001: /*
002: * $Id: HttpsURLConnection.java,v 1.4 2005/11/30 11:27:27 ss150821 Exp $
003: * $Source: /m/portal/ps/srap/src/com/sun/portal/rproxy/https/HttpsURLConnection.java,v $
004: * $Log: HttpsURLConnection.java,v $
005: * Revision 1.4 2005/11/30 11:27:27 ss150821
006: * 6356996 - Srap Code base needs to save files in the unix file format and not windows
007: *
008: * Revision 1.3 2005/02/23 09:02:01 ss150821
009: * RFE 6223490 - SRA Should use JDK based logging
010: *
011: * Revision 1.2 2005/02/23 08:59:22 ss150821
012: * RFE 6223490 - SRA Should use JDK based logging
013: *
014: * Revision 1.1 2002/06/14 09:53:56 rt130506
015: * SRAP rebranding
016: *
017: * Revision 1.2 2002/06/11 16:02:08 bv131302
018: * new branded
019: *
020: * Revision 1.1 2002/05/28 09:38:19 mm132998
021: * Bug id - 4692062 , CRT - 1215 , Desc - Support for iDSAME in https mode.
022: *
023: *
024: */
025: /*
026: * %W% %E%
027: *
028: * Copyright (c) %G% Sun Microsystems, Inc. All Rights Reserved.
029: */
030:
031: package com.sun.portal.rproxy.https;
032:
033: import java.io.IOException;
034: import java.net.URL;
035:
036: import org.mozilla.jss.crypto.X509Certificate;
037:
038: import sun.net.www.http.HttpClient;
039: import sun.net.www.protocol.http.HttpURLConnection;
040:
041: /**
042: * HTTPS URL connection support. These URL connection classes are not always
043: * made public, but this one needs to be public in order to expose SSL-related
044: * information which must needs to be presented to users.
045: *
046: */
047: public class HttpsURLConnection extends HttpURLConnection {
048: /**
049: * Returns a connection to an HTTPS server.
050: *
051: * @param URL
052: * identifies the HTTPS server to connect with.
053: */
054: protected HttpClient getNewClient(URL url) throws IOException {
055: return new HttpsClient(url);
056: }
057:
058: /**
059: * We don't support HTTPS through proxies, since that compromises the
060: * expectation that SSL traffic is normally confidential.
061: *
062: * @param url
063: * ignored
064: * @param proxyHost
065: * ignored
066: * @param proxyPort
067: * ignored
068: * @throws IOException
069: * always
070: */
071:
072: // May want to revisit this, since this entry point is used only for
073: // the case of a "secure" server saying "go use that proxy". If we
074: // proxy, the client's security expectations (no eavesdropping) may
075: // be compromised, but we can assume that it's OK with the server.
076: //
077: // Probably need a user interaction to approve this, if we ever
078: // support this scenario. Or perhaps some other interaction with
079: // a networked policy server.
080: protected HttpClient getProxiedClient(URL url, String proxyHost,
081: int proxyPort) throws IOException {
082: throw new IOException("HTTPS proxying not supported");
083: }
084:
085: /*
086: * Initialize an HTTPS URLConnection ... could check that the URL is an
087: * "https" URL, and that the handler is also an HTTPS one, but that's
088: * established by other code in this package.
089: */
090: public HttpsURLConnection(URL url, Handler handler)
091: throws IOException {
092: super (url, handler);
093: }
094:
095: /**
096: * Implements the HTTP protocol handler's "connect" method, establishing an
097: * SSL connection to the server as necessary.
098: */
099: public void connect() throws IOException {
100: if (connected) {
101: return;
102: }
103: if ("https".equals(url.getProtocol())) {
104: http = HttpsClient.New(url);
105: connected = true;
106: } else
107: super .connect();
108: }
109:
110: /**
111: * Returns the cipher suite in use on this connection.
112: */
113: public String getCipherSuite() {
114: return ((HttpsClient) http).getCipherSuite();
115: }
116:
117: /**
118: * Returns the server's X.509 certificate chain, or null if the server did
119: * not authenticate.
120: */
121: public X509Certificate[] getServerCertificateChain() {
122: return ((HttpsClient) http).getServerCertificateChain();
123: }
124:
125: }
|