On Mon, 2013-05-13 at 22:10 -0400, Sachin Nikumbh wrote:
> Hi Oleg,
>
> Thanks a lot for the response. I have one more question.
>
> In my client application, I need to provide extra authorization based on
> the common name in the server certificate. I want to allow the
> request-response exchange (I am sending a POST request) only after the
> server passes this extra authorization step.
>
> Is using BasicAsyncResponseConsumer going be too late for me to access the
> server certificate?
>
> I want the behavior similar to following sample code based
> on HttpsURLConnection :
>
> ************************************************************************************************************
> HttpsURLConnection urlConnection =
> (HttpsURLConnection)madsUrl.openConnection();
> urlConnection.setRequestMethod("POST");
> ...
> ...
> urlConnection.connect(); //Establish connection for initial SSL handshake
> String peerDN = urlConnection.getPeerPrincipal().getName();
> if( isAuthorizedPeer(peerDN) ){
> // Now it's safe to write request data
> OutputStream oStream = urlConnection.getOutputStream();
> ...
> ...
> }
> ************************************************************************************************************
>
> Thanks once again
> Sachin
>
>
Hi Sachin
There is currently no easy way of obtaining the SSL session details
prior to issuing a request. Feel free to raise an improvement request in
JIRA for this problem.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
