Friday, March 07, 2008

Http and Https

For the following application requirements::
1.
SSL support
2. Reuse the SSLSession / HttpState while reconnecting to web server (Apache)
3. Restablishing Http(s) connection multiple times to web server
4. HttpClient should have same behaviour like a Browser (IE)
5. Asynchronous communication where Http client opens connection and should recieve data from server whenever server has some data for http client.
6. Other requirements are Performance, etc..

Http Client and javax.net.
ssl are in no way comparable at all.SSL is a technique to secure connections on the transport layer. HTTP is a protocol for client/server communication, which runs on top of a transport layer. By combining HTTP and SSL, you get HTTPS. For example, you can use the HttpClient to communciate over an SSL connection from javax.net.ssl.

The HttpURLConnection in the standard JDKs is flawed because it does not provide flexibility with respect to timeout handling, multithreading, connection
pooling,
streaming, HTTP protocol versions and server specific dialects, authentication, error handling, retry handling that you would expect in such a thing. The HttpsURLConnection from javax.net.
ssl is the same as the HttpURLConnection, except that it uses SSL instead of plain sockets for the transport layer.

HttpClient uses a generic interface to create
SSL connections when needed for HTTPS connections. It is up to you to implement this interface, and you can support SSL session reuse if you want to. You can also implement your own HTTP connection pool, which can be aware of your SSL connection pool to optimize reuse.