mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel L├ęcharny <elecha...@gmail.com>
Subject Adding a secured() event in the IoHandler
Date Thu, 05 Apr 2018 08:04:22 GMT
Hi guys,

as a follow up of a discussion we have had with Jonathan, I would like
to suggest we add the 'secured()' event in the IoHandler. Th idea is to
make it simpler for MINA users to be informed when teh TLS handshake has
been completed.

Currently, one need to add the USE_NOTIFICATION attribute in the session
before adding the SslFilter in the chain, in order to receive a
SESSION_SECURED message. This is kind of convoluted solution, which
requires to check for every received message if it's a SESSION_SECURED
message in the messageReceived() method.

Having a secured() event would eliminate this attribute, and this
message, making app implementers life easier.

Typically, in the Apache LDAP API, we implement the startTLS extended
operation, which allows the caller to setup a secured communication over
an existing connection. That forces us to write such code :

ldapSession.setAttribute( SslFilter.USE_NOTIFICATION, Boolean.TRUE );
ldapSession.setAttribute( "HANDSHAKE_FUTURE", handshakeFuture );
ldapSession.getFilterChain().addFirst( SSL_FILTER_KEY, sslFilter );

(the future is used to be informed when the TLS handshake has been

and in order to process the SESSION_SECURED message, we have to do :

public void messageReceived( IoSession session, Object message ) throws
    // Feed the response and store it into the session
    if ( message instanceof SslFilter.SslFilterMessage )
        // This is a SSL message telling if the session has been
secured or not
        HandshakeFuture handshakeFuture = ( HandshakeFuture )
ldapSession.getAttribute( "HANDSHAKE_FUTURE" );

        if ( message == SslFilter.SESSION_SECURED )
            // SECURED
            // UNSECURED

        ldapSession.removeAttribute( "HANDSHAKE_FUTURE" );


which is kind of complicated...

wdyt ?

Emmanuel Lecharny


View raw message