cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Polar Humenn <phum...@iona.com>
Subject HTTPConduit JSSE Trust Decider JIRA CXF-438
Date Wed, 07 Mar 2007 20:26:04 GMT
Greetings,

I would like to enable the HTTP Conduit with some security hooks to 
establish a client's trust in the endpoint. This is in response to JIRA 
https://issues.apache.org/jira/browse/CXF-438

The approach will only be applicable to the https protocol using the 
JSSE.  I would like to propose the following interface JSSETrustDecider, 
which will be instantiated by spring configuration based on endpoint or 
on the bus (for all potential https connections).

A call will be made to the JSSETrustDecider at the point the SSL 
handshake completes. If trust is not established, the 
SSLSocket.getOutputStream() will throw the exception from the trust 
decider, which has the desired effect, forbidding anything to be written 
to the wire.

The bean will be spring loaded per statically configured endpoint by 
using the "http-conduit.jsse-trust" suffix, like so:

     <bean name="{http://Qname}EndpointName.http-conduit.jsse-trust" 
class="...">

This work mandates changes to the SSLSocketFactoryWrapper, 
HTTPTransportFactory, HTTPUrlConnectionFactory, and requires a wrapper 
for the SSLSocket.

I have implemented this in http, I need to "translate" that to http2, 
come up with some system tests, and create the patch.

Does everybody agree with the approach?

Cheers,
-Polar

----------
package org.apache.cxf.transport.https;

import javax.net.ssl.HandshakeCompletedEvent;

import org.apache.cxf.service.model.EndpointInfo;

/**
 * This interface is used to decide trust in the TLS peer
 * within the HTTP Conduit using JSSE TLS. The method within
 * this interface is called once at the successfull completion
 * of the inital TLS handshake.
 *
 */
public interface JSSETrustDecider {
        /**
         * This method is called at the completion of the
         * initial handshake for a TLS connection, but before
         * anything else is sent to the peer.
         *
         * @param endpointInfo The CXF Endpoint associated with this 
HTTP conduit.
         * @param event        The JSSE event that contains SSL security 
information.
         *
         * @throws UntrustedTLSConnectionIOException
         *                     The trust decider throws this if
         *                     trust cannot be established.
         */
        void establishTrust(
                        EndpointInfo             endpointInfo,
                        HandshakeCompletedEvent  event
        ) throws
                UntrustedTLSConnectionIOException;
}


Mime
View raw message