[jax-rs-spec users] [jsr339-experts] SSL and Authentication affect on client API

From: Bill Burke <>
Date: Thu, 06 Dec 2012 17:45:34 -0500

Here's some thoughts on SSL. Was thinking we'd change/refactor/augment
the CLientFactory class, so it might look like this:

Client client = ClientFactory.factory()
                              .serverTruststore(KeyStore truststore)

Client client = ClientFactory.factory()
                              .serverTruststore(KeyStore truststore)
                              .clientKeyStore(KeyStore keystore)

You might want to have additional methods like

or options for other ways to set up SSL connections.

For non-cert authentication, I was thinking we could do it at the
WebTarget level:

WebTarget target ="https://")
                          .authentication().basic("username", "password");

interface Authentication {
    WebTarget basic(String username, String password);
    WebTarget digest(String username, String password);

interface WebTarget {
    Authentication authentication();

Is that too limiting?

Bill Burke
JBoss, a division of Red Hat