JSS Sockets and HttpClient

The Java bindings for the Network Security Services (NSS) Library is called JSS. NSS provides a key management scheme that is different enough from both standard Java and OpenSSL that trying to do standard Java Socket operations using the Apache HttpClient requires a little bit of extra work.

The guide here   walks you through the general case.  The equivalent Socket Factor for JSS is :

 

package org.fedoraproject.pki.test;

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;

import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
import org.mozilla.jss.ssl.SSLSocket;

public class JSSProtocolSocketFactory implements ProtocolSocketFactory
{
    @Override
    public Socket createSocket(String host, int port, InetAddress localAddress,
            int localPort) throws IOException, UnknownHostException
    {
        return new SSLSocket(host, port, localAddress, localPort);
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localAddress,
            int localPort, HttpConnectionParams params) throws IOException,
            UnknownHostException, ConnectTimeoutException
    {
        return new SSLSocket(host, port, localAddress, localPort);
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException,
            UnknownHostException
    {
        return new SSLSocket(host, port);
    }

}

The code to register and use the Socket Factory is:

Protocol.registerProtocol("https", 
                new Protocol("https", new JSSProtocolSocketFactory(), 8443));        
HttpClient client = new HttpClient();
HttpMethod method = new GetMethod("https://" + HOSTNAME + ":8443/ca/agent/ca/listCerts");
client.executeMethod(method);
byte[] responseBody = method.getResponseBody();
method.releaseConnection();
System.out.println(new String(responseBody));

2 thoughts on “JSS Sockets and HttpClient

  1. hello man , i needed some help on this topic
    could you provide me some code for actually
    i am trying to download a file from a https server .i am not able to
    get past the login page its like i have the URL say
    https://www.something /x.pdfand i have the user name and password .i
    want some code in java where i can authenticate and download thefile
    x.pdf on my home …plz let me know the solution..could you help me
    out i am not able to workaround the java security ssl thing

  2. Login page? They’re probably using Form based authentication, in which case you have to send one request, which will get a redirect to the form page. Send a second request to send UID and password to the form, and then a third request to actually download the document…or it might only be two, as once you submit the UID and password, they should honor your original request.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>