Netty https (TLS) Session Duration: Why Revision?

Question

Netty https (TLS) Session Duration: Why Revision?

I have a 100% https web server that is redefining TLS. This is very useful so that users can access the site and get some good pages before clicking on the login button and requesting their client certificate. The following is part of the code that performs revision line 213-236 of class X509Cert

import org.jboss.netty.handler.ssl.SslHandler

val sslh = r.underlying.context.getPipeline.get(classOf[SslHandler])

trySome(sslh.getEngine.getSession.getPeerCertificates.toIndexedSeq) orElse {
  if (!fetch) None
  else {
    sslh.setEnableRenegotiation(true) // todo: does this have to be done on every request?
    r match {
      case UserAgent(agent) if needAuth(agent) => sslh.getEngine.setNeedClientAuth(true)
      case _ => sslh.getEngine.setWantClientAuth(true)
    }
    val future = sslh.handshake()
    future.await(30000) //that certainly way too long.
    if (future.isDone && future.isSuccess)
      trySome(sslh.getEngine.getSession.getPeerCertificates.toIndexedSeq)
    else
      None
  }
}

, - X509, , - , 10 , , , 1 . , , "fetch" false. , - , .

, , sslh.handshake() , X509. "" "", "".

, -, ?

PS.

WebID
netty 3.2.5Final. 3.2.7Final .
, , (. ). , .

+5

scala ssl https session netty

Henry Story 04 . '12 17:25

1

Henry Story · Answer 1 · 2012-03-11T19:28:42+0000

, netty. Play 2.0.

215 Play2.0 111: TLS

Netty https (TLS) Session Duration: Why Revision?

More articles: