> Hi > > I have a client side application where different plugins can create > SSL connections independently of each other. > > The problem is that our new security infrastructure identifies clients > upon the SSL session ID. > Thus, multiple plugins with own connections on the client side > will have to login multiple times. However, we want to have > Single-Sign-On, so all SSL connections > from one client will have to share the SSL Session. > > Therefore I used a own MySSLSocketFactory which creates SSL Sockets on > a given SSLContext instance. > I test my app by using HttpsUrlConnection clients and axis web service > clients. To pass my own MySSLSocketFactory > to axis, I had to implement a own MyAxisSocketFactory extending > org.apache.axis.componentsJSSESocketFactory. > Now I faced the problem that the create method in the Axis Factory > created a SSL Socket bound to the hostname of my > authentication server, and the Https with MySSLSocketFactory bound to > the IP Address - the session coulnd't be shared... > It seems in my Axis Factory I got the host passed as hostname rather > that as IP Address. > > Wouldn't it be better if Axis used the SSLFactory from the Java > distribution (javax.net.ssl?) than having to provide a own one? > That would be more straightforward to use and simpler to adapt. > > Or is there anything I can do which I missed? Did I do something > wrong? > > Every hint appreciated, thank you very much. > > > Best Regards > > Fabio Barone > IT Architect > > Die Schweizerische Post > PostFinance > PF56-21 > Engehaldenstrasse 39 > 3030 Bern > > Phone: 031 338 11 85 > Email: [EMAIL PROTECTED] > Internet: www.postfinance.ch > > > >
