The Java servlet API does not provide a getStatus method for HttpServletResponse until version 3.0. This is a wrapper that provides getStatus for servlet API 2.5 and older. You have to override 4 methods because sendError etc. does not call setStatus . import javax.servlet.*; import javax.servlet.ht... You can plug it in a servlet filter like this: public void doFilter(ServletRequest req, ...

There's no difference between a Java HTTP client and a Java HTTPS client. Ignore JavaWorld Java Tip 96 , it's way too old. The following code gets an HTTP page as well as an HTTPS page. import java.io.*; import java.net.*; pub... There's one catch . If you are using the code on a test server with a self-signed certificate, it fails. In that case, I would suggest that you download the certificate from the server and import it to your keystore as a trusted key. You may also need to add a subject alternative name to the certificate if the host name does not match the certificate. You may also choose to use a custom TrustManager and HostnameVerifier to ignore the certificate verification errors.

To configure Tomcat HTTP Basic Authentication with SSL: Configure web app for basic authentication (add these in web.xml ): <security-constraint> <web-resource-collec... Three elements are needed for this to work: security-constraint with the url-pattern to protect, login-config for the type of authentication method to use, and security-role for the role name(s) used in the security-constraint . Add login info to conf/tomcat-users.xml : <tomcat-users> <role rolename="testUserRole... Turn on SSL in conf/server.xml : <Connector port="8443" protocol="HTTP/1.1" SSLEnab... For default keystore file ${user.home}/.keystore , the keystoreFile attribute can be omitted. Otherwise, add keystoreFile="/path/to/keystore/file" . The setup is different if you are using APR .

Use the urlparse module to parse a URL into parts. The urlparse function parses a URL into six components, returning a 6-tuple. This corresponds to the general structure of a URL: scheme://netloc/path;parameters?query#fragment >>> from urlparse import urlparse >>> parts = u...

Create an openssl configuration file which enables subject alternative names ( openssl.cnf ): [req] distinguished_name = req_distinguished_... Create a certificate request using above configuration file: C:\work>openssl req -new -key testServer.key -out ... Verify the request was created successfully: C:\work>openssl req -text -noout -in testServer.cs... (Optional) self-sign the certificate request: C:\work>openssl x509 -req -days 3650 -in testServe...

This utility class retrieves SSL certificates from the server and print them out to the stdout. The output can be saved to a file and imported to a Java keystore. This is useful in your test environment where the SSL certificate is self-signed. import java.io.InputStream; import java.io.Outp... Retrieve and import the a certificate: E:\test>java RetrieveSSLCert 192.168.69.144 8081 >...

For Java SSL, this occurs when the hostname in your request does not match the common name (CN) in the server certificate. There are two options: Change code, plugin a HostnameVerifier that always return true: URL url = new URL("https://www.theserver.local"); ... Create a test server certificate that includes subject alternative names matching the one you are using in your code.

The .pfx is a PKCS #12 file. Follow these steps to create one that can be imported to IIS: Create the key and cert files as usual . Concatenate the key and cert: cat testServer.key testServer.crt >iisimport.pem Create the PKCS 12 file with openssl: openssl pkcs12 -export -in iisimport.pem -out iisi...

To use an alternative keystore for Java, set the system property javax.net.ssl.trustStore to the alternative keystore: java -Djavax.net.ssl.trustStore=./testKeystore.jks... Even though the default keystore for keytool is $HOME/.keystore , it is not the default keystore used when you run a Java program. To use your keytool default keystore, you have to use -Djavax.net.ssl.trustStore=$HOME/.keystore .

A task that a Java developer does so frequently is to find out where a certain class can be found - to resolve compilation errors, classpath issues, or version conflicts of the same class introduced by multiple class loaders. A long while back I wrote a simple Perl script to perform the task. Later I was informed that there are Swing based Jar Browser and Jars Browser . Then, there are a couple of shell one-liners: # one liner 1 find -name "*.jar" -print0 | xarg... But all of them share the same problem: if a class is in a jar nested in another jar, it cannot be found. Such is the case for a class inside a jar under the WEB-INF/lib directory of a...