Hi Michael, Sounds like you fixed it already, but in any case: http://datos.cedeus.cl/geoserver/wms/
Cheers, Stefan On Mon, Feb 25, 2019, 05:20 Michaël Michaud, <m.michael.mich...@orange.fr> wrote: > Hi Stefan, > > Hey nice website ! > > I could not find a way to get WMS addresses from your site, but I found > one ssl wms in the default addresses we have in OpenJUMP. > > It does not work if I set the trust option to false back just "after" > returning the new URLConnection. I modified the code right now and it works > if I set the defaut trust option to untrust just "before" a new connection. > The drawback is that it is set to trust all the time between two > connections, so that if someone use a HttpsURLConnection without using the > URLConnectionProvider, he is in trust mode. > > Michaël > Le 23/02/2019 à 16:56, Stefan Steiniger a écrit : > > Hi Michael, > > As you said you may need another uncertified url to test: you can try > with GeoNode demo, or my GeoNode instance: http://datos.cedeus.cl (both > with GeoServer backend) > Cheers, > Stefan > > On Sat, Feb 23, 2019, 08:36 Michaël Michaud, <m.michael.mich...@orange.fr> > wrote: > >> Ede, >> >> I moved the URLConnection strategy into a separate class. It will be >> easier to share if another service (WFS?) needs it. >> >> I also added the persistance mechanism with PersistantBlackboard. >> >> I tried to set the authorization on a per URL basis rather than >> globally. In fact, I still use the setDefaultSSLSocketFactory, but I set >> it back to default after each URLConnection creation. Not sure it works. >> I don't know how to test it without a second uncertified URL. >> >> Let me know if you think about a better strategy. >> >> Michaël >> >> Le 21/02/2019 à 10:41, edgar.sol...@web.de a écrit : >> > On 21.02.2019 08:39, michael michaud wrote: >> >> OK, I started the change. I added a dialog in WMService to make it >> possible to accept or reject the connection to an url with uncertified >> authority. >> >> The main problem was to not break project loading when the project >> contains such WMSLayers. You already get the infinite loop problem I >> encountered (you let a comment in WMService in 2016-01). Hopefully, the >> problem is now fixed in OpenProjectWizard). >> >> I did not tried to persist URLs accepted by the user. It can be done >> later (not very urgent as the dialog is opened only once during a session >> for the same URL connection). >> > ok, had a look at your addition. >> > >> > 1. >> > firstly, you add new thrown exceptions all over the place. this changes >> the methods signatures (bad). try to wrap it into the existing exception >> definition like "new IOException(e);" >> > >> > 2. >> > private void setTrustOption(boolean trust, URL url) >> > throws KeyManagementException, NoSuchAlgorithmException { >> > SSLContext sc = SSLContext.getInstance("SSL"); >> > if (trust || trustedURLs.contains(url)) { >> > sc.init(null, new TrustManager[]{trm}, null); >> > trustedURLs.add(url); >> > } else { >> > sc.init(null, null, null); >> > } >> > >> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); >> > } >> > >> > sets the global SSLContext, for _all_ connections via >> HttpsURLConnection thereafter. this means all connections after a one time >> OK in your dialog will not check the cert anymore. >> > >> > this definitely must be limited to _only_ affect new WMS connections. >> > >> > 3. >> > we should add CertificateException which signals a generally wrong >> cert. eg. different host name in cert >> > >> > 4. >> > i'll have a look at the dialog phrasing. it currently just spits out >> "UnverifiedCertificate". let me think of a proper error description. >> > >> > so far ..ede >> > >> > >> > _______________________________________________ >> > Jump-pilot-devel mailing list >> > Jump-pilot-devel@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >> > >> >> >> _______________________________________________ >> Jump-pilot-devel mailing list >> Jump-pilot-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >> > > > _______________________________________________ > Jump-pilot-devel mailing > listJump-pilot-devel@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/jump-pilot-devel > > _______________________________________________ > Jump-pilot-devel mailing list > Jump-pilot-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel >
_______________________________________________ Jump-pilot-devel mailing list Jump-pilot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel
