > > Software Engineer - Nokia Hungary / NMP
> > > > > > Tel: +36-20-9849623, Email: [EMAIL PROTECTED]
> > > > > >
> > > > >
> > > > > > ATTACHMENT part 2 application/octet-stream
> > > > > name=HTTPTransportHandler.java
> > > > >
> > > > >
> > > > >
> > > > > =====
> > > > > Davanum Srinivas - http://xml.apache.org/~dims/
> > > > >
> > > > > __________________________________________________
> > > > > Do You Yahoo!?
> > > > > Yahoo! - Official partner of 2002 FIFA World Cup
> > > > > http://fifaworldcup.yahoo.com
> > > > >
> > >
> > >
> > > =====
> > > Davanum Srinivas - http://xml.apache.org/~dims/
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! - Official partner of 2002 FIFA World Cup
> > > http://fifaworldcup.yahoo.com
> > >
>
>
> =====
> Davanum Srinivas - http://xml.apache.org/~dims/
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
>
HTTPSender.java
Description: HTTPSender.java
