问题
Does anyone know why this is, or how to fix it?
I'm using an android to connect via httpclient - the Simple connector resumes the connection just fine, but Jetty performs a new handshake each time ! The code is the same, it's just what connecter I've got on the build path. Continually redoing the handshake uses up a ridiculous amount of data and battery - the problem is that I require client authentication, which as I've discovered doesn't work properly with the Simple connecter. Is there something I'm missing here? I'm using the standard connection set up as below.
component = new Component();
component.getClients().add(Protocol.FILE);
Server httpsServer = component.getServers().add(Protocol.HTTPS, 444);
Series<Parameter> parameters = httpsServer.getContext().getParameters();
File pwd = new File(".");
String path = pwd.getCanonicalPath();
String keystorePath = path + "/keystore/keypair.jks";
parameters.add("SSLContextFactory", "org.restlet.ext.ssl.PkixSslContextFactory");
parameters.add("keystorePath", keystorePath);
parameters.add("keystorePassword", "xxx");
parameters.add("keyPassword", "xxx");
parameters.add("keystoreType", "JKS");
parameters.add("threadMaxIdleTimeMs", "60000"); //default idle time
parameters.add("needClientAuthentication", "true");
// Guard the restlet with BASIC authentication (encrypted under SSL).
ChallengeAuthenticator guard = new ChallengeAuthenticator(null, ChallengeScheme.HTTP_BASIC, "xxx");
//new pagerreceiver
Restlet resty = new PagerReceiverApplication();
LoginChecker loginVerifier = new LoginChecker();
guard.setVerifier(loginVerifier);
guard.setNext(resty);
component.getDefaultHost().attachDefault(guard);
overrideStatus statusService = new overrideStatus();
component.setStatusService(statusService);
component.start();
回答1:
Not sure what version of Jetty you are using or how it is configured, but looking at http://wiki.eclipse.org/Jetty/Howto/Configure_SSL there is a parameter called allowRenegotiate that defaults to false. Perhaps if you can figure out how to set it to true you'll be able to resume sessions?
回答2:
I haven't tried, but it would be worth trying to use the NIO connector, via Jetty's SslSelectChannelConnector, with Restlet parameter type=1. (The default is to use the SslSocketConnector, with type=2.)
来源:https://stackoverflow.com/questions/6489667/restlet-2-0-8-with-the-jetty-connecter-doesnt-resume-ssl-sessions-while-the-si