cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r874344 - in /websites/production/cxf/content: cache/docs.pageCache docs/client-http-transport-including-ssl-support.html docs/jetty-configuration.html docs/standalone-http-transport.html docs/tls-configuration.html
Date Mon, 12 Aug 2013 15:48:16 GMT
Author: buildbot
Date: Mon Aug 12 15:48:16 2013
New Revision: 874344

Log:
Production update by buildbot for cxf

Added:
    websites/production/cxf/content/docs/tls-configuration.html
Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
    websites/production/cxf/content/docs/jetty-configuration.html
    websites/production/cxf/content/docs/standalone-http-transport.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
==============================================================================
--- websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
(original)
+++ websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
Mon Aug 12 15:48:16 2013
@@ -473,32 +473,7 @@ Language tags are regulated by the Inter
 
 <h3><a shape="rect" name="ClientHTTPTransport%28includingSSLsupport%29-The%7B%7BtlsClientParameters%7D%7Delement"></a>The
<tt>tlsClientParameters</tt> element</h3>
 
-<p>The TLSClientParameters are listed <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterBase.java">here</a>
and <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java">here</a>.
 </p>
-
-<div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Attribute </th><th colspan="1" rowspan="1" class="confluenceTh">
Default </th><th colspan="1" rowspan="1" class="confluenceTh"> Since </th><th
colspan="1" rowspan="1" class="confluenceTh"> Description </th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>certConstraints</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1"
class="confluenceTd">&#160;</td><td colspan="1" rowspan="1" class="confluenceTd">
Certificate Constraints specification. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>cipherSuites</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> default sslContext cipher suites </td><td colspan="1"
rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1" class="confluenceTd">
CipherSuites that will be supported. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>cipherS
 uitesFilter</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1"
class="confluenceTd"> filters of the supported CipherSuites that will be supported and
used if available. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>disableCNcheck</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
<tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
2.0.5 </td><td colspan="1" rowspan="1" class="confluenceTd"> Indicates whether
that the hostname given in the HTTPS URL will be checked against the service's Common Name
(CN) given in its certificate during SOAP client requests, and failing if there is a mismatch.
 If set to <tt>true</tt> (<b>not recommended for production use</b>),
such checks will be bypassed.  That will allow you, for example, to use a URL such as <tt>localhost</tt>
during development. </td></tr><tr><td colspan="1" rowspan="1" class=
 "confluenceTd"> <tt>jsseProvider</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> default JVM provider&#160;associated with protocol </td><td
colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1"
class="confluenceTd"> JSSE provider name. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>keyManagers</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> JVM default Key Managers </td><td colspan="1"
rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1" class="confluenceTd">
Key Managers to hold X509 certificates. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>secureRandomParameters</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> JVM default Secure Random </td><td
colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1"
class="confluenceTd"> SecureRandom specification. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>secureSock
 etProtocol</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
"TLS" </td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd"> Protocol Name. Most common example are "SSL",
"TLS" or "TLSv1". </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>trustManagers</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
JVM default Trust Managers </td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd"> TrustManagers to validate peer X509 certificates.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>useHttpsURLConnectionDefaultSslSocketFactory</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> 2.2.7 </td><td
colspan="1" rowspan="1" class="confluenceTd"> specifies if <a shape="rect" class="external-link"
href="http://java.sun.com/javase/6/docs/api/javax/ne
 t/ssl/HttpsURLConnection.html#getDefaultSSLSocketFactory()" rel="nofollow">HttpsURLConnection.getDefaultSSLSocketFactory()</a>
should be used to create https connections. If '<tt>true</tt>', '<tt>jsseProvider</tt>',
'<tt>secureSocketProtocol</tt>', '<tt>trustManagers</tt>', '<tt>keyManagers</tt>',
'<tt>secureRandom</tt>', '<tt>cipherSuites</tt>' and '<tt>cipherSuitesFilter</tt>'
configuration parameters are ignored. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>useHttpsURLConnectionDefaultHostnameVerifier</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> 2.2.7 </td><td
colspan="1" rowspan="1" class="confluenceTd"> This attribute specifies if <a shape="rect"
class="external-link" href="http://java.sun.com/javase/6/docs/api/javax/net/ssl/HttpsURLConnection.html#getDefaultHostnameVerifier()"
rel="nofollow">HttpsURLConnection.getDefaultHostnameVerifier()</a> should be used
to create htt
 ps connections. If '<tt>true</tt>', '<tt>disableCNCheck</tt>' configuration
parameter is ignored. </td></tr></tbody></table>
-</div>
-
-
-
-<p>Note :  <tt>disableCNcheck</tt> is a parameterized boolean, you can
use a fixed variable <tt>true</tt>|<tt>false</tt> as well as a <a
shape="rect" class="external-link" href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer"
rel="nofollow">Spring externalized property</a> variable (e.g. <tt>${disable-https-hostname-verification</tt>})
or a <a shape="rect" class="external-link" href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef"
rel="nofollow">Spring expression</a> (e.g. <tt>#{systemProperties['dev-mode']</tt>}).</p>
-
-<p>Sample : </p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader"
style="border-bottom-width: 1px;"><b>HTTP conduit configuration disabling HTTP URL
hostname verification (usage of localhost, etc)</b></div><div class="codeContent
panelContent">
-<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
- ...
- &lt;http-conf:conduit 
-     name="{http://example.com/}HelloWorldServicePort.http-conduit"&gt;
-
-   &lt;!-- deactivate HTTPS url hostname verification (localhost, etc)    --&gt;
-   &lt;!-- WARNING ! disableCNcheck=true should NOT be used in production --&gt;
-   &lt;http-conf:tlsClientParameters disableCNcheck="true" /&gt;
-   ...
- &lt;/http-conf:conduit&gt;
- ...
-]]></script>
-</div></div>
+<p>Please see <a shape="rect" class="external-link" href="https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration">TLS
Configuration</a> page for more information. </p>
 
 <h2><a shape="rect" name="ClientHTTPTransport%28includingSSLsupport%29-UsingWSDL"></a>Using
WSDL</h2>
 

Modified: websites/production/cxf/content/docs/jetty-configuration.html
==============================================================================
--- websites/production/cxf/content/docs/jetty-configuration.html (original)
+++ websites/production/cxf/content/docs/jetty-configuration.html Mon Aug 12 15:48:16 2013
@@ -167,7 +167,7 @@ Apache CXF -- Jetty Configuration
 
 <p>The child elements used to provide the configuration properties are described below.</p>
 <div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Element </th><th colspan="1" rowspan="1" class="confluenceTh">
Description </th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:tlsServerParameters </td><td colspan="1" rowspan="1" class="confluenceTd">
Specifies a set of properties for configuring the security used for the specific Jetty instance.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> httpj:tlsServerParametersRef
</td><td colspan="1" rowspan="1" class="confluenceTd"> Refers to a set of security
properties defined by a <tt>identifiedTLSServerParameters</tt> element. The <tt>id</tt>
attribute provides the id of the referred <tt>identifiedTLSServerParameters</tt>
element. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:threadingParameters </td><td colspan="1" rowspan="1" class="confluenceTd">
Specifies the size of the thread pool used by the specific Jetty instance. </td></tr><tr>
 <td colspan="1" rowspan="1" class="confluenceTd"> httpj:threadingParametersRef </td><td
colspan="1" rowspan="1" class="confluenceTd"> Refers to a set of properties defined by
a <tt>identifiedThreadingParameters</tt> element. The <tt>id</tt>
attribute provides the id of the referred <tt>identifiedThreadingParameters</tt>
element. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:connector </td><td colspan="1" rowspan="1" class="confluenceTd"> You can
use spring beans syntax to instantiate a connector and set the connector's properties , this
connector will be set to the Jetty server engine </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:handlers </td><td colspan="1" rowspan="1"
class="confluenceTd"> You can use spring beans syntax to instantiate a Jetty handler list
and set these handlers' properties , the jetty handlers will be set to the Jetty server engine
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> httpj:sessionSupport
  </td><td colspan="1" rowspan="1" class="confluenceTd"> If the value is true
, the Jetty Engine will set up a session manager for the Jetty server engine to maintain the
sessions. The default value of it is false.</td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:reuseAddress </td><td colspan="1" rowspan="1"
class="confluenceTd"> The the value is true, the Jetty Engine connector's socket will enable
the SO_REUSEADDR flage. The default value of it is true. (This feature is available in CXF
2.0.3)</td></tr></tbody></table>
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Element </th><th colspan="1" rowspan="1" class="confluenceTh">
Description </th></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:tlsServerParameters </td><td colspan="1" rowspan="1" class="confluenceTd">
Specifies a set of properties for configuring the security used for the specific Jetty instance.
See the <a shape="rect" class="external-link" href="https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration">TLS
Configuration</a> page for more information.</td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:tlsServerParametersRef </td><td colspan="1"
rowspan="1" class="confluenceTd"> Refers to a set of security properties defined by a <tt>identifiedTLSServerParameters</tt>
element. The <tt>id</tt> attribute provides the id of the referred <tt>identifiedTLSServerParameters</tt>
element. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"
 > httpj:threadingParameters </td><td colspan="1" rowspan="1" class="confluenceTd">
Specifies the size of the thread pool used by the specific Jetty instance. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> httpj:threadingParametersRef </td><td
colspan="1" rowspan="1" class="confluenceTd"> Refers to a set of properties defined by
a <tt>identifiedThreadingParameters</tt> element. The <tt>id</tt>
attribute provides the id of the referred <tt>identifiedThreadingParameters</tt>
element. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:connector </td><td colspan="1" rowspan="1" class="confluenceTd"> You can
use spring beans syntax to instantiate a connector and set the connector's properties , this
connector will be set to the Jetty server engine </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:handlers </td><td colspan="1" rowspan="1"
class="confluenceTd"> You can use spring beans syntax to instantiate a Jetty handler list
and set
  these handlers' properties , the jetty handlers will be set to the Jetty server engine </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> httpj:sessionSupport </td><td colspan="1"
rowspan="1" class="confluenceTd"> If the value is true , the Jetty Engine will set up a
session manager for the Jetty server engine to maintain the sessions. The default value of
it is false.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:reuseAddress </td><td colspan="1" rowspan="1" class="confluenceTd"> The
the value is true, the Jetty Engine connector's socket will enable the SO_REUSEADDR flage.
The default value of it is true. (This feature is available in CXF 2.0.3)</td></tr></tbody></table>
 </div>
 
 

Modified: websites/production/cxf/content/docs/standalone-http-transport.html
==============================================================================
--- websites/production/cxf/content/docs/standalone-http-transport.html (original)
+++ websites/production/cxf/content/docs/standalone-http-transport.html Mon Aug 12 15:48:16
2013
@@ -129,7 +129,7 @@ Apache CXF -- Standalone HTTP Transport
            <div class="wiki-content">
 <div id="ConfluenceContent"><h1><a shape="rect" name="StandaloneHTTPTransport-ConfiguringSSL"></a>Configuring
SSL</h1>
 
-<p>To configure the standalone HTTP transport to use SSL, you'll need to add an &lt;http:destination&gt;
definition to your XML configuration file. See the <a shape="rect" href="configuration.html"
title="Configuration">Configuration</a> guide to learn how to supply your own XML
configuration file to CXF. If you are already using Spring, this can be added to your existing
beans definitions.</p>
+<p>To configure the standalone HTTP transport to use SSL, you'll need to add an &lt;http:destination&gt;
definition to your XML configuration file. See the <a shape="rect" href="configuration.html"
title="Configuration">Configuration</a> guide to learn how to supply your own XML
configuration file to CXF. If you are already using Spring, this can be added to your existing
beans definitions. For more information about configuring TLS, see the <a shape="rect"
class="external-link" href="https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration">Configuring
TLS</a> page.</p>
 
 <p>Destinations in CXF are responsible for listening for server side requests.</p>
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">

Added: websites/production/cxf/content/docs/tls-configuration.html
==============================================================================
--- websites/production/cxf/content/docs/tls-configuration.html (added)
+++ websites/production/cxf/content/docs/tls-configuration.html Mon Aug 12 15:48:16 2013
@@ -0,0 +1,202 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+<html>
+  <head>
+    <link type="text/css" rel="stylesheet" href="http://cxf.apache.org/resources/site.css">
+    <script src="http://cxf.apache.org/resources/space.js" type="text/javascript"></script>
+    
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service Oriented Architecture,
web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support,
integration standards, application integration, middleware, software, solutions, services,
CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - TLS Configuration">
+
+  <link href='http://cxf.apache.org/resources/highlighter/styles/shCoreCXF.css' rel='stylesheet'
type='text/css' />
+  <link href='http://cxf.apache.org/resources/highlighter/styles/shThemeCXF.css' rel='stylesheet'
type='text/css' />
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shCore.js' type='text/javascript'></script>
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shBrushJava.js' type='text/javascript'></script>
+  <script src='http://cxf.apache.org/resources/highlighter/scripts/shBrushXml.js' type='text/javascript'></script>
+  
+  <script type="text/javascript">
+  SyntaxHighlighter.defaults['toolbar'] = false;
+  SyntaxHighlighter.all();
+  </script>
+ 
+    <title>
+Apache CXF -- TLS Configuration
+    </title>
+  </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+  <tr>
+    <td id="cell-0-0" colspan="2">&nbsp;</td>
+    <td id="cell-0-1">&nbsp;</td>
+    <td id="cell-0-2" colspan="2">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-1-0">&nbsp;</td>
+    <td id="cell-1-1">&nbsp;</td>
+    <td id="cell-1-2">
+      <!-- Banner -->
+<div class="banner" id="banner"><div><table border="0" cellpadding="0" cellspacing="0"
width="100%"><tr><td align="left" colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/" title="Apache CXF"><span style="font-weight:
bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/" title="The Apache Sofware Foundation"><img
border="0" alt="ASF Logo" src="http://cxf.apache.org/images/asf-logo.png"></a>
+</td></tr></table></div></div>
+      <!-- Banner -->
+      <div id="top-menu">
+        <table border="0" cellpadding="1" cellspacing="0" width="100%">
+          <tr>
+            <td>
+              <div align="left">
+                <!-- Breadcrumbs -->
+<a href="index.html">Index</a>&nbsp;&gt;&nbsp;<a href="transports.html">Transports</a>&nbsp;&gt;&nbsp;<a
href="http-transport.html">HTTP Transport</a>&nbsp;&gt;&nbsp;<a href="asynchronous-client-http-transport.html">Asynchronous
Client HTTP Transport</a>&nbsp;&gt;&nbsp;<a href="tls-configuration.html">TLS
Configuration</a>
+                <!-- Breadcrumbs -->
+              </div>
+            </td>
+            <td>
+              <div align="right">
+                <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect" href="http://cxf.apache.org/download.html">Download</a>
| <a shape="rect" href="http://cxf.apache.org/docs/index.html">Documentation</a></p></div>
+                <!-- Quicklinks -->
+              </div>
+            </td>
+          </tr>
+        </table>
+      </div>
+    </td>
+    <td id="cell-1-3">&nbsp;</td>
+    <td id="cell-1-4">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-2-0" colspan="2">&nbsp;</td>
+    <td id="cell-2-1">
+      <table>
+        <tr valign="top">
+          <td height="100%">
+            <div id="wrapper-menu-page-right">
+              <div id="wrapper-menu-page-top">
+                <div id="wrapper-menu-page-bottom">
+                  <div id="menu-page">
+                    <!-- NavigationBar -->
+<div id="navigation"><ul class="alternate" type="square"><li><a shape="rect"
href="overview.html" title="Overview">Overview</a></li><li><a shape="rect"
href="how-tos.html" title="How-Tos">How-Tos</a></li><li><a shape="rect"
href="frontends.html" title="Frontends">Frontends</a></li><li><a shape="rect"
href="databindings.html" title="DataBindings">DataBindings</a></li><li><a
shape="rect" href="transports.html" title="Transports">Transports</a></li><li><a
shape="rect" href="configuration.html" title="Configuration">Configuration</a></li><li><a
shape="rect" href="debugging-and-logging.html" title="Debugging and Logging">Debugging
and Logging</a></li><li><a shape="rect" href="tools.html" title="Tools">Tools</a></li><li><a
shape="rect" href="restful-services.html" title="RESTful Services">RESTful Services</a></li><li><a
shape="rect" href="wsdl-bindings.html" title="WSDL Bindings">WSDL Bindings</a></li><li><a
shape="rect" href="service-routing.html" title="Service Routing">Service Routing<
 /a></li><li><a shape="rect" href="dynamic-languages.html" title="Dynamic
Languages">Dynamic Languages</a></li><li><a shape="rect" href="ws-support.html"
title="WS-* Support">WS-* Support</a></li><li><a shape="rect" href="advanced-integration.html"
title="Advanced Integration">Advanced Integration</a></li><li><a shape="rect"
href="deployment.html" title="Deployment">Deployment</a></li><li><a
shape="rect" href="schemas-and-namespaces.html" title="Schemas and Namespaces">Use of Schemas
and Namespaces</a></li></ul>
+
+
+<hr>
+<ul class="alternate" type="square"><li>Search<br clear="none">
+
+<form enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box" action="http://www.google.com/cse">
+  <div>
+    <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+    <input type="hidden" name="ie" value="UTF-8">
+    <input type="text" name="q" size="21">
+    <input type="submit" name="sa" value="Search">
+  </div>
+</form>
+<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&amp;lang=en"></script>
+</li></ul>
+
+
+<hr>
+<ul class="alternate" type="square"><li><a shape="rect" href="http://cxf.apache.org/javadoc/latest/">API
(Javadoc)</a></li><li><a shape="rect" href="http://cxf.apache.org/">CXF
Website</a></li></ul>
+
+</div>
+                    <!-- NavigationBar -->
+                  </div>
+              </div>
+            </div>
+          </div>
+         </td>
+         <td height="100%">
+           <!-- Content -->
+           <div class="wiki-content">
+<div id="ConfluenceContent"><p>The TLSClientParameters are listed <a shape="rect"
class="external-link" href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterBase.java">here</a>
and <a shape="rect" class="external-link" href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java">here</a>.
 </p>
+
+<div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Attribute </th><th colspan="1" rowspan="1" class="confluenceTh">
Default </th><th colspan="1" rowspan="1" class="confluenceTh"> Since </th><th
colspan="1" rowspan="1" class="confluenceTh"> Description </th></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>certConstraints</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1"
class="confluenceTd">&#160;</td><td colspan="1" rowspan="1" class="confluenceTd">
Certificate Constraints specification. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>cipherSuites</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> default sslContext cipher suites </td><td colspan="1"
rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1" class="confluenceTd">
CipherSuites that will be supported. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>cipherS
 uitesFilter</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1"
class="confluenceTd"> filters of the supported CipherSuites that will be supported and
used if available. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>disableCNcheck</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
<tt>false</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
2.0.5 </td><td colspan="1" rowspan="1" class="confluenceTd"> Indicates whether
that the hostname given in the HTTPS URL will be checked against the service's Common Name
(CN) given in its certificate during SOAP client requests, and failing if there is a mismatch.
 If set to <tt>true</tt> (<b>not recommended for production use</b>),
such checks will be bypassed.  That will allow you, for example, to use a URL such as <tt>localhost</tt>
during development. </td></tr><tr><td colspan="1" rowspan="1" class=
 "confluenceTd"> <tt>jsseProvider</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> default JVM provider associated with protocol </td><td colspan="1"
rowspan="1" class="confluenceTd">&#160;</td><td colspan="1" rowspan="1" class="confluenceTd">
JSSE provider name. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>keyManagers</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
JVM default Key Managers </td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd"> Key Managers to hold X509 certificates. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>secureRandomParameters</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> JVM default Secure Random
</td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd"> SecureRandom specification. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>secureSocketPro
 tocol</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> "TLS"
</td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd"> Protocol Name. Most common example are "SSL",
"TLS" or "TLSv1". </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>trustManagers</tt> </td><td colspan="1" rowspan="1" class="confluenceTd">
JVM default Trust Managers </td><td colspan="1" rowspan="1" class="confluenceTd">&#160;</td><td
colspan="1" rowspan="1" class="confluenceTd"> TrustManagers to validate peer X509 certificates.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>useHttpsURLConnectionDefaultSslSocketFactory</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> 2.2.7 </td><td
colspan="1" rowspan="1" class="confluenceTd"> specifies if <a shape="rect" class="external-link"
href="http://java.sun.com/javase/6/docs/api/javax/net/ssl
 /HttpsURLConnection.html#getDefaultSSLSocketFactory()" rel="nofollow">HttpsURLConnection.getDefaultSSLSocketFactory()</a>
should be used to create https connections. If '<tt>true</tt>', '<tt>jsseProvider</tt>',
'<tt>secureSocketProtocol</tt>', '<tt>trustManagers</tt>', '<tt>keyManagers</tt>',
'<tt>secureRandom</tt>', '<tt>cipherSuites</tt>' and '<tt>cipherSuitesFilter</tt>'
configuration parameters are ignored. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>useHttpsURLConnectionDefaultHostnameVerifier</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> <tt>false</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> 2.2.7 </td><td
colspan="1" rowspan="1" class="confluenceTd"> This attribute specifies if <a shape="rect"
class="external-link" href="http://java.sun.com/javase/6/docs/api/javax/net/ssl/HttpsURLConnection.html#getDefaultHostnameVerifier()"
rel="nofollow">HttpsURLConnection.getDefaultHostnameVerifier()</a> should be used
to create https co
 nnections. If '<tt>true</tt>', '<tt>disableCNCheck</tt>' configuration
parameter is ignored. </td></tr></tbody></table>
+</div>
+
+
+
+<p>Note :  <tt>disableCNcheck</tt> is a parameterized boolean, you can
use a fixed variable <tt>true</tt>|<tt>false</tt> as well as a <a
shape="rect" class="external-link" href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer"
rel="nofollow">Spring externalized property</a> variable (e.g. <tt>${disable-https-hostname-verification</tt>})
or a <a shape="rect" class="external-link" href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef"
rel="nofollow">Spring expression</a> (e.g. <tt>#{systemProperties['dev-mode']</tt>}).</p>
+
+<p>Sample : </p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader"
style="border-bottom-width: 1px;"><b>HTTP conduit configuration disabling HTTP URL
hostname verification (usage of localhost, etc)</b></div><div class="codeContent
panelContent">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
+ ...
+ &lt;http-conf:conduit 
+     name="{http://example.com/}HelloWorldServicePort.http-conduit"&gt;
+
+   &lt;!-- deactivate HTTPS url hostname verification (localhost, etc)    --&gt;
+   &lt;!-- WARNING ! disableCNcheck=true should NOT be used in production --&gt;
+   &lt;http-conf:tlsClientParameters disableCNcheck="true" /&gt;
+   ...
+ &lt;/http-conf:conduit&gt;
+ ...
+]]></script>
+</div></div></div>
+           </div>
+           <!-- Content -->
+         </td>
+        </tr>
+      </table>
+   </td>
+   <td id="cell-2-2" colspan="2">&nbsp;</td>
+  </tr>
+  <tr>
+   <td id="cell-3-0">&nbsp;</td>
+   <td id="cell-3-1">&nbsp;</td>
+   <td id="cell-3-2">
+     <div id="footer">
+       <!-- Footer -->
+       <div id="site-footer">
+         <a href="http://cxf.apache.org/privacy-policy.html">Privacy Policy</a>
- 
+         (<a href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=34014457">edit
page</a>) 
+	 (<a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34014457&amp;showComments=true&amp;showCommentArea=true#addcomment">add
comment</a>)<br>
+	Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.<br>
+        All other marks mentioned may be trademarks or registered trademarks of their respective
owners.
+       </div>
+       <!-- Footer -->
+     </div>
+   </td>
+   <td id="cell-3-3">&nbsp;</td>
+   <td id="cell-3-4">&nbsp;</td>
+  </tr>
+  <tr>
+    <td id="cell-4-0" colspan="2">&nbsp;</td>
+    <td id="cell-4-1">&nbsp;</td>
+    <td id="cell-4-2" colspan="2">&nbsp;</td>
+  </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
+document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+



Mime
View raw message