Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Java SSL TrustManager

843811Apr 13 2005 — edited Apr 15 2005
Hello,

I'm doing a simple project which concist in creanting a SSL Socket client. This client must connect to a SSL server with a "false" certificate. So it seems that I need to create a trustmanager which accept all the certificate.

Afer serching on internet and on this forum, I wrotte a code which seems ok. But I still have the pb tha the certificate fron the server is not valid !!

Can someone could help me , please ....

Here is all the code of my client (very short):

public class SSLClient2 {
	
	public static final String TARGET_HTTPS_SERVER = "www-appn.comp.nus.edu.sg";
 	public static final int    TARGET_HTTPS_PORT   = 443;
	
	public static void main(String[] args) {
		
		String reqGet = "GET / HTTP/1.1\n\n";
		
	    // Create a trust manager that does not validate certificate chains
		TrustManager[] trustAllCerts = new TrustManager[]{
	 		new X509TrustManager() {
	            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
	            	return null;
	            }
	            public void checkClientTrusted(
	                java.security.cert.X509Certificate[] certs, String authType) {
	            }
	            public void checkServerTrusted(
	                java.security.cert.X509Certificate[] certs, String authType) {
	            }
	        }
	    };
	 
	    // Install the all-trusting trust manager
	    try {
	    	SSLContext sc = SSLContext.getInstance("SSL");
	        sc.init(null,trustAllCerts , new java.security.SecureRandom());
	        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
	    } catch (Exception e) {
	    }
	    //create socket and send/receive stream
	    try {
			Socket socket = SSLSocketFactory.getDefault().createSocket(TARGET_HTTPS_SERVER, TARGET_HTTPS_PORT);//create socket
			
			//output stream
			OutputStream out = socket.getOutputStream();
			out.write(reqGet.getBytes());//send the request (i don't mind if the format is right, the server doesn't care)
			out.flush();
			
			//input stream
			BufferedReader in = new BufferedReader(
			           new InputStreamReader(socket.getInputStream())), "ISO-8859-1"));
			        String line = null;
			        while ((line = in.readLine()) != null) {
			           System.out.println(line);
			        }
		} catch (MalformedURLException e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}  
	}
}

Comments

Franck N

Hi,

i will say yes:

  • If Oracle Application Express is installed and if RESTful services have been configured during the installation (see the step Configure RESTful Services in Oracle Application Express Installation Guide), then Oracle REST Data Services supports it, including executing the RESTful services defined in Oracle Application Express.
  • Oracle REST Data Services system requirements when it comes to the DB are as follows:
    • Oracle Database (Enterprise Edition, Standard Edition or Standard Edition One) release 11.1 or later, or Oracle Database 11gRelease 2 Express Edition.
  • When it comes to APEX: version  5.1  is  ok :

APEX_REST_PUBLIC_USER

Only if using RESTful Services defined in Application Express of version 5.0 or above.

The database user used when invoking Oracle Application Express RESTful Services if RESTful Services defined in Application Express workspaces are being accessed

APEX_LISTENER

Only if using RESTful Services defined in Application Express of version 5.0 or above.

The database user used to query RESTful Services definitions stored in Oracle Application Express if RESTful Services defined in Application Express workspaces are being accessed

changes in Oracle REST Data Services

regards,

Franck

1 person found this helpful
1 - 1
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on May 13 2005
Added on Apr 13 2005
#java-secure-socket-extension-jsse
1 comment
732 views