Hello,
I'm using mina since 5 days and I really find it wonderful.
However, I just got a problem with SSL writing the server side code.
I'm using a SSL filter with an IOAcceptor:
-----Main Class--------------------------------------
SSLContext sslContext = SSLContext.getDefault();
SSLFilter sslFilter = new SSLFilter(sslContext);
sslFilter.setNeedClientAuth(true);
cfg.getFilterChain().addLast("ssl", sslFilter);
------------------------------------------------
Then, I bind a handler to this IOAcceptor, and I try to retrieve the
javax.net.ssl.SSLSession in the sessionCreated() method of the handler, doing
this:
-----Handler--------------------------------------
SSLFilter sslFilter = (SSLFilter) session.getFilterChain().get("ssl");
SSLSession sslSession = sslFilter.getSSLSession(session);
Certificate[] clientCertificates = sslSession.getPeerCertificates();
X509Certificate cert = (X509Certificate)clientCertificates[0];
cert.checkValidity();
------------------------------------------------
The point is that the sslSession is equals to NULL. I searched in the mailing
list, and found it could be due to my version of mina (1.1.7). So I tried the
version 2.0.0M6, but it just acts the same.
I think I'm just misunderstanding something here because, when I try to check
the validity of the certificate in the messageReceived() method, it works.
My questions are:
Where should I put the second piece of code so it would be clean? (of course, I
could put it in the messageReceived, and use attributes to tell this has been
done).
Is it normal that the SSLSession could not be retrieve? (I suppose the
sessionCreated() is called before the sslSession is initialized.)
Regards,
Cedric
