Stefan Groschupf wrote:
Swaroop, @see http://www.nutch.org/docs/en/policies.html http://www.nutch.org/docs/en/i18n.html
Just as one idea, we have no https support yet, feel free to contribute a https protocol plugin.
I was wondering the other day, if we really need a whole separate plugin to support HTTPS. After all, except for the initial handshake, all other details are equivalent to HTTP. I think it would be easier to just add https support to the existing http plugin.
The problems with certificates and security policies can be easily
avoided by using the famous DummySSLSocketFactory (see below - originally I think from a JavaWorld article) to produce https
Socket's if the protocol name is "https".
/* DummySSLSocketFactory.java */ package org.getopt.util.ssl;
import com.sun.net.ssl.*; import java.io.IOException; import java.net.InetAddress; import java.net.Socket; import javax.net.SocketFactory; import javax.net.ssl.SSLSocketFactory;
public class DummySSLSocketFactory extends SSLSocketFactory {
private SSLSocketFactory factory; public DummySSLSocketFactory() {
try {
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null,
new TrustManager[] { new DummyTrustManager() },
new java.security.SecureRandom());
factory = (SSLSocketFactory)sslcontext.getSocketFactory();
} catch (Exception ex) {
ex.printStackTrace();
}
} public static SocketFactory getDefault() {
return new DummySSLSocketFactory();
}public Socket createSocket(Socket socket, String s, int i, boolean flag) throws IOException {
return factory.createSocket(socket, s, i, flag);
}
public Socket createSocket(InetAddress inaddr, int i, InetAddress inaddr1, int j) throws IOException {
return factory.createSocket(inaddr, i, inaddr1, j);
}
public Socket createSocket(InetAddress inaddr, int i) throws IOException {
return factory.createSocket(inaddr, i);
}
public Socket createSocket(String s, int i, InetAddress inaddr, int j) throws IOException {
return factory.createSocket(s, i, inaddr, j);
}
public Socket createSocket(String s, int i) throws IOException {
return factory.createSocket(s, i);
} public String[] getDefaultCipherSuites() {
return factory.getSupportedCipherSuites();
} public String[] getSupportedCipherSuites() {
return factory.getSupportedCipherSuites();
}
}
/* DummyTrustManager.java */ package org.getopt.util.ssl;
import com.sun.net.ssl.X509TrustManager; import java.security.cert.X509Certificate;
public class DummyTrustManager implements X509TrustManager {
public boolean isClientTrusted(X509Certificate[] cert) {
return true;
} public boolean isServerTrusted(X509Certificate[] cert) {
return true;
} public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
-- Best regards, Andrzej Bialecki
------------------------------------------------- Software Architect, System Integration Specialist CEN/ISSS EC Workshop, ECIMF project chair EU FP6 E-Commerce Expert/Evaluator ------------------------------------------------- FreeBSD developer (http://www.freebsd.org)
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Nutch-developers mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/nutch-developers
