cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vassilis Virvilis (JIRA)" <j...@apache.org>
Subject [jira] Updated: (CXF-2142) HTTPS: custom keystore: regression in 2.2 from 2.1.3
Date Mon, 30 Mar 2009 13:44:50 GMT

     [ https://issues.apache.org/jira/browse/CXF-2142?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Vassilis Virvilis updated CXF-2142:
-----------------------------------


Please ignore / forget about this issue. My testing was incomplete and wrong.

The problem was that the cxf.xml was not being picked up and the reason for that was the absence
of the spring libraries.

So this is a non issue. Sorry for the noise

> HTTPS: custom keystore: regression in 2.2 from 2.1.3
> ----------------------------------------------------
>
>                 Key: CXF-2142
>                 URL: https://issues.apache.org/jira/browse/CXF-2142
>             Project: CXF
>          Issue Type: Bug
>    Affects Versions: 2.2
>         Environment: debian linux java jre 1.5 unstable
>            Reporter: Vassilis Virvilis
>
> I have the following regression in https usage. My previous setup in 2.1.3 was working
correctly with a custom keystore in resources. My cxf.xml was like this
> <beans xmlns="http://www.springframework.org/schema/beans"
>         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>         xmlns:sec="http://cxf.apache.org/configuration/security"
>         xmlns:http="http://cxf.apache.org/transports/http/configuration"
>         xsi:schemaLocation="http://cxf.apache.org/configuration/security
>                 http://cxf.apache.org/schemas/configuration/security.xsd
>                 http://cxf.apache.org/transports/http/configuration
>                 http://cxf.apache.org/schemas/configuration/http-conf.xsd
>                 http://www.springframework.org/schema/beans
>                 http://www.springframework.org/schema/beans/spring-beans.xsd">
>   <http:conduit name="{http://lib.biovista.com/}UserSessionManagerPort.http-conduit">
>     <http:tlsClientParameters secureSocketProtocol="SSL">
>       <sec:trustManagers>
>         <sec:keyStore resource="resources/keystore.jks" />
>       </sec:trustManagers>
>       <sec:cipherSuitesFilter>
>         <sec:include>.*</sec:include>
>         <sec:exclude>.*_DH_anon_.*</sec:exclude>
>       </sec:cipherSuitesFilter>
>     </http:tlsClientParameters>
>     <http:client Connection="Keep-Alive"/>
>   </http:conduit>
> </beans>
> With 2.2 cxf doesn't pickup the correct keystore. It uses JRE's original keystore.
> Looks like that something has changed. Following  Dan Kulp's  advise I was
> able to get it working by specifying
>  <http:conduit name="https://host.foo.com.*">
> Also it worked the following so I don't need to have the same xml configuration for multiple
servers
>  <http:conduit name="https://.*.foo.com.*">
> so it looks to me that now we CXF matches against urls instead of wsdl stuff (port names,
ifnames etc) like
> name="{http://lib.foo.com/}UserSessionManagerPort.http-conduit">
> 		^		^
> 		|____ java package name
> 				|___ java interface

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message