camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: Setting CXF TLSClientParameters programmatically
Date Wed, 04 Jan 2012 20:07:12 GMT
On Wednesday, January 04, 2012 8:39:54 PM Alexandre Gattiker wrote:
> As of Camel 2.9.0 I can write:
> 
> Map<String, Object> cxfProperties = new HashMap<String, Object>();
> cxfProperties.put(AuthorizationPolicy.class.getName(), policy);
> cxfEndpoint.setProperties(cxfProperties);
> 
> Is there a similar way to set the TLSClientParameters? I would like to
> set them e.g. from the usual system properties
> javax.net.ssl.keyStoreType, etc. which are not honored by the default
> HTTP Conduit (why?).

Argh....   bug in CXF.     Just looked at the code.   We are grabbing the 
system property for javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword, 
but not for keyStoreType.  :-(

Will fix.

Dan




> 
> In CXF I can write the following, but I couldn't find a Camel equivalent:
> JaxWsClientFactoryBean factory = new JaxWsClientFactoryBean();
> ...
> proxy = factory.create();
> HTTPConduit conduit = (HTTPConduit) proxy.getConduit();
> TLSClientParameters tcp = new TLSClientParameters();
> tcp.setUseHttpsURLConnectionDefaultHostnameVerifier(true);
> tcp.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
> conduit.setTlsClientParameters(tcp);
> 
> 
> I found a workaround as follows, but it is quite complicated. Also,
> the CXF conduit wildcard (name="*.http-conduit") doesn't work.
> 
> context = new SpringCamelContext(new
> ClassPathXmlApplicationContext("/camel-ssl.xml"));
> context.addRoutes(...)
> 
> camel-ssl.xml:
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:http="http://cxf.apache.org/transports/http/configuration"
>         xmlns:sec="http://cxf.apache.org/configuration/security"
> xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
>         xsi:schemaLocation="
>        http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
>       http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>        http://cxf.apache.org/configuration/security
> http://cxf.apache.org/schemas/configuration/security.xsd
> ">
> 
>         <bean
> class="org.springframework.beans.factory.config.PropertyPlaceholderConfigur
> er"> <property name="properties">
>                         <props>
>                                 <prop
> key="javax.net.ssl.trustStoreType">JKS</prop>
>                                 <prop
> key="javax.net.ssl.keyStoreType">JKS</prop>
>                                 <prop
> key="javax.net.ssl.keyStorePassword">changeit</prop>
>                         </props>
>                 </property>
>                 <property name="systemPropertiesModeName">
>                         <value>SYSTEM_PROPERTIES_MODE_OVERRIDE</value>
>                 </property>
>         </bean>
> 
>         <http:conduit id="myHttpConduit" name="{myNs}myPort.http-conduit">
>                 <http:tlsClientParameters>
>                         <sec:keyManagers
> keyPassword="${javax.net.ssl.keyStorePassword}">
>                                 <sec:keyStore
> type="${javax.net.ssl.keyStoreType}"
> password="${javax.net.ssl.keyStorePassword}"
> file="${javax.net.ssl.keyStore}" />
>                         </sec:keyManagers>
>                         <sec:trustManagers>
>                                 <sec:keyStore
> type="${javax.net.ssl.trustStoreType}"
> file="${javax.net.ssl.trustStore}" />
>                         </sec:trustManagers>
>                 </http:tlsClientParameters>
>         </http:conduit>
> </beans>
> 
> Thanks in advance for your advice.
-- 
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com

Mime
View raw message