Im using Restlet with embedded Jetty. I have a requirement of being able to
enable only selected cipher suites.
I primarily use embedded Jetty anyway I have also tried Simple HTTP Server but
both does not appear to work. I am unable to find any examples in this regard.
Even Restlet In Action book did not have any info in this regard. Any help will
be greatly Any help will be greatly appreciated..
Server Code for embedded Simple HTTP Server(Similar code for JETTY was tried)
org.restlet.Server serverObj = new
org.restlet.Server(Protocol.HTTPS);
HttpServerHelper serverHelper = new HttpServerHelper(
serverObj);
Engine.getInstance().getRegisteredServers().add(0,
serverHelper);
org.restlet.Component component = new Component();
org.restlet.Server server =
component.getServers().add(Protocol.HTTPS,8080);
component.getDefaultHost().attach(vtnURLResource, new
VTNApplication());
org.restlet.ext.simple.HttpsServerHelper httpsServerHelper =
new HttpsServerHelper(server);
Context workingCtx = serverHelper.getContext();
workingCtx.getParameters().add(disabledCipherSuites,
SSL_RSA_WITH_RC4_128_MD5 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA ..);
workingCtx.getParameters().add(enabledCipherSuites,
SSL_RSA_WITH_RC4_128_SHA);
workingCtx.getParameters().add(sslContextFactory,
org.restlet.engine.security.DefaultSslContextFactory);
workingCtx.getParameters().add(keystorePath,
C:\\openadrkeystore\\bouncykeys\\VTN_QLI.bks);
workingCtx.getParameters().add(keystorePassword, password);
workingCtx.getParameters().add(keystoreType, BKS);
workingCtx.getParameters().add(keyPassword, password);
workingCtx.getParameters().add(truststorePath,
C:\\Program
Files\\Java\\jre6\\lib\\security\\cacerts);
workingCtx.getParameters().add(truststorePassword,
changeit);
workingCtx.getParameters().add(needClientAuthentication,
true);
component.start();
Client Code
---
Client client = new Client(ctx,Protocol.HTTPS);
client.setConnectTimeout(5);
Context workingCtx = client.getContext();
System.setProperty(javax.net.ssl.trustStore,C:\\Program
Files\\Java\\jre6\\lib\\security\\cacerts);
System.setProperty(javax.net.ssl.trustStorePassword,
changeit);
workingCtx.getParameters().add(keystorePath,
C:\\openadrkeystore\\bouncykeys\\VEN_QLI.bks);
workingCtx.getParameters().add(keystorePassword,
password);
workingCtx.getParameters().add(keystoreType, BKS);
workingCtx.getParameters().add(keyPassword,
password);
workingCtx.getParameters().add(disabledCipherSuites,
SSL_RSA_WITH_RC4_128_MD5
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA .);
workingCtx.getParameters().add(enabledCipherSuites,
SSL_RSA_WITH_RC4_128_SHA);
workingCtx.getParameters().add(needClientAuthentication, true);
ClientResource resource = new
ClientResource(propFilePreader.get(serverURL));
resource.setNext(client);
..
..
resource.post(data);
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2972321