axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pravir Ramtekkar <pra...@nms.fnc.fujitsu.com>
Subject TeustManager and AXIS client.
Date Thu, 12 Aug 2004 06:36:44 GMT
hi,
I had posted a message on this list about making AXIS client call to 
webservice running HTTPS.
Everybody seems to be importing the certificates into a keystore and 
passing them as a system prop. Problem I have is that I dont want to 
import any certificates for the obvious reasons that they will expire 
someday. rather I overwrite X509TrustManager and set it on the 
HttpsURLConnection as follows :
         X509TrustManager xtm = new MyTrustManager();
         TrustManager mytm[] = {xtm};
         SSLContext ctx = SSLContext.getInstance("SSL");
         ctx.init(null,mytm, null );
         SSLSocketFactory sf = ctx.getSocketFactory();
         HttpsURLConnection.setDefaultSSLSocketFactory(sf);

This works great if I try to connect to Https URL and gives me the 
correct content. but when  I use Locator/Stub my X509TrustMamager is not 
called. How do I tell underlying AXIS  to use my trustmanager?
I see that AXIS has 
org.apache.axis.components.net.SunFakeTrustSocketFactory.FakeX509TrustManager() 
SunFakeTrustSocketFactory nad  but using  this in the above doesn't work 
due to incompatibility of types.
Now the question is do I have to write my TrustManagerFactory and 
SecurityProvider and plug it in or is there any simple way to let AXIS 
know of my Trustmanager I want to  use.

appreciate any help.
thanx,
Pravir


Mime
View raw message