I intend to do the experiment with the Simple adapter - as long as our project direction permits.
I did not look at the other adapters, but any adapter that works similarly to the Simple one and uses the java SSLSocket should be configurable in the same way that Simple adapter. --Chuck -----Original Message----- From: Jerome Louvel [mailto:[EMAIL PROTECTED] Sent: Friday, April 27, 2007 9:53 AM To: [email protected] Subject: RE: RE: 2-way SSL authentication OK, that's clear now :) If you could experiment your proposition with the Simple HTTPS connector, that would be great. We could then apply it to other connectors. For the ServerServlet adapter, I think this would be the responsibility of the Servlet container to provide this feature. I don't think that the Servlet API itself allows to configure this aspect. Best regards, Jerome > -----Message d'origine----- > De : Chuck Hinson [mailto:[EMAIL PROTECTED] Envoyé : vendredi > 27 avril 2007 15:21 À : [email protected] Objet : RE: RE: > 2-way SSL authentication > > No, I mean SSL with client authentication - i.e., rather than just the > server authenticating itself to the client (by sending its server > cert), both the client and the server authenticate with each other. > > I did look at the code for the Simple HttpsServerHelper and it appears > that it would be relatively simply to accomplish this. The main issue > would be change the call to > SLLContext.init() to include a TrustManagers along with the > KeyManagers - along the lines of: > > sslContext.init(keyManagerFactory.getKeyManagers(), > trustManagerFactory,getTrustManagers(), null); > > This would require some additional properties in order to be able to > specify the location of the trust store and password along with > specifying whether or not client authentication is not asked for at > all; asked for but not required; or required. > > I suspect that a similar solution exists for the Servlet server helper > if not all of the other helpers. > > --Chuck > > -----Original Message----- > From: Jerome Louvel [mailto:[EMAIL PROTECTED] > Sent: Friday, April 27, 2007 1:48 AM > To: [email protected] > Subject: RE: 2-way SSL authentication > > > Chuck, > > Sorry I'm not sure I understand. Do you mean reusing the exact same > SSL socket? > > Otherwise a single Restlet application can use an HTTPS server and > client connector at the same time. But it seems that you are looking > for more, right? > > Best regards, > Jerome > > > -----Message d'origine----- > > De : Chuck Hinson [mailto:[EMAIL PROTECTED] Envoyé : > jeudi 26 > > avril 2007 17:45 À : [email protected] Objet : 2-way SSL > > authentication > > > > Does anyone know if it is possible to use Restlets in > scenarios where > > https with 2-way/client authentication is required (server-side and > > client-side)? > > > > -Chuck > > > > ------------------------------------ > > Chuck Hinson > > Gestalt LLC > > phone: 610.994.2833 > > IM: chucking24 (Yahoo) > >
