cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <>
Subject Re: https for wsdl
Date Wed, 23 Jul 2008 14:55:58 GMT

On Jul 23, 2008, at 8:09 AM, Benson Margulies wrote:
> Fred's email caught my eye. How hard would this be? What's involved?

Depends on how you want to implement it.   :-)

If you want to reuse the existing http-conduit configuration so that  
the configuration can be shared between the wsdl retrieval and the  
endpoint that uses it, it's quite a bit of work.   Part of the reason  
is that the conduit configuration is always based on the endpoint  
qname, which isn't something we have when retrieving the wsdl.     The  
original thought was to have a WSDLLocator that would grab the conduit  
factories from the bus and have it find the appropriate for the URL  
and create a full conduit.   Thus, you could actually retrieve wsdl  
based any transport.  (like jms)  However, that doesn't work anyway as  
the WSDLQueryHandler is only called from the HTTP stuff anyway.

The simplest solution would be to modify the  
"ResourceManagerWSDLLocator" to catch the exceptions when calling the  
parent.getBaseInputSource() and then call into the  
ResourceResolvers.    If that then fails, then retrhow the  
exception.    The user could then register a ResourceResolver to  
handle their own https requirements (or any other requirement).    If  
we do this, the http transport could immediately register an  
Implementation that would handle https based on the configuration it  
knows about.

For the configuration, we currently have something like:
   <http:conduit name="{ 
     <http:tlsClientParameters disableCNCheck="true">

We could extend it for this case to allow something like:

   <http:conduit name=" 
     <http:tlsClientParameters disableCNCheck="true">


or similar such that we can name a conduit configuration based on the  
wsdl URL (instead of just an endpoint qname) and allow conduits to ref  
one another to link things together (to avoid copying blocks of  
configuration.     This would actually allow several endpoints to  
share a configuration as well without resorting to the wildcards and  

Daniel Kulp

View raw message