Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpcomponents Wiki" 
for change notification.

The following page has been changed by OlegKalnichevski:
http://wiki.apache.org/HttpComponents/HttpClientTutorial

------------------------------------------------------------------------------
  
  == Socket factories ==
  
-     HTTP connections make use of a java.net.Socket object internally to 
handle transmittion of data across the wire. They, however, rely on 
SocketFactory interface to create, initialize and connect sockets. This enables 
the users of HttpClient to provide application specific socket initialization 
code at runtime. PlainSocketFactory is the default factory for creating and 
initializing plain (unencrypted) sockets. 
+     HTTP connections make use of a java.net.Socket object internally to 
handle transmission of data across the wire. They, however, rely on 
SocketFactory interface to create, initialize and connect sockets. This enables 
the users of HttpClient to provide application specific socket initialization 
code at runtime. PlainSocketFactory is the default factory for creating and 
initializing plain (unencrypted) sockets. 
      
      The process of creating a socket and that of connecting it to a host are 
decoupled, so that the socket could be closed while being blocked in the 
connect operation.
  
@@ -771, +771 @@

  
  === Hostname verification ===
  
-    Hostname verifier implementations.
+    In addition to the trust verification and the client authentication 
performed on the SSL/TLS protocol level, HttpClient can optionally verify 
whether the target hostname matches the names stored inside the server's X.509 
certificate, once the connection has been established. This verification can 
provide additional guarantees of authenticity of the server trust material. 
X509HostnameVerifier interface represents a strategy for hostname verification. 
HttpClient ships with three X509HostnameVerifier. Important: hostname 
verification should not be confused with SSL trust verification.
+    
+    * '''StrictHostnameVerifier''': The strict hostname verifier works the 
same way as Sun Java 1.4, Sun Java 5, Sun Java 6. It's also pretty close to 
IE6. This implementation appears to be compliant with RFC 2818 for dealing with 
wildcards. The hostname must match either the first CN, or any of the 
subject-alts. A wildcard can occur in the CN, and in any of the subject-alts. 
  
+    * '''BrowserCompatHostnameVerifier''': The hostname verifier that works 
the same way as Curl and Firefox. The hostname must match either the first CN, 
or any of the subject-alts. A wildcard can occur in the CN, and in any of the 
subject-alts. The only difference between BrowserCompatHostnameVerifier and 
StrictHostnameVerifier is that a wildcard (such as "*.foo.com") with 
BrowserCompatHostnameVerifier matches all subdomains, including "a.b.foo.com".
+ 
+    * '''AllowAllHostnameVerifier''': This hostname verifier essentially turns 
hostname verification off. This implementation is a no-op, and never throws the 
SSLException.
+    
+    Per default HttpClient uses BrowserCompatHostnameVerifier implementation. 
One can specify a different hostname verifier implementation if desired
+    
+ {{{
+ SSLSocketFactory sf = new SSLSocketFactory(SSLContext.getInstance("TLS"));
+ sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
+ }}}
+    
  == Protocol schemes ==
      
-     Scheme class is used to represent a protocol scheme such as "http" or 
"https".
+     Scheme class represents a protocol scheme such as "http" or "https" and 
contains a number of protocol properties such as the default port and the 
socket factory to be used to creating Sockets for the given protocol. 
SchemeRegistry class is used to maintain a set of Schemes HttpClient can choose 
from when trying to establish a connection by a request URI:
+     
+ {{{
+ Scheme http = new Scheme("http", PlainSocketFactory.getSocketFactory(), 80);
+ 
+ SSLSocketFactory sf = new SSLSocketFactory(SSLContext.getInstance("TLS"));
+ sf.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
+ Scheme https = new Scheme("https", sf, 443);
+ 
+ SchemeRegistry sr = new SchemeRegistry();
+ sr.register(http);
+ sr.register(https);
+ }}}
      
  == HttpClient proxy configuration ==
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to