Thanks, I finally made it using:
URLResourceResolver urlResourceResolver = new HttpsURLResourceResolver();
HttpsURLConnection.setDefaultSSLSocketFactory(urlResourceResolver.getSSLSock
etFactory());
---- package urlresolver; import java.io.BufferedReader; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.Reader; import java.net.URL; import java.net.URLConnection; import java.security.KeyStore; import java.security.Security; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocketFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.SSLSession; import ch.keyon.security.provider.capi.CAPI; import ch.keyon.security.provider.jssekm.JSSEKM; public class HttpsURLResourceResolver { /** The ssl context. */ public SSLContext m_sslContext = null; public HttpsURLResourceResolver() throws Exception { // add specific provider Security.insertProviderAt(new CAPI(), 2); // add specific provider Security.insertProviderAt(new JSSEKM(), 1); // get key store KeyStore keyStore = KeyStore.getInstance("CAPI"); // load key store keyStore.load(null, null); // create key manager factory KeyManagerFactory kmf = KeyManagerFactory.getInstance("JSSEKMX509"); kmf.init(keyStore, null); // get key managers KeyManager[] keyManagers = kmf.getKeyManagers(); // create trust manager factory TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(keyStore); // get trust managers TrustManager[] trustManagers = tmf.getTrustManagers(); // create context m_sslContext = SSLContext.getInstance("TLS"); // initialize the context m_sslContext.init(keyManagers, trustManagers, null); } public SSLSocketFactory getSSLSocketFactory() { return m_sslContext.getSocketFactory(); } public InputStream resolveURL(URL url) throws IOException { // if the URL Protocol is not Https, return the default URL Resolver if (!"https".equals(url.getProtocol())) { return your default resolver } // get socket factory SSLSocketFactory socketFactory = m_sslContext.getSocketFactory(); // create https url connection URLConnection urlConnection = url.openConnection(); HttpsURLConnection httpsURLConnection = (HttpsURLConnection) urlConnection; // set socket factory httpsURLConnection.setSSLSocketFactory(socketFactory); // connect httpsURLConnection.connect(); return httpsURLConnection.getInputStream(); } } -----Original Message----- From: owner-xep-support@renderx.com [mailto:owner-xep-support@renderx.com] On Behalf Of Alexander Peshkov Sent: Donnerstag, 2. März 2006 13:06 To: Christian Kriebel Subject: Re: [xep-support] Is XEP using HttpsURLConnection when resolving images thru https ? Hello Christian, XEP relies on standard Java means for URL processing. This means that if necessary you can create custom protocol handler, put your own code inside and register it in Java. I haven't tested it but I think in your case it will make sense to extend HttpsURLConnection and make your own class that encapsulates proper initialization. Best regards, Alexander Peshkov mailto:peshkov@renderx.com RenderX CK> Hello CK> I have an environment where images are located on a application server which CK> can be accessed by https and a client certificate only. CK> e.g. url(https://host:port/...) CK> In my own code I connect in this way: CK> HttpsURLConnection uc = (HttpsURLConnection)url.openConnection(); CK> uc.setSSLSocketFactory( sslContext.getSocketFactory() ); CK> uc.connect(); CK> uc.getInputStream(); CK> ... CK> Where sslContext is an instance of javax.net.ssl.SSLContex initializing the CK> neccessary providers, keymanagers, keystores, etc. CK> Is it possible to set the SSLSocketFactory anywhere in xep ? CK> Thanks in advance CK> Christian Kriebel CK> ~~~~~~~~~~~~~~~~~~~~~ CK> Dr. Christian Kriebel - CTO CK> Assentis Technologies AG CK> Lettenstr. 7, 6343 Rotkreuz, Switzerland CK> mailto:christian.kriebel@assentis.com CK> Mobile: +41-79-233 19 74 CK> Phone : +41-41-790 91 92 CK> ~~~~~~~~~~~~~~~~~~~~~ CK> ------------------- CK> (*) To unsubscribe, send a message with words 'unsubscribe xep-support' CK> in the body of the message to majordomo@renderx.com from the address CK> you are subscribed from. CK> (*) By using the Service, you expressly agree to these Terms of Service http://www.renderx.com/terms-of-service.html ------------------- (*) To unsubscribe, send a message with words 'unsubscribe xep-support' in the body of the message to majordomo@renderx.com from the address you are subscribed from. (*) By using the Service, you expressly agree to these Terms of Service http://www.renderx.com/terms-of-service.html ------------------- (*) To unsubscribe, send a message with words 'unsubscribe xep-support' in the body of the message to majordomo@renderx.com from the address you are subscribed from. (*) By using the Service, you expressly agree to these Terms of Service http://www.renderx.com/terms-of-service.htmlReceived on Fri Mar 3 00:45:42 2006
This archive was generated by hypermail 2.1.8 : Fri Mar 03 2006 - 00:45:43 PST