1

I have a little problem with SSL Validation in my application. As I find over internet in FourSquare's documentation they suggest validation like this : SSL Calidation, but the problem is that I'm using an HttpsURLConnection and I want to use that class instead of DefaultHttpClient . So when I replace client in getTolerantClient with HttpsURLConnection and try to do this it's showing me some errors : 

    public HttpsURLConnection getTolerantClient() {
    HttpsURLConnection client = new HttpsURLConnection();
    SSLSocketFactory sslSocketFactory = (SSLSocketFactory) client.getConnectionManager().getSchemeRegistry().getScheme("https").getSocketFactory();
    final X509HostnameVerifier delegate = sslSocketFactory.getHostnameVerifier();
    if(!(delegate instanceof MyVerifier)) {
        sslSocketFactory.setHostnameVerifier(new MyVerifier(delegate));
    }
    return client;
}

like : 

The method getConnectionManager() is undefined for the type HttpsURLConnection

&

The method getHostnameVerifier() is undefined for the type SSLSocketFactory

So any idea how can I use this in my situation? Thanks in advance!

Community
  • 1
  • 1
Android-Droid
  • 14,365
  • 41
  • 114
  • 185

1 Answers1

1

This code sample should help you to adapt the getTolerantClient method:

public URLConnection getTolerantClient(URL url) throws IOException {
    URLConnection conn = url.openConnection();
    if (!(conn instanceof HttpsURLConnection)) {
        /* not an https:// URL, nothing to do */
        return conn;
    }
    HttpsURLConnection httpsconn = (HttpsURLConnection)conn;
    final HostnameVerifier delegate = httpsconn.getHostnameVerifier();
    if(!(delegate instanceof MyVerifier)) {
        httpsconn.setHostnameVerifier(new MyVerifier(delegate));
    }
    return conn;
}

Of course, MyVerifier should implement the javax.net.ssl.HostnameVerifier interface.

Jcs
  • 13,279
  • 5
  • 53
  • 70