camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Tully" <gary.tu...@gmail.com>
Subject Re: Password error for https endpoint connection
Date Thu, 27 Mar 2008 13:30:28 GMT
Thanks for the quick application.

I did the same thing with HttpRouteTest and got it to work a bit. see
attachment. (cced u directly as list will probably drop attachment.)

I did not see the hang, but that may be the prompt to console asking
for a password in your case.

It seems as if there is no https component, but jetty:https does work.

The crux of a unit test is using default jdk jsse certs or generating
them on the fly. Also the jetty component uses commons http client
which has its own take on configuration.

A round trip requires both HttpClient and Jetty config and for the
pure http: invoke, raw jdk jsse config. (it may be possible to have
them all use default jsse stuff for the test, don't know for sure.)
The attached test case should help a bit though. If there is a jira I
can attach it.



On 27/03/2008, James Strachan <james.strachan@gmail.com> wrote:
> Awesome patch, thanks Gary! :)
>
>  I've applied your patch to trunk. I made a minor change to use a
>  property on the JettyHttpComponent for the sslPassword and
>  sslKeyPassword so folks can customize then in Java / Spring if they
>  want; but have defaulted them to "".
>
>  I tried copying the HttpRouteTest to be HttpsRouteTest and changing
>  http:// to https:// and the test just hangs though - I guess something
>  else needs to be done to enable Jetty to support https? (Just
>  wondering how to get a test case for https working).
>
>
>
>  On 27/03/2008, Gary Tully <gary.tully@gmail.com> wrote:
>  > I think you should open a jira[1] for the password null issue. I think
>  >  it is a bug.
>  >
>  >
>  >  2008-03-18 20:05:42.998::WARN:  EXCEPTION
>  >  >  >  java.security.UnrecoverableKeyException: Password must not be null
>  >
>  >
>  > to create a jetty https endpoint that uses a password to access its
>  >  keystore I needed to modify the JettyHttpComponent as follows:
>  >
>  >  Index: src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
>  >  ===================================================================
>  >  --- src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
>  >      (revision 641579)
>  >  +++ src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
>  >      (working copy)
>  >  @@ -89,7 +89,10 @@
>  >              if (connectorRef == null) {
>  >                  Connector connector;
>  >                  if ("https".equals(endpoint.getProtocol())) {
>  >  -                    connector = new SslSocketConnector();
>  >  +                    SslSocketConnector sslConnector = new SslSocketConnector();
>  >  +                    sslConnector.setPassword("");
>  >  +                    sslConnector.setKeyPassword("");
>  >  +                    connector = sslConnector;
>  >                  } else {
>  >                      connector = new SelectChannelConnector();
>  >                  }
>  >
>  >
>  >  This allowed the SslSocketConnector to make use of the jetty system
>  >  properties for passwords: -Djetty.ssl.password=... and
>  >  -Djetty.ssl.keypassword=...
>  >  In the absence of the system properties, there is a prompt to StdIn.
>  >
>  >
>  >  I was able to use a browser to access the following route:
>  >
>  >                  Processor proc = new Processor() {
>  >                     public void process(Exchange exchange) throws Exception {
>  >                         exchange.getOut(true).setBody("<b>Hello World</b>");
>  >                     }
>  >                 };
>  >                 from("jetty:https://localhost:8080/hello").process(proc);
>  >
>  >
>  >  [1] http://issues.apache.org/activemq/browse/CAMEL
>  >
>  >
>  >  On 26/03/2008, Micky Santomax <mickysantomax@tiscali.it> wrote:
>  >  >
>  >  >  Thanks for reply
>  >  >
>  >  >  I've follow all step of jetty ssl configuration but the problem isn't
>  >  >  changed
>  >  >  After various test I've see that the problem is in routing because if in
>  >  >  RouteBuilder class I set this :
>  >  >
>  >  >  JettyHttpEndpoint jettyEndpoint =
>  >  >  context.getEndpoint("jetty:https://localhost:8196/SSLTest/",
>  >  >  JettyHttpEndpoint.class);
>  >  >
>  >  >  this.from(jettyEndpoint);
>  >  >
>  >  >  The endpoint was created and when I access to it with browser I receive
a
>  >  >  request of accept the certificate. If I accept it I receive the following
>  >  >  error :
>  >  >
>  >  >  2008-03-26 18:56:14.933::WARN:  handle failed
>  >  >  java.lang.NullPointerException
>  >  >         at
>  >  >  org.mortbay.thread.BoundedThreadPool.isLowOnThreads(BoundedThreadPool.java:216)
>  >  >         at
>  >  >  org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:218)
>  >  >         at
>  >  >  org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:620)
>  >  >         at
>  >  >  org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)
>  >  >
>  >  >  Else if I set this :
>  >  >
>  >  >  JettyHttpEndpoint jettyEndpoint =
>  >  >  context.getEndpoint("jetty:https://localhost:8196/SSLTest/",
>  >  >  JettyHttpEndpoint.class);
>  >  >
>  >  >  this.from(jettyEndpoint).process(new
>  >  >  MyProcessor()).to("jetty:http://localhost:8195/SSLTest2/");
>  >  >
>  >  >  or
>  >  >
>  >  >  this.from(jettyEndpoint).to("jetty:http://localhost:8195/SSLTest2/");
>  >  >
>  >  >  I receive the previous error :
>  >  >
>  >  >
>  >  >  2008-03-18 20:05:42.998::WARN:  EXCEPTION
>  >  >  >  java.security.UnrecoverableKeyException: Password must not be null
>  >  >
>  >  > --
>  >  >  View this message in context: http://www.nabble.com/Password-error-for-https-endpoint-connection-tp16128569s22882p16309438.html
>  >  >
>  >  > Sent from the Camel - Users mailing list archive at Nabble.com.
>  >  >
>  >  >
>  >
>
>
>
> --
>  James
>  -------
>  http://macstrac.blogspot.com/
>
>  Open Source Integration
>  http://open.iona.com
>

Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message