Is there a way to establish the SSL/TLS communication between a Java implementation and some other application? I want my implementation to craft and send the standard protocol communication messages (e.g. ClientHello etc.) and establish a secure connection to the external app by myself.
Related
Just a quick question, can I use SSL in html5 with websockets to communicate with my java server that is using SSLSockets?
I have been trying to connect using another java client using ssl sockets, which works, but I have not tried to do it through html5. Is it even possible?
For the record, I am using github pages to host my server, and I have a custom domain provided by Namecheap and an SSL certificate from Comodo.
Is it even possible to communicate between java and html5 using SSL?
WebSockets are not the same as "normal" TCP sockets but instead a protocol layer on top of TCP. And thus WebSockets over SSL can not communicate directly with SSLSockets. To communicate with WebSockets (with or without SSL) you would need a library implementing the WebSocket protocol.
I have ActiveMQ (JMS) and want to connect multiple clients.
To support SSL security in Java clients, Apache ActiveMQ provides ssl support.
ActiveMQ how-do-i-use-ssl. If you want to verify client certificates, you need to take extra work for every client.
Is a client certificate necessary?
Customers can install the clients themselves, so it is not possible for me to create a certificate for every client.
Is my client connection then secure?
I am just going through the new features of GCM Cloud connection server. On client side this seems fairly easy using the google play services, as described in https://developer.android.com/google/gcm/ccs.html, however for the server side it says:
GCM Cloud Connection Server (CCS) is an XMPP endpoint, running on
http://gcm.googleapis.com port 5235.
CCS requires a Transport Layer Security (TLS) connection. That means
the XMPP client must initiate a TLS connection. For example in smack,
you would call setSocketFactory(SSLSocketFactory), similar to “old
style SSL” XMPP connections and https.
CCS requires a SASL PLAIN authentication mechanism using
#gcm.googleapis.com (GCM sender ID) and the API
key as the password, where the sender ID and API key are the same as
described in Getting Started.
Does that mean I manually have to open a port and parse xml/json or is there some kind of Java API that I can use to implement the server side?
For the GCM Server there is a library, the javadoc is at http://developer.android.com/reference/com/google/android/gcm/server/package-summary.html
There is a demo server app Google has written here at http://developer.android.com/google/gcm/server.html
As I understand you can choose whether you want to use the XMPP service or the old HTTP service. Not sure what the advantage is.
You can use Smack library to work with XMPP in Java.
And here you can find an example code that sends notifications using GCM CCS.
I had set up a system that had a Java program running on a server and a Java applet embedded in a page on a client's browser and the two communicating via Java sockets. I'm wondering if I can switch over from a Java applet to just HTML5 and javascript, using a WebSocket on the client side for communication with the Java socket on the server.
Is there a simple way to make a WebSocket communicate with a Java Socket?
Is there a simple way to make a WebSocket communicate with a Java Socket?
From what I understand, WebSocket works by the client side opening a port 80 connect to the server side, and sending a variant HTTP 1.1 request to the server to negotiate a WebSocket connection. If the server recognizes this, it will send a suitable response, and then allow the still open TCP connection to be used for full-duplex client-server interactions.
It looks like it would be possible to quickly put together a server-side that just understood WebSocket negotation and not full HTTP. However, I think you are better off looking at existing WebSocket implementations, including those embedded in HTTP servers / protocol stacks.
This Wikipedia page compares a number of WebSocket implementations, and should help you in deciding which server-side implementation to use.
But to directly answer your literal question, a WebSocket client can only connect to a WebSocket-aware server; i.e. that one that can perform the initial negotiation. (On the client side, you could implement starting from a bare Socket, but you would need to implement all of the "HTTP stuff" on top of that ... for the setup phase.)
Nope, you cannot communicate using regular sockets with client WebSockets.
WebSockets are special HTTP requests, with an upgrade in the HTTP Header, and a standard protocol to establish a connection (see the official RFC doc).
I implemented a network server with Java ServerSocket and Socket. There's no problem of getting/sending http requests/responses from/to web browsers. However, I want to add authentication ability to the server. I noticed there's such class java.net.Authenticator or java.net.PasswordAuthentication, but I've no idea if I could apply them to the server.
If any of you have used com.sun.httpserver.HttpServer, its authentication is easily supported by com.sun.httpserver.Authenticator which can be set through HttpContext.setAuthenticator() method. Unfortunately, using com.* package may not be allowed in our project. I just want to know if there's any class in java standard packages which can enable me do the same thing as com.sun.httpserver.Authenticator?
I can also implement this by forcing client to provide user and password in http requests, and parse them in the server. But if there's any convenient way, I would be very thankful.
Thanks.
I think, you confuse the network layers.
com.sun.httpserver.HttpServer implements the HTTP protocol and works in the application layer. HTTP defines authentication mechanism, thus com.sun.httpserver.Authenticator is an implementation of the authentication mechanism defined in the HTTP standard.
java.net.ServerSocket and Socket works in the transport layer and implements the TCP protocol. TCP does not define authentication service.
When your client-server communication uses HTTP, you should looking for an HTTP server implementation. IMHO isn't a good idea reimplement a HTTP server based on java.net.* package.
Unfortunately Java SE doesn't contains HTTP server -com.sun.httpserver isn't part of the standard-, but there are many open source and portable implementations. The two widely used is Tomcat and Jetty.