Using Secure Socket Layer with Java

The Secure Socket Layer puts the "S" in HTTPS. To communicate with the UPS Online Tools Server you must combine the technology of HTTP with the technology of SSL. SSL is a security protocol that provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. This protocol was originally developed by Netscape Communications and has now become an industry standard.

A protocol is a set of rules or procedures. SSL technology takes a message and runs it through a set of steps that �scrambles� the message. This is done so that the message cannot be read while it is being transferred. This �scrambling� is called Encryption. When the message is received by the intended recipient, SSL unscrambles the message, checks that it came from the correct sender (Server Authentication) and then verifies that it has not been tampered with (Message Integrity).

SSL makes use of Digital Certificates to authenticate one or both parties of an Internet transaction. A digital certificate is a means of binding the details about an individual or organization to a public key and serves two purposes:

It provides a cryptographic key that allows another party to encrypt information for the certificate's owner.
It provides a measure of proof that the holder of the certificate is who they claim to be; otherwise, they will not be able to decrypt any information that was encrypted using the key in the certificate.

For more information on SSL, view the SSL 3.0 specifications at http://home.netscape.com/eng/ssl3/.

Two vendor-specific implementations will be detailed below.

A Sun Microsystem�s J2SE Implementation

The Java package developed by Sun Microsystems to implement SSL is Java^TM Secure Socket Extension (JSSE). The JSSE framework is capable of supporting many different secure communication protocols such as SSL 2.0 and 3.0 and TLS 1.0. However, the JSSE SSL 3.0 and TLS 1.0 are implemented in the J2SE 1.4x and later.

To learn more about JSSE, go to http://java.sun.com/products/jsse/ .

Sun's J2SE implementation of SSL is found in the HttpsURLConnection class in the com.sun.net.ssl package, which extends the java.net.URLConnection class. The HttpsURLConnection class can be used to establish secure channels through SSL/TLS sockets before requesting or receiving data. An HttpsURLConnection object is returned by the URL object's openConnection() method when "HTTPS" is specified as the protocol.



Code Example

The following code example shows how to implement HTTPS protocol with HttpsURLConnection via the URLConnection in your JSSE application. After calling the openConnection() method, the returned object is checked to be a HttpsURLConnection:

import java.io.;

import java.net.;

import javax.net.ssl.*;

public someClass class {


   public static void main(String[] args) throws Exception {
      System.setProperty("java.protocol.handler.pkgs",
                                  "com.sun.net.ssl.internal.www.protocol");

      // Create HTTPS URL
      URL secureurl = new URL("https://www.yourdomain.com");

      // Open secure URL connection
      URLConnection urlConn = secureurl.openConnection();

      // if secure connection
      if(urlConn instanceof com.sun.net.ssl.HttpsURLConnection){
                    �Setup your HTTP POST parameters here�       }

      �Manage your input and output here�   }

}



You can then access the HTTPS URLs using the APIs provided by the URLConnection class. You don't need to worry about the format of the http GET and POST commands, which you would if you used the SSL Socket APIs.



If you access Internet behind firewall, the connection�s Proxy Host and Port properties must to be set:

//Set the https proxy

System.setProperty("https.proxyHost", "somewhere.yourdomain.com");

System.setPropery("https.proxyPort", "8080");

//The next connection will be through proxy.

The source code for the someClass is here.

Another Sun Microsystem's Implementation

The Java package developed by Sun Microsystems to implement SSL is JavaTM Secure Socket Extension (JSSE). The JSSE API is implemented on the JavaTM 2 Platform, Standard Edition.

To learn more about JSSE, go to http://java.sun.com/products/jsse/ .

Code Examples

The following code examples illustrate how to use JSSE to implement SSL:

// Add the HTTPS protocol handler to system properties

java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

System.getProperty.put("java.protocol.handler.pkgs",

"com.sun.net.ssl.internal.www.protocol");

If you access Internet behind firewall, the connection�s Proxy Authorization property has to be set:

System.getProperties().put("https.proxyHost", proxy);

System.getProperties().put("https.proxyPort", port);

// Setup proxy authentication

java.net.Authenticator.setDefault (new PasswordAuthenticator());

Class PasswordAuthenticator is defined as the following:

import java.net.Authenticator;

import java.net.PasswordAuthentication;

class PasswordAuthenticator extends Authenticator {

protected PasswordAuthentication getPasswordAuthentication() {

System.out.println("getPasswordAuthentication() called for https connection!!!");

return new PasswordAuthentication(strUser, "password".toCharArray());

}

JDK version 1.2.1 or greater is required for the class java.net.Authenticator.

Return to Top