billbarker 2002/09/18 22:09:28
Modified: util/java/org/apache/tomcat/util/net JSSESocketFactory.java
Log:
Fix problem with JSSE not honoring "clientauth".
Now there should be now reason for anyone to believe that CertificatesValve should
be used ever with the CoyoteConnector. :-)
Revision Changes Path
1.3 +16 -2
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java
Index: JSSESocketFactory.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- JSSESocketFactory.java 18 Sep 2002 15:10:04 -0000 1.2
+++ JSSESocketFactory.java 19 Sep 2002 05:09:28 -0000 1.3
@@ -161,7 +161,18 @@
//determine whether we want client authentication
// the presence of the attribute enables client auth
- clientAuth = null != (String)attributes.get("clientauth");
+ String clientAuthStr=(String)attributes.get("clientauth");
+ if(clientAuthStr != null){
+ if(clientAuthStr.equals("true")){
+ clientAuth=true;
+ } else if(clientAuthStr.equals("false")) {
+ clientAuth=false;
+ } else {
+ throw new IOException("Invalid value '" +
+ clientAuthStr +
+ "' for 'clientauth' parameter:");
+ }
+ }
String keyPass=(String)attributes.get("keypass");
if( keyPass==null) keyPass=defaultKeyPass;
@@ -224,11 +235,14 @@
public Socket acceptSocket(ServerSocket socket)
throws IOException
{
+ SSLSocket asock = null;
try {
- return socket.accept();
+ asock = (SSLSocket)socket.accept();
+ asock.setNeedClientAuth(clientAuth);
} catch (SSLException e){
throw new SocketException("SSL handshake error" + e.toString());
}
+ return asock;
}
/** Set server socket properties ( accepted cipher suites, etc)
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
