3 Replies Latest reply on Jun 30, 2004 10:34 AM by wolfj

    org.jboss.security.ignoreHttpsHost property fails because of

      I needed a HostnameVerifier implementation that would accept all hostnames for JNDI over HTTPS, so I tried running JBoss 3.2.3 using the -Dorg.jboss.security.ignoreHttpsHost=true flag.

      Unfortunately, even though I'm using J2SDK 1.4.2, the HttpsURLConnection implementation being passed into the org.jboss.invocation.http.interfaces.Utils.configureHttpsHostVerifier() method is a
      com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.

      And since that class does not extend javax.net.ssl.HttpsURLConnection, the configureHttpsHostVerifier method fails to set the AnyhostVerifier as the hostnameVerifier.

      My question is, why is this old implementation being used at all? How do I set up JBoss not to use the com.sun.net.* classes so the ignoreHttpsHost flag will work and/or what's the best way to plug in my own HostnameVerifier implementation into the mix?

        • 1. Re: org.jboss.security.ignoreHttpsHost property fails becaus

          One thing that seemed to solve the problem was by commenting out the if statement check to ensure the passed in connection is of the javax.net.* kind in the configureHttpsHostVerifier method in class
          org.jboss.invocation.http.interfaces.Util

          Is there an easier way?

          • 2. Re: org.jboss.security.ignoreHttpsHost property fails becaus
            starksm64

            The connection type is determined by the https url provider. Under jdk1.4.2 I would expect this to be the newer javax.sql.* classes. The older classes are used when running with jdk1.3 and the jsse.jar extension classes. See if you can track down why the HttpURLConnection is returning a legacy version of the connection.

            • 3. Re: org.jboss.security.ignoreHttpsHost property fails becaus

              You're right, I had a slippery JAVA_OPT variable causing the VM to use the older version. Getting rid of that solved that problem...unfortunately, a similar problem is now occuring in org.jboss.mq.il.http.HTTPClient because it expects the com.sun.net implementation of HttpsURLConnection, and as a result, the ignoreHttpsHost flag isn't being checked.

              I can always use your org.jboss.invocation.http.interfaces code to make HTTPClient a little more 1.4 friendly.

              Thanks for your help.