cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Polar Humenn <phum...@iona.com>
Subject CXF-706 Patch
Date Thu, 07 Jun 2007 03:48:45 GMT

Greetings,

I have a patch that I attached to JIRA CXF-706.
I'd appreciate if somebody could apply it.
It doesn't have any binary files so, its application should be okay.

This patch gets rid of the Deprecated SSL stuff, allows to
you to use multiple Http Destinations on the same HTTPS port.

This required some refactoring of the Spring configuration, so if you were
using
   <http:destination name"...">
         <http:sslServer>
          ....
        </http:sslServer>
   </http:destination>
before you need to revamp.

You now configure the "port" for SSL/TLS, no longer the destination. 
This is done by
configuring arguments to the Jetty Http Server Engine Factory for a 
particular bus, like
so;
<beans
  xmlns:sec="http://cxf.apache.org/configuration/security"
  xmlns:http="http://cxf.apache.org/transports/http/configuration"
  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
 >
  <httpj:engine-factory bus="cxf">
        <httpj:engine port="2999">
            <httpj:tlsServerParameters>
                <sec:keyManagers keyPassword="pass">
                    <sec:keyStore type="jks" password="pass" 
file="path/to/keystore.jks"/>
                </sec:keyManagers>
                <sec:trustManagers>
                    <sec:keyStore type="jks" password="pass" 
file="path/to/truststore.jks"/>
                </sec:trustManagers>
                <sec:clientAuthentication want="true" required="true"/>
            </httpj:tlsServerParameters>
            <httpj:threadingParameters minThreads="10" maxThreads="20"/>
       </httpj:engine>
  <httpj:engine-factory>

  <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl"/>

</beans>

For programmatic configuration you pull the JettyHTTPServerEngineFactory 
off of the bus
as an extension, and

         factory.setTLSServerParametersForPort(port, tlsServerParameters);

before the Server Engine is created. Setting this after the engine is 
created for that
port will have no effect.

If you were using a "special" configurer that looked for the 
implemenation name
of a JettyHTTPServerEngine.port#, and tried to configurer it 
programatically, that no longer
works as the JettyHTTPServerEngine is not longer "configurable" by 
anything but its factory.
You must configure the factory.

Cheers,
-Polar


Mime
View raw message