Subject: Re: Jython and SSL
Date: Tuesday 6th February 2007 14:44:46 UTC (over 10 years ago)
Hi Philipp, The Python SSL libraries use a C implementation that would be non- trivial to port to Jython. Furthermore, it is a longstanding bug that the Python SSL implementation performs no certificate validation. That's like using an armored truck to deposit your paycheck to the bank, but never actually verifying that the guy you hand the check to is really the right guy. Java, however, gets it right. Can you use the Java libraries instead? Here's what I do (in Jython 2.1): Cheers! James from com.sun.net.ssl.HttpsURLConnection import * #... System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol") loginURL = URL(service.getLoginURL()) conn = loginURL.openConnection() self.status('Talking to %s...' % (loginURL)) referer = service.getReferer() if referer is not None: conn.setRequestProperty('Referer', referer) # We need both output and input conn.setDoInput(True) conn.setDoOutput(True) conn.setUseCaches(False) # Get the password password = service.getPassword() if password is None: password = self.getPassword('%s password' % (service.name)) elif password == '__useKeychain__': password = self.getPasswordFromKeychain(service.name, service.username) out = PrintWriter(conn.getOutputStream()) out.print('username=%s&password=%s' % ( URLEncoder.encode(service.username), URLEncoder.encode(password))) for opt in service.options: out.print('&%s' % (opt)) # out.print('&foo=bar') # workaround for mower bug out.flush() out.close() On Feb 6, 2007, at 09:28 , Philipp Walther wrote: > Hi all, > > I'm quite new to Jython, so please bear with me if this has been > discussed already somewhere.. > > I'm trying to do a HTTPS Post with Client Authentication on a Windows > Server, but I have > no SSL available it seems.. > > My code: > import httplib > conn = httplib.HTTPSConnection(HOSTNAME,key_file = > KEYFILE,cert_file > = CERTFILE) > conn.putrequest('POST', '/invoke/ATR.B2B.Inbound.IDOC/ORDERS') > conn.putrequest('Content-Type', 'application/x-www-form- > urlencoded') > conn.endheaders() > conn.send(partbodygoesinhere) > response = conn.getresponse() > print response.read() > > > But when executed I get: > Traceback (innermost last): > File "