Please do experiment with Simple, this improvement could be part of the upcoming 1.1 branch that we will create after 1.0.1 release next week. I can take care of other connectors if needed.
Best regards, Jerome > -----Message d'origine----- > De : Chuck Hinson [mailto:[EMAIL PROTECTED] > Envoyé : vendredi 27 avril 2007 16:20 > À : [email protected] > Objet : RE: RE: RE: 2-way SSL authentication > > I intend to do the experiment with the Simple adapter - as > long as our project direction permits. > > I did not look at the other adapters, but any adapter that > works similarly to the Simple one and uses the java SSLSocket > should be configurable in the same way that Simple adapter. > > --Chuck > > -----Original Message----- > From: Jerome Louvel [mailto:[EMAIL PROTECTED] > Sent: Friday, April 27, 2007 9:53 AM > To: [email protected] > Subject: RE: RE: 2-way SSL authentication > > > OK, that's clear now :) > > If you could experiment your proposition with the Simple > HTTPS connector, that would be great. We could then apply it > to other connectors. > > For the ServerServlet adapter, I think this would be the > responsibility of the Servlet container to provide this > feature. I don't think that the Servlet API itself allows to > configure this aspect. > > Best regards, > Jerome > > > -----Message d'origine----- > > De : Chuck Hinson [mailto:[EMAIL PROTECTED] Envoyé : > vendredi > > 27 avril 2007 15:21 À : [email protected] Objet : RE: RE: > > 2-way SSL authentication > > > > No, I mean SSL with client authentication - i.e., rather > than just the > > server authenticating itself to the client (by sending its server > > cert), both the client and the server authenticate with each other. > > > > I did look at the code for the Simple HttpsServerHelper and > it appears > > that it would be relatively simply to accomplish this. The > main issue > > would be change the call to > > SLLContext.init() to include a TrustManagers along with the > > KeyManagers - along the lines of: > > > > sslContext.init(keyManagerFactory.getKeyManagers(), > > trustManagerFactory,getTrustManagers(), null); > > > > This would require some additional properties in order to > be able to > > specify the location of the trust store and password along with > > specifying whether or not client authentication is not asked for at > > all; asked for but not required; or required. > > > > I suspect that a similar solution exists for the Servlet > server helper > > if not all of the other helpers. > > > > --Chuck > > > > -----Original Message----- > > From: Jerome Louvel [mailto:[EMAIL PROTECTED] > > Sent: Friday, April 27, 2007 1:48 AM > > To: [email protected] > > Subject: RE: 2-way SSL authentication > > > > > > Chuck, > > > > Sorry I'm not sure I understand. Do you mean reusing the exact same > > SSL socket? > > > > Otherwise a single Restlet application can use an HTTPS server and > > client connector at the same time. But it seems that you > are looking > > for more, right? > > > > Best regards, > > Jerome > > > > > -----Message d'origine----- > > > De : Chuck Hinson [mailto:[EMAIL PROTECTED] Envoyé : > > jeudi 26 > > > avril 2007 17:45 À : [email protected] Objet : 2-way SSL > > > authentication > > > > > > Does anyone know if it is possible to use Restlets in > > scenarios where > > > https with 2-way/client authentication is required > (server-side and > > > client-side)? > > > > > > -Chuck > > > > > > ------------------------------------ > > > Chuck Hinson > > > Gestalt LLC > > > phone: 610.994.2833 > > > IM: chucking24 (Yahoo) > > >
