[jira] [Commented] (HTTPCLIENT-1449) X509HostnameVerifier API is too restrictive

Tue, 21 Jan 2014 05:32:27 -0800 

    [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1449?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13877458#comment-13877458
 ] 

Mikhail Golubev commented on HTTPCLIENT-1449:
---------------------------------------------

Hi, Oleg.

Well, you're right and it's actually boils down to necessity to duplicate these 
parts of {{AbstractVerifier}}, which, I believe, could be avoided.  I 
personally look after that the latest stable version of httpclient is used in 
our codebase, so fixing it only in 4.4 is not a big deal.

Thanks for your attention to this tiny issue.


> X509HostnameVerifier API is too restrictive
> -------------------------------------------
>
>                 Key: HTTPCLIENT-1449
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1449
>             Project: HttpComponents HttpClient
>          Issue Type: Wish
>    Affects Versions: 4.3.1
>            Reporter: Mikhail Golubev
>            Priority: Minor
>             Fix For: 4.4 Alpha1
>
>
> I want to customize hostname verification process by creating custom 
> X509HostnameVerifier, which first try to use BrowserCompatHostnameVerifier 
> strategy to check hostname and then, if it fails, asks user directly, whether 
> such certificate can be accepted. As I understand, this verifier then can be 
> supplied to e.g. HttpClientBuilder#setHostnameVerifier.
> But how should I achieve this? I can't extend BrowserCompatHostnameVerifier, 
> because all its methods is final or package-private. Extending 
> AbstractVerifier also makes no sense, because its only overridable method  is 
> verify(String, String[], String[]) and it gives me no access to certificate 
> itself, which I need for user dialog. On the other hand, method verify(String 
> host, X509Certificate cert) is the perfect extension point for me, but it's 
> declared final. I really don't like to implement X509HostnameVerifier and 
> then copy half of the AbstractVerifier in it. May be I'm missing some other 
> way to intercept hostname verification?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to