I needed a HostnameVerifier implementation that would accept all hostnames for JNDI over HTTPS, so I tried running JBoss 3.2.3 using the -Dorg.jboss.security.ignoreHttpsHost=true flag.
Unfortunately, even though I'm using J2SDK 1.4.2, the HttpsURLConnection implementation being passed into the org.jboss.invocation.http.interfaces.Utils.configureHttpsHostVerifier() method is a com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl. And since that class does not extend javax.net.ssl.HttpsURLConnection, the configureHttpsHostVerifier method fails to set the AnyhostVerifier as the hostnameVerifier. My question is, why is this old implementation being used at all? How do I set up JBoss not to use the com.sun.net.* classes so the ignoreHttpsHost flag will work and/or what's the best way to plug in my own HostnameVerifier implementation into the mix? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3837830#3837830 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3837830 ------------------------------------------------------- This SF.Net email is sponsored by: GNOME Foundation Hackers Unite! GUADEC: The world's #1 Open Source Desktop Event. GNOME Users and Developers European Conference, 28-30th June in Norway http://2004/guadec.org _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
