import javax.servlet.*; import javax.servlet.http.*; import java.io.*; import java.net.*; import javax.net.ssl.*; /** * SSLClientServlet demonstrates how to connect to a secure * server via SSL using the Java Secure Socket Extension API. */ public class SSLClientServlet extends HttpServlet { /** * Present the user with an HTML form that allows them to * choose a secured resource to access and the method by which * to access this resource (via Socket or URL object). */ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println(""); out.println(""); out.println("SSL Client Servlet"); out.println(""); out.println(""); out.println("

SSL Client Servlet

"); out.println("
"); out.println("Secure URL To Retrieve: "); out.println("

"); out.println("Connect Using the Following Java Object:
"); out.println(" Socket
"); out.println(" URL

"); out.println(""); out.println("
"); out.println(""); out.close(); } /** * Requests the cotents of a secure Web site and returns the * information non-secure back to the client. */ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String secureURL = request.getParameter("SecureURL"); String socketURL = request.getParameter("SocketURL"); try { BufferedReader in = null; //register JSSE SSL implementation as new security provider java.security.Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider()); if (socketURL.equals("Socket")) { in = getPageViaSocket(secureURL); } else { in = getPageViaURL(secureURL); } String nextLine; //read input from secure connection while ((nextLine = in.readLine()) != null) { out.println(nextLine); //return each line to client } in.close(); out.close(); } catch (Exception e) { out.println(""); out.println("Network Error"); out.println(""); out.println("

Connection Error

"); out.println(e.getMessage()); out.println(""); } } /** * Establishes a secure socket connection to a secure resource. * The /index.html file is then requested and the HTTP headers * returned from the secure server are discarded before * returning the input stream to the calling method. * * @param secureURL URL of secure resource to retrieve * @return BufferedReader Input stream to secure resource */ private BufferedReader getPageViaSocket(String secureURL) throws Exception { //open Socket to secure resource using SSLSocketFactory Socket socket = SSLSocketFactory.getDefault().createSocket( secureURL, 443); //send HTTP request for /index.html to secure server PrintWriter out = new PrintWriter(new BufferedWriter( new OutputStreamWriter(socket.getOutputStream()))); out.println("GET http://" + secureURL + "/index.html HTTP/1.1"); out.println(); out.flush(); //get input stream to secure resource BufferedReader in = new BufferedReader(new InputStreamReader( socket.getInputStream())); //discard all HTTP headers from input stream String nextLine; while ((nextLine = in.readLine()) != null) { if (nextLine.trim().equals("")) { break; //reached blank line following HTTP headers } } return in; //return input stream to secure resource } /** * Use the URL object to create an input stream to the secure * resource. * * @param secureURL URL of secure resource to retrieve * @return BufferedReader Input stream to secure resource */ private BufferedReader getPageViaURL(String secureURL) throws Exception { //to avoid a MalformedURLException, this property must be set System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); //create URL object representing the secure resource URL url = new URL("https://" + secureURL); //return an input stream to the secure resource return new BufferedReader(new InputStreamReader( url.openStream())); } }