Hi Nick,
>
> I've read the SSLEchoServer example, but this only works during the
> initialisation phase and I can't see how to set up the socket in an
> adhoc manner.
>
> java.security.Security.addProvider(new
> com.sun.net.ssl.internal.ssl.Provider());
> SSLSocketFactory factory = protocol.getSslSocketFactory();
> Socket oldSocket = getSocket();
> final SSLSocket newSocket = (SSLSocket)
> factory.createSocket(
> oldSocket,
> oldSocket.getLocalAddress().getHostName(),
> oldSocket.getLocalPort(), true);
>
> newSocket.setNeedClientAuth(protocol.isRequireClientCert());
> newSocket.setUseClientMode(false);
> response.setSocketOverride(newSocket);
In Grizzly we don't use SSLSocket, cause it works only in blocking mode.
The way, how SSL works in NIO - is to associate SSLEngine with non
blocking channel, so SSLEngine holds the SSL state of related channel
[1].
You're right SSLEcho example initializes SSL just at startup time,
using SSLContextConfigurator, SSLEngineConfigurator. At runtime you
can deal directly with Channel's associated SSLEngine.
SSLEngine sslEngine =
SSLResourcesAccessor.getInstance().getEngine(connection);
Let us know, if you have additional questions.
WBR,
Alexey.
[1]
http://www.onjava.com/pub/a/onjava/2004/11/03/ssl-nio.html
>
>
> Thanks
>
> Nick
>
> Get the New Internet Explore 8 Optimised for MSN. Download Now