Restlet Client class with custom SSLSocket/SSLContext

2010-02-04 Thread webpost 
Hi There,

How do I make Client class in Restlet use my own custome SSLSocket/SSLContext? 
I already have an application that is using Restlet Client to talk to a Web 
Service and I've create my own X509KeyManager and X509TrustManager which I 
would like to use when Client sets up the SSL link to the server.


Thanks for your help,
Adrian

--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2444683

Re: Restlet Client class with custom SSLSocket/SSLContext

2010-02-04 Thread Bruno Harbulot 
Hi Adrian,

In Restlet 2, you can pass SslContextFactories to the client context.

import org.restlet.engine.security.SslContextFactory;
import org.restlet.engine.security.DefaultSslContextFactory;

...
// Example with the default SslContextFactory
SslContextFactory sslContextFactory = new DefaultSslContextFactory();
sslContextFactory.setKeyStorePath(...);
// ...
sslContextFactory.setTrustStorePath(...);
sslContextFactory.setTrustStorePassword(...);

// ...
// you may need client.setContext(new Context());
Context context = client.getContext();
context.getAttributes().put(sslContextFactory, sslContextFactory);


You can use other implementations of SslContextFactory.
- The DefaultSslContextFactory behaves according to the default values 
in the JSSE Ref documentation; it uses the values set in its fields 
(e.g. setTrustStorePath) if set, otherwise uses the values in the 
standard JSSE system propery (javax.net...), otherwise uses the default 
values for the provider.

- org.restlet.ext.ssl.JsslutilsSslContextFactory (in the 
org.restlet.ext.ssl module) will let you wrap any jSSLutils 
SSLContextFactory http://www.jsslutils.org/.

- org.restlet.ext.ssl.PkixSslContextFactory will let you use jSSLutils's 
PKIXSSLContextFactory, so you can set CRLs explicitly for example (see 
Javadoc).

You can provide your own implementation of 
org.restlet.engine.security.SslContextFactory; alternatively, let me 
know if you'd like to work with jSSLutils (comments and suggestions 
welcome).


If you work with Restlet 1, there are workarounds depending on the 
connector you want to use, but it's not ideal.


Best wishes,

Bruno.

webp...@tigris.org wrote:
 Hi There,
 
 How do I make Client class in Restlet use my own custome 
 SSLSocket/SSLContext? I already have an application that is using Restlet 
 Client to talk to a Web Service and I've create my own X509KeyManager and 
 X509TrustManager which I would like to use when Client sets up the SSL link 
 to the server.
 
 
 Thanks for your help,
 Adrian
 
 --
 http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2444683


--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2444819

RE: Re: Restlet Client class with custom SSLSocket/SSLContext

2010-02-04 Thread webpost 
Hi, Bruno.

Thank you for your quick reply. I prefer my own implementation if it's just 
extending the SslContextFactory so I'll give that a try first if that works. 
But I'll take a look at jsslutils as well. 

Best regards,
Adrian

--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=2444910