cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: CXF client api hook for sun.security.ssl.allowUnsafeRenegotiation
Date Thu, 13 May 2010 19:42:31 GMT


Since we just use the standard HTTPUrlConnection things, the exact same method 
of setting the system described in oracles readme on the topic should work 
fine.   Just set the system property.

Dan


On Thursday 13 May 2010 1:45:13 pm Tom.R wrote:
> Is there a a client api hook for setting the
> "-Dsun.security.ssl.allowUnsafeRenegotiation=true" pertaining to the newly
> discovered renegotiation TLS/SSL security hole (for those using sun jdk
> greater than 1.6.0_18).
> 
> My issue is that I would like my cxf client to communicate with a server,
> which does yet have a patch release for this while keeping my other client
> communications secure.  I was hoping it is possible to avoid using the
> global jdk system setting and restricting it to a specific client.
> 
> Is this possible?  Can this be done through CXF api?  if not, are there any
> other methods/approaches/api that I could tap into to allow this
> communication on the latest jdk1.6.0_20?

-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog

Mime
View raw message