Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-1454

Allow use of multiple SSLContexts with single instance of HttpClient

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 4.4 Alpha1
    • HttpClient (classic)
    • None

    Description

      Goal: using differently set up SSLContexts for same (shared) HttpClient instance, that should be used by some set of (application specific) conditions. Currently (and even before 4.3, this stands for 4.2 and older clients too), only one ConnectionSocketFactory (or it's older equivalent) might be used for connection manager. In some applications this might be not enough, as while sharing httpClient is desired, it's not possible to have an instance being set up using multiple SSLContexts (contexts being set up in vastly different ways, like one allowing self signed certs. one using it's own controlled trust material, and one using default JVM trust material for example).

      The new PoolingHttpClientConnectionManager (introduced in 4.3) should be improved to allow this kind of "selection" without mangling the schema of the accessed URIs (like using "https-weak://host/foo" and registering proper ConnectionSocketFactory for given schema).

      Before, this was possible as HttpClientConnectionOperator was exposed, but not anymore in 4.3.x.

      Frankly, the HttpClientConnectionOperator solution seemed "cleaner" to me, but a possible solution might be drafted in PR below:
      https://github.com/apache/httpclient/pull/9

      Attachments

        1. HTTPCLIENT-1454.patch
          27 kB
          Tamás Cservenák

        Issue Links

          Activity

            People

              Unassigned Unassigned
              cstamas Tamás Cservenák
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: