-- 
Weinan Li


On Wednesday, September 4, 2013 at 3:16 AM, Mukul Panwar wrote:

> Hi Wenian
> 
> I also tried now the similar approach by using a Http apache client library 
> whic is handling some internally and reusing the handshake.
> 
> But I want to user resteasy client library only and some how i want to reuse 
> that Ssl handshake.
> 
> Plz suggest something about resteasy api to handle it .

Hi Mukul, I haven't looked into details of the JAX-RS 2.0 Client API . I'll do 
some research and give you my findings soon.
> 
> Thanks
> Mukul
> 
> 
> 
> On Sep 3, 2013, at 6:44 PM, "Weinan Li" <l.wei...@gmail.com 
> (mailto:l.wei...@gmail.com)> wrote:
> 
> > 
> > 
> > -- 
> > Weinan Li
> > 
> > 
> > On Tuesday, September 3, 2013 at 2:42 PM, Mukul Panwar wrote:
> > 
> > > 
> > > Hi 
> > > 
> > > Sorry for late reply, I am using JBoss AS provided SSL connector and my 
> > > configuration as: 
> > > 
> > > <connector name="https" protocol="HTTP/1.1" scheme="https" 
> > > socket-binding="https" secure="true">
> > > <ssl name="ssl" key-alias="jbosskey" password="changeit" 
> > > certificate-key-file="D:/Software/server/jboss-as-7.1.1.Final/standalone/configuration/server.keystore"
> > >  verify-client="want" 
> > > ca-certificate-file="D:/Software/server/jboss-as-7.1.1.Final/standalone/configuration/server.keystore"/>
> > 
> > 
> > 
> > 
> > Server side config looks fine. 
> > > </connector> and when I am calling from client code look like as:
> > > 
> > > void initializedCredential(){
> > > 
> > > System.setProperty("javax.net.ssl.trustStore", "D:/temp/client.jks"); 
> > > System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); 
> > > // keystore has the certificates presented to the server when a server 
> > > // requests one to authenticate this application to the server 
> > > System.setProperty("javax.net.ssl.keyStore", "D:/temp/client.jks"); 
> > > System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); 
> > > }
> > 
> > 
> > 
> > 
> > I believe the problem is that you haven't stored the SSLContext in client 
> > so that it creates a new one(with SSL handshake) each time.
> > 
> > Here are some codes that I have used before that holding the context in 
> > client side:
> > 
> > private Socket clientWithCert() throws Exception { 
> > SSLContext context = SSLContext.getInstance("TLS"); 
> > KeyStore ks = KeyStore.getInstance("jceks"); 
> > 
> > ks.load(new FileInputStream(CLIENT_KEY_STORE), null); 
> > KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509"); 
> > kf.init(ks, CLIENT_KEY_STORE_PASSWORD.toCharArray()); 
> > context.init(kf.getKeyManagers(), null, null); 
> > 
> > SocketFactory factory = context.getSocketFactory(); 
> > Socket s = factory.createSocket("localhost", 8443); 
> > return s; 
> > }
> > 
> > With above method you have to use Socket intend of RESTEasy client api. If 
> > you reuse the context then you don't have to do a new SSL handshake with 
> > Server each time.
> > 
> > I haven't looked into JAX-RS 2.0 Client API throughly so I'm not sure how 
> > it could be setup to use SSL. I'll do more research on it and give you 
> > feedback soon.
> > 
> > > public <T> Object post (String url, Map obj, Class<T> class1) 
> > > {initializedCredential();
> > > url = webServiceUrlUtil.getSearchClaimantURL() + url;
> > > clientRequest = new ClientRequest(url);
> > > ClientResponse<T> res = null;
> > > try {
> > > res = clientRequest.post(class1);
> > > if (res == null) {
> > > return null;
> > > }
> > > if (res != null && res.getStatus() != 200) {
> > > logger.debug("GET Response not getting correct , Status Code: "
> > > + res.getStatus());
> > > throw new RuntimeException("Failed : HTTP Webservice error : "
> > > + res.serverError());
> > > }
> > > 
> > > } catch (Exception e) {
> > > // TODO Auto-generated catch block
> > > e.printStackTrace();
> > > }
> > > return res.getEntity();
> > > }
> > > 
> > > Thanks
> > > Mukul
> > > 
> > > -----Original Message-----
> > > From: Weinan Li [mailto:l.wei...@gmail.com] 
> > > Sent: Friday, August 30, 2013 8:12 AM
> > > To: Mukul Panwar
> > > Cc: Bill Burke; resteasy-users@lists.sourceforge.net 
> > > (mailto:resteasy-users@lists.sourceforge.net)
> > > Subject: Re: [Resteasy-users] Fwd: Regarding Ssl handshake during 
> > > certificate authentication on jboss
> > > 
> > > 
> > > 
> > > -- 
> > > Weinan Li
> > > 
> > > 
> > > On Friday, August 30, 2013 at 12:20 AM, Mukul Panwar wrote:
> > > 
> > > > Hi Bill
> > > > 
> > > > I also tried successfully to implement certificate authentication but 
> > > > SsL handshake doing every time of request. Which should reuse the first 
> > > > handshake session. Please suggest about it.
> > > 
> > > Hi Mukul, are you using the RESTEasy provided security solution (like 
> > > skeleton and resteasy-crypto) or JBoss AS provided SSL connector?
> > > 
> > > If you are using the SSL connection provided by JBoss AS, it could be a 
> > > configuration problem. Could you please provide the configs you've used 
> > > so that I could check it for you?
> > > > 
> > > > Thanks
> > > > Mukul 
> > > > 
> > > > On Aug 29, 2013, at 7:11 PM, "Bill Burke" <bbu...@redhat.com 
> > > > (mailto:bbu...@redhat.com)> wrote:
> > > > 
> > > > > I have used certs successfully before.
> > > > > 
> > > > > On 8/29/2013 9:31 AM, Mukul Panwar wrote:
> > > > > > 
> > > > > > 
> > > > > > Sent from my iPhone
> > > > > > 
> > > > > > Begin forwarded message:
> > > > > > 
> > > > > > > *From:* <muku...@hcl.com <mailto:muku...@hcl.com>>
> > > > > > > *Date:* August 29, 2013, 7:00:06 AM GMT+05:30
> > > > > > > *To:* Bill Burke <bbu...@redhat.com <mailto:bbu...@redhat.com>>
> > > > > > > *Cc:* <resteasy-users@lists.sourceforge.net 
> > > > > > > (mailto:resteasy-users@lists.sourceforge.net)
> > > > > > > <mailto:resteasy-users@lists.sourceforge.net>>
> > > > > > > *Subject:* *Regarding Ssl handshake during certificate 
> > > > > > > authentication
> > > > > > > on jboss*
> > > > > > > 
> > > > > > > Hi Bill
> > > > > > > 
> > > > > > > I have a resteasy client and doing post request . I also set the
> > > > > > > keystore as trusted and cert key entries before sending the 
> > > > > > > request.
> > > > > > > 
> > > > > > > The server also having import the client key in their keystore
> > > > > > > certificate.
> > > > > > > 
> > > > > > > Means we are doing Two way mutual certificate authentication .
> > > > > > > 
> > > > > > > The client and server doing handshake successfully . But for each
> > > > > > > request there is a new handshake where as they should use the 
> > > > > > > session
> > > > > > > of first Ssl handshake. Please suggest about or give any 
> > > > > > > reference for
> > > > > > > this.
> > > > > > > 
> > > > > > > Thanks
> > > > > > > Mukul
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > ::DISCLAIMER::
> > > > > > ----------------------------------------------------------------------------------------------------------------------------------------------------
> > > > > > 
> > > > > > The contents of this e-mail and any attachment(s) are confidential 
> > > > > > and
> > > > > > intended for the named recipient(s) only.
> > > > > > E-mail transmission is not guaranteed to be secure or error-free as
> > > > > > information could be intercepted, corrupted,
> > > > > > lost, destroyed, arrive late or incomplete, or may contain viruses 
> > > > > > in
> > > > > > transmission. The e mail and its contents
> > > > > > (with or without referred errors) shall therefore not attach any
> > > > > > liability on the originator or HCL or its affiliates.
> > > > > > Views or opinions, if any, presented in this email are solely those 
> > > > > > of
> > > > > > the author and may not necessarily reflect the
> > > > > > views or opinions of HCL or its affiliates. Any form of 
> > > > > > reproduction,
> > > > > > dissemination, copying, disclosure, modification,
> > > > > > distribution and / or publication of this message without the prior
> > > > > > written consent of authorized representative of
> > > > > > HCL is strictly prohibited. If you have received this email in error
> > > > > > please delete it and notify the sender immediately.
> > > > > > Before opening any email and/or attachments, please check them for
> > > > > > viruses and other defects.
> > > > > > 
> > > > > > ----------------------------------------------------------------------------------------------------------------------------------------------------
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > ------------------------------------------------------------------------------
> > > > > > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, 
> > > > > > more!
> > > > > > Discover the easy way to master current and previous Microsoft 
> > > > > > technologies
> > > > > > and advance your career. Get an incredible 1,500+ hours of 
> > > > > > step-by-step
> > > > > > tutorial videos with LearnDevNow. Subscribe today and save!
> > > > > > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > _______________________________________________
> > > > > > Resteasy-users mailing list
> > > > > > Resteasy-users@lists.sourceforge.net 
> > > > > > (mailto:Resteasy-users@lists.sourceforge.net)
> > > > > > https://lists.sourceforge.net/lists/listinfo/resteasy-users
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > -- 
> > > > > Bill Burke
> > > > > JBoss, a division of Red Hat
> > > > > http://bill.burkecentral.com
> > > > > 
> > > > > ------------------------------------------------------------------------------
> > > > > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> > > > > Discover the easy way to master current and previous Microsoft 
> > > > > technologies
> > > > > and advance your career. Get an incredible 1,500+ hours of 
> > > > > step-by-step
> > > > > tutorial videos with LearnDevNow. Subscribe today and save!
> > > > > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
> > > > > _______________________________________________
> > > > > Resteasy-users mailing list
> > > > > Resteasy-users@lists.sourceforge.net 
> > > > > (mailto:Resteasy-users@lists.sourceforge.net)
> > > > > https://lists.sourceforge.net/lists/listinfo/resteasy-users
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > ------------------------------------------------------------------------------
> > > > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> > > > Discover the easy way to master current and previous Microsoft 
> > > > technologies
> > > > and advance your career. Get an incredible 1,500+ hours of step-by-step
> > > > tutorial videos with LearnDevNow. Subscribe today and save!
> > > > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
> > > > _______________________________________________
> > > > Resteasy-users mailing list
> > > > Resteasy-users@lists.sourceforge.net 
> > > > (mailto:Resteasy-users@lists.sourceforge.net)
> > > > https://lists.sourceforge.net/lists/listinfo/resteasy-users
> > > 
> > 
> 




------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________
Resteasy-users mailing list
Resteasy-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/resteasy-users

Reply via email to