W3C home > Mailing lists > Public > www-jigsaw@w3.org > November to December 2003

Re: HttpManager - problem with HTTPS protocol

From: Yves Lafon <ylafon@w3.org>
Date: Tue, 4 Nov 2003 14:03:32 +0100 (MET)
To: Ranjan Darbha <nagaranjand@vedams.com>
Cc: www-jigsaw@w3.org
Message-ID: <Pine.GSO.4.58.0311041401560.17055@gnenaghyn.vaevn.se>

On Mon, 3 Nov 2003, Ranjan Darbha wrote:

> Hi Yves,
>
> I found a problem with a piece of code in
> org.w3c.www.protocol.http.HttpManager.java file. Please confirm whether it
> really is a problem ? And if it is, whether the code given by me would
> nullify it ?

HttpManager is related only to HTTP, and is not handling HTTPS. To do so,
a HttpsManager would be required, so the check is valid as the HttpManager
should not be used to handle HTTPS requests.
Maybe I should add something to fail when the https scheme is detected.
Thanks,

>
> I think, here the cases with URLs with protocol's default port are not
> handled, where URL.getPort() returns -1. (HTTP - 80 and HTTPS - 443)
>
> #1 - code having problem:
> Class: org.w3c.www.protocol.http.HttpManager.java
> Method: runRequest(Request request)
>
>       if ( proxy != null )
>          srv = lookupServer(proxy.getHost(), proxy.getPort());
>       else
>          srv = lookupServer(target.getHost(), target.getPort());
>
> #1 - code suggested:
>
>       if ( proxy != null ) {
>          srv = lookupServer(proxy.getHost(), proxy.getPort());
>       }
>       else {
>          if(target.getProtocol().equals("https") && target.getPort() == -1)
>               srv = lookupServer(target.getHost(), 443);
>          else if(target.getProtocol().equals("http") && target.getPort()
> == -1)
>               srv = lookupServer(target.getHost(), 80);
>          else
>               srv = lookupServer(target.getHost(), target.getPort());
>       }
>
>
> Though I see a similar problem even in getServerKey(Request request) method,
> not sure that it is a problem.
>
> thanks,
> Ranjan.
>
>
> ----- Original Message -----
> From: "Yves Lafon" <ylafon@w3.org>
> To: "Ranjan Darbha" <nagaranjand@vedams.com>
> Cc: <www-jigsaw@w3.org>
> Sent: Thursday, October 30, 2003 2:04 PM
> Subject: Re: COPY and MOVE methods not working in SSL mode
>
>
>
> On Thu, 30 Oct 2003, Ranjan Darbha wrote:
>
> > Thank you Yves,
> >
> > It's working.
> >
> > It will be helpful if you can tell me the classes that have been changed
> to
> > make this work.
>
> Only org.w3c.jigsaw.webdav.DAVFrame, you can get the diff from [1]
>
> [1]
> http://dev.w3.org/cvsweb/java/classes/org/w3c/jigsaw/webdav/DAVFrame.java.di
> ff?r1=1.34&r2=1.35&f=h
>
>
> >
> > Thank you,
> > Ranjan.
> >
> >
> > ----- Original Message -----
> > From: "Yves Lafon" <ylafon@w3.org>
> > To: "Ranjan Darbha" <nagaranjand@vedams.com>
> > Cc: <www-jigsaw@w3.org>
> > Sent: Thursday, October 30, 2003 6:27 AM
> > Subject: Re: COPY and MOVE methods not working in SSL mode
> >
> >
> > I did some more coding, can you get the jar located at [1] and tell me if
> > it works in you case?
> > Thanks,
> >
> > [1] http://jigsaw.w3.org/Devel/classes-2.2/20031030/
> >
> > > > > Hi all,
> > > > >
> > > > > Jigsaw-WebDAV is working well in HTTP mode. But, I am facing
> problems
> > in
> > > > > COPY and MOVE methods, while working in HTTPS mode. I configured the
> > > > > Jigsaw server to run WebDAV. It is working well with PROPFIND, PUT
> and
> > > > > other methods. But, it is giving a problem when COPY and MOVE
> methods
> > > > > are called. It's giving "500 Internal Server Error".
> > > > >
> > > > > I observed that when the request processing is done by directly
> > getting
> > > > > the information from the client then it is working, but when the
> > request
> > > > > processing is done by getting the information from within the server
> > > > > then it is not working. For COPY and MOVE methods, the processing is
> > > > > done at the server itself unlike the PUT method where the source
> > > > > resource is uploaded from a client.
> > > >
> > > > The main issue there is that copy and move are using plain HTTP to
> > access
> > > > files instead of HTTPS. I'll look into that, at least for the case
> where
> > > > both collections are on the same server.
> > > > If someone have made a SSL enabled HTTP stack based on Jigsaw's and
> > would
> > > > contribute it, it would be real nice :)
> > > > Thanks,
> > > >
> > > > --
> > > > Yves Lafon - W3C
> > > > "Baroula que barouleras, au tiéu toujou t'entourneras."
> > > >
> > >
> > >
> >
> > --
> > Yves Lafon - W3C
> > "Baroula que barouleras, au tiéu toujou t'entourneras."
> >
>
> --
> Yves Lafon - W3C
> "Baroula que barouleras, au tiéu toujou t'entourneras."
>

-- 
Yves Lafon - W3C
"Baroula que barouleras, au tiéu toujou t'entourneras."
Received on Tuesday, 4 November 2003 08:03:43 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 April 2012 12:13:36 GMT