Home.... | log in.... | Pub my question! | Sign-up....

Java-index >> Security >> Java Secure Socket Extension (JSSE)

JSSE in JDK 1.4 and java.nio.channels

Anyone know if there is a way to use the non-blocking I/O in JDK1.4 with SSL sockets. I've looked and no way seems immediatly clear, but perhaps its done differently than for regular non-blocking sockets.Thanks.

[233 byte] By [eduardoF] at [2007-9-26 4:21:42]

«« To change Java cup Icon with custom icon in the dialog box ?
»» First-class objects

# 1

i found this article :

While Java's secure socket API (in package javax.net.ssl) parallels that of regular sockets, there are no classes that correspond to the new java.nio.channels.SocketChannel and java.nio.channels.ServerSocketChannel classes in the non-blocking I/O package. This is unfortunate because their omission prevents Java application developers from using new features such as non-blocking connection (SSL handshaking on connection can take a significant amount of time), asynchronous channel closure, and channel interrupt.

The word from Sun is that support will appear in a later release. Until then, you'll have to glue non-blocking I/O channels and secure sockets together by hand.

david.didier at 2007-6-29 17:26:03 >

top of Java-index,Security,Java Secure Socket Extension (JSSE)...

# 2

The message suggests trying to glue non-blocking I/O channels and secure sockets together by hand.

How?

You can't alter the socket in a SocketChannel to stick in an SSL Socket. Having one thread per open SSL connection is not really a tenable solution if you expect most clients to connect via SSL because of a desire to make a secure application on your server.

Anybody know what they mean by "later release"?

bradtem at 2007-6-29 17:26:03 >

# 3

Could you elaborate on why you say one thread per SSL connection is not a tenable solution? Thanks.

rlblanken at 2007-6-29 17:26:03 >

# 4

Can someone tell me if there is a work around for this?

srinivasand at 2007-6-29 17:26:03 >

# 5

Hi,I've read the 'glue together by hand' comment elsewhere - and I still don't know what it means. Can anyone direct me to an article on this, or post some clues here?ThanksPaul Tetley

paultetley at 2007-6-29 17:26:03 >

# 6

You can't. It just seems that you can. Syntactically, you can glue things together by hand like this:

SocketChannel socketChannel = SocketChannel.open(...);

SSLSocket sslSocket = (SSLSocket)SSLSocketFactory.createSocket(socketChannel.socket(), ...);

or like this:

SSLSocket sslSocket = (SSLSocket)SSLSocketFactory.createSocket(host,port);

ReadableByteChannel rbc = Channels.newChannel(sslSocket.getInputStream());

WritableByteChannel wbc = Channels.newChannel(sslSocket.getOutputStream());

However this is of no use: it won't execute, because the SSLSocket will object, or react badly, to being put into non-blocking mode. We have to wait for Sun.

EJP

ejp at 2007-6-29 17:26:03 >

# 7

By the way, great information EJB! Is this still true? It appears that non-blocking with the current SSL hierarchy is a no no. Is that right?

I tried looking throught he stuff, and I see the SSL handshaking stuff in the impl classes, and I'm guess that code relies on not moving forward until something's been written.

Is there any offical blurb from Sun on this?

Thanks!

-Thomas

TomJava333e at 2007-6-29 17:26:03 >

# 8

Still true. I read somewhere, possibly the Bug Parade or the java-security mailing list, that SSL channels are planned for JDK 1.5.EJP

ejp at 2007-6-29 17:26:03 >

# 9

Ho humm... I guess it's multiple threads for now.By the way... please excuse my "EJB"... I see it's ejp. thanks again!Best,Thomas

TomJava333e at 2007-6-29 17:26:03 >

# 10

I have the opposite problem, I frequently type EJP when I'm trying to type EJB!EJP

ejp at 2007-6-29 17:26:03 >

# 11

:) lol

TomJava333e at 2007-6-29 17:26:03 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

JSSE in JDK 1.4 and java.nio.channels

Security New Topic

Security Hot Topic

Security

All Classified