We are still using HttpClient 4.01 and were considering upgrading to 4.1, but I see a feature we were using is gone. In 4.01, there was a DEFAULT_FACTORY which was the defined from HttpsURLConnection.getDefaultSSLSocketFactory();
This was very useful to us. The reason for this was because our app is launched by Java Webstart. When using the default socket factory, we can benefit from Webstart handling the prompting for things like host name verification. More importantly, however, was webstart's ability to interface with the Window's keystore. We have a client that uses certificated based authentication for their SSL connections. Using the default socket factory makes everything just work. The users would get prompted for a certificate and then they could activate it off their hardware devices. (Presumably, then, the SSL encryption is handled by the device. I have no idea how I would do this without webstart.) I guess I would like to know what is my best path to take to get this working. Could I just subclass it and then override the connectSocket() methods? I noticed that the javax SSLSocketFactory has similar createSocket() methods... Thanks, Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
