Hello, I am working on a server that tries to ask the client for his X509 certificate only when it is sure that it will be needed. This can be done very neatly using TLS renegotiation: the server can analysing the HTTP request to see if action requested on the resource needs authentication at all. If so it requests a TLS renegotiations as show in this mini netty server written in one page of Scala [1].
I am now trying to test this. Most desktop browsers accept some form of TLS renegotiation - except Opera 11 I think. But I am not sure that java http client does. I am using the dispatch scala wrapping of the httpclient, and so I am cling them this too. The code for these tests is here: https://dvcs.w3.org/hg/read-write-web/file/c0bf9b280888/src/test/scala/auth/CreateWebIDSpec.scala The test after line 234 does not return the right result. After a lot of stepping through code it occurred to me that perhaps httpclient does not do renegotiation. Perhaps I have not set it up properly to do this. But it could also be another issue. As it is late, I thought I'd ask before going to sleep. Thanks in advance, Henry [1] in the webid branch of the read-write-web project around line 64 https://dvcs.w3.org/hg/read-write-web/file/9ca474c333e8/src/main/scala/netty/SslLoginTest.scala [2] http://dispatch.databinder.net/Dispatch.html Social Web Architect http://bblfish.net/ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
