Hi Oleg, your solution is perfect. It works. Thank you very much.
Mit freundlichen Gr��en / Kind regards Sascha > -----Urspr�ngliche Nachricht----- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 30. August 2004 15:09 > An: Jakarta Commons Users List > Betreff: RE: AW: [httpClient] ClassLoader problem > > > Sascha, > > I have never worked with IS, so I am not a position to > comment on the classloader > problem you have been experiencing > > As to IAIK SSL stuff, I do use IAIK proprietary framework > directly bypassing > the JSSE compatibility layer altogether. As far as I am > concerned I find > this well justified as the SecureProtocolSocketFactory > already provides an > abstraction layer which keeps my protocol code decoupled from > the underlying > transport code. > > Basically all it takes is something like that (Please note > this code is NOT > compileable. It is intended to demonstrate the basic use > pattern. So please > do make adjustments that are necessary for your application): > > ============================================================== > ============================== > > import java.io.IOException; > import java.io.InputStream; > import java.net.InetAddress; > import java.net.Socket; > import java.net.UnknownHostException; > > import iaik.security.ssl.SSLSocket; > import iaik.security.ssl.SSLClientContext; > import iaik.security.ssl.CipherSuite; > import java.security.cert.CertificateFactory; > import java.security.cert.X509Certificate; > import java.security.cert.CertificateException; > > > public class IAIKSSLSocketFactory implements > SecureProtocolSocketFactory > { > > private SSLClientContext SSLCONTEXT = null; > > public IAIKSSLSocketFactory() > { > super(); > } > > protected static SSLClientContext getDefaultClientContext() > throws IOException > { > if (SSLCONTEXT == null) { > SSLCONTEXT = new SSLClientContext(); > // Tighten things up a little > // You may want to provide a custom cert chain verifier > SSLCONTEXT.setChainVerifier(new MyChainVerifier()); > // You may want to use only a few specific ciphers > CipherSuite[] clientCipherSuite = new CipherSuite[2]; > > clientCipherSuite[0]=CipherSuite.SSL_RSA_WITH_3DES_EDE_CBC_SHA; > > clientCipherSuite[1]=CipherSuite.SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA; > SSLCONTEXT.setEnabledCipherSuites (clientCipherSuite); > SSLCONTEXT.updateCipherSuites(); > // You may want to set trusted server certs > SSLCONTEXT.addTrustedCertificate(serverCertificate); > } > return SSLCONTEXT; > } > > public Socket createSocket(String host, int port) > throws IOException, UnknownHostException > { > return new SSLSocket(host, port, getDefaultClientContext()); > } > > public Socket createSocket(String host, int port, > InetAddress clientHost, > int clientPort) > throws IOException, UnknownHostException > { > return new SSLSocket(host, port, clientHost, clientPort, > getDefaultClientContext()); > > } > > public Socket createSocket(Socket socket, String host, int > port, boolean > autoClose) > throws IOException, UnknownHostException > { > return new SSLSocket(socket, getDefaultClientContext(), > host, port); > > } > } > > Hope this helps > > Oleg > > > > > >-- Original Message -- > >Reply-To: "Jakarta Commons Users List" > <[EMAIL PROTECTED]> > >Subject: AW: [httpClient] ClassLoader problem > >Date: Mon, 30 Aug 2004 14:40:41 +0200 > >From: "Benkart Sascha (QI/SES1) *" <[EMAIL PROTECTED]> > >To: "Jakarta Commons Users List" <[EMAIL PROTECTED]> > > > > > >Hi Oleg, > > > >IS is running on Java 1.4 but without JCE. A file called > server.jar includes > >the IAIK classes including an IAIK JSSE framework. > >I'm able to create a Cipher object within my package, but > the httpClient > >is added as a JAR file. Because I get a > ClassNotFoundException on the httpClient, > >I think JAR files are loaded by an other ClassLoader than > the package or > >the server bootstrap (including the IAIK component). > > > >Do you use IAIK JSSE framework for own > SecureProtocolSocketFactory or IAIK > >own classes? > > > >Kind regards > >Sascha > > > >> -----Urspr�ngliche Nachricht----- > >> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > >> Gesendet: Montag, 30. August 2004 13:21 > >> An: Jakarta Commons Users List > >> Betreff: RE: [httpClient] ClassLoader problem > >> > >> > >> Hi Sascha, > >> > >> I believe you can work this problem around by providing a > >> custom socket factory > >> that creates secure sockets using IAIK SSL directly, rather > >> than through > >> the JSSE. > >> > >> See the HttpClient SSL guide for details > >> > >> http://jakarta.apache.org/commons/httpclient/sslguide.html > >> > >> I have been using HttpClient with IAIK SSL in production for > >> three years. > >> It just takes a custom socket factory to get them coexist > quite well. > >> > >> On the classloader issue, HttpClient 2.0.x does not load > >> classes dynamically. > >> So there's no way to get it to use another classloader > >> > >> Hope this helps > >> > >> Oleg > >> > >> >-- Original Message -- > >> >Reply-To: "Jakarta Commons Users List" > >> <[EMAIL PROTECTED]> > >> >Subject: [httpClient] ClassLoader problem > >> >Date: Mon, 30 Aug 2004 11:45:38 +0200 > >> >From: "Benkart Sascha (QI/SES1) *" <[EMAIL PROTECTED]> > >> >To: <[EMAIL PROTECTED]> > >> > > >> > > >> >Hi, > >> > > >> >I'm using httpClient v2.0.1 with webMethods' Integration > >> Server (IS). IS > >> >= > >> >uses code units called packages to add functionality at runtime. > >> >I add httpclient to a package and everytime I execute with > >> SSL, I get a > >> = > >> >javax.crypto.Cipher ClassNotFoundException. IS uses its own = > >> >JCE-implementation from company IAIK.=20 > >> >There's no problem to create a new Cipher object within my > >> package, but > >> = > >> >within httpClient. I think there's a ClassLoader problem. > >> > > >> >Is there a possibility to give the httpClient another > >> ClassLoader? I = > >> >only found instanciation of class Cipher in class NTLM, but > >> I don't use > >> = > >> >NTLM. > >> > > >> >Thanks, > >> >Sascha > >> > > >> > >--------------------------------------------------------------------- > >> >To unsubscribe, e-mail: > [EMAIL PROTECTED] > >> >For additional commands, e-mail: > [EMAIL PROTECTED] > >> > > >> > >> > >> > --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: > [EMAIL PROTECTED] > >> > >> > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
