https problem, should I go back to 1.3?

  • Thread starter G. Garrett Campbell
  • Start date
G

G. Garrett Campbell

I am having trouble posting data via https:

I am attempting to log into remote sites with a user/password.
I can get the login page vis https: with jre 1.5 or 1.6. In deed it looks
like the jre is doing the
handshakes and decryption.

But when I construct the post, it fails.

1. I did check the cookies and set those to the values returned on the log
in page
(Do these get encrypted?)
2. I wrote a servlet to display the cookies and post data. They look
correct.
(I downloaded the login in page, changed the https reference to
http://localhost:8080/ etc.
This actually test any javaScript on the page.)

I have read various comments on the web from 2001, 2002, 2003 saying that
java version
1.3 uses the browser to manage the https process.

Does any one have an idea how to disable the JSSE stuff in jre 1.5 or 1.6 so
that I can test that
old procedure?

Any ideas on comparing the browser https exchange and comparing in to the
jsse transmissions?

Could the remote site be detecting the transmission from jre and saying "I
don't like communicate
with java, I will disable the post!" Doing the transaction via the browser
is OK.

How is the posted data encrypted? Do I actually need a local certificate?
The browser does not
seem to need anything special.

___________

I is especially had to diagnose something which is encrypted!

Thanks for any suggestions
Garrett
 
E

Esmond Pitt

G. Garrett Campbell said:
But when I construct the post, it fails.
Click to expand...

Fails *how*?
I have read various comments on the web from 2001, 2002, 2003 saying that
java version
1.3 uses the browser to manage the https process.
Click to expand...

Java 1.3 had the JSSE package for SSL, and it was folded into 1.4. What
they may have meant was that Java 1.3 running in a browser might use the
browser's SSL if JSSE wasn't present.
Does any one have an idea how to disable the JSSE stuff in jre 1.5 or 1.6 so
that I can test that
old procedure?
Click to expand...

There's no advantage in going back to that even if you could.

Any ideas on comparing the browser https exchange and comparing in to the
jsse transmissions?
Click to expand...

Why? What actual problem are you having? If the handshake succeeded,
JSSE or SSL is not the culprit here.
Could the remote site be detecting the transmission from jre and saying "I
don't like communicate
with java, I will disable the post!" Doing the transaction via the browser
is OK.
Click to expand...

It could be deciding that based on the User-agent heading in HTTP. Again
this is nothing to do with SSL.
How is the posted data encrypted?
Click to expand...

By SSL depending on the negotiated cipher suite.
> Do I actually need a local certificate?
The browser does not
seem to need anything special.
Click to expand...

If the server asks for a certificate and you don't have one the
handshake will fail. If the handshake succeeds, the certificate isn't
the problem.
I is especially had to diagnose something which is encrypted!
Click to expand...

Not really. If the handshake succeeds you can get the plaintext. If it
fails you need to trace the handshake and find out why.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Express router not routing to correct route due to problem with passport 0
Custom Minecraft launcher client error; I think regarding java 0
https acess aspx 0
Never go back to login Form 1
http to https redirect 4
http to https redirect 4
Java https client problem 6
HTTPS Post Bad Request 0

Members online

No members online now.
Total: 23 (members: 0, guests: 23)
Robots: 106

Forum statistics

Threads
473,786
Messages
2,569,625
Members
45,320
Latest member
icelord

Latest Threads

Top