cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Freeman Fang <freeman.f...@gmail.com>
Subject Re: Enadling Security for the cxf webservice
Date Tue, 16 Jul 2013 04:51:10 GMT
Hi,

The
<httpj:engine-factory …>
is used for server side, for the client side HTTPS configuration, you should configure the
http:conduit, take a look at [1] to get more details
[1]http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
-------------
Freeman(Yue) Fang

Red Hat, Inc. 
FuseSource is now part of Red Hat
Web: http://fusesource.com | http://www.redhat.com/
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: @Freeman小屋



On 2013-7-15, at 下午8:39, CXF_User wrote:

> I have created a CXF webservice and exposed it through a Secured (HTTPS)
> webdomain. From my client directly i access the webservice without even
> using the SSL certificate of that webdomain.
> 
> In my client code i am explicitly setting to trust all the certificates due
> to which, it not even checks the authenticity of the client. This should not
> ideally happen for me.
> 
> On doing some analysis, I see it is possible to do it using the tag
> <httpj:engine-factory bus="cxf">
> (http://fusesource.com/docs/framework/2.1/security/HTTPCompatible.html#i488847).
> even after adding those entries to my wsdl, i am unable to secure my
> webservice through my webdomain cert.
> 
> Could some one please advice ? 
> 
> 
> 
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Enadling-Security-for-the-cxf-webservice-tp5730751.html
> Sent from the cxf-dev mailing list archive at Nabble.com.


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message