cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jdu (JIRA)" <j...@apache.org>
Subject [jira] Created: (CXF-2863) When 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'trustManagers' configuration is not truly ignored
Date Fri, 25 Jun 2010 12:14:51 GMT
When 'useHttpsURLConnectionDefaultSslSocketFactory'  is true, the 'trustManagers' configuration
is not truly ignored
--------------------------------------------------------------------------------------------------------------------

                 Key: CXF-2863
                 URL: https://issues.apache.org/jira/browse/CXF-2863
             Project: CXF
          Issue Type: Improvement
          Components: Transports
    Affects Versions: 2.2.9
         Environment: Spring Framework 3.x
            Reporter: jdu
            Priority: Minor


According to documentation when 'useHttpsURLConnectionDefaultSslSocketFactory'  is true, the
'jsseProvider', 'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom', 'cipherSuites'
and 'cipherSuitesFilter' configuration parameters are ignored. 

But, invalid 'trustManagers' (missing truststore file for example) leads to error.

While this parameter has been added to easily disable SSL verification while being on testing/development
phases.
As far as, a valid 'truststore' file need to be provided, the main objective (easy setup)
is not reach.

Expected behavior: when 'useHttpsURLConnectionDefaultSslSocketFactory'  is true, the 'jsseProvider',
'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom', 'cipherSuites' and
'cipherSuitesFilter' configuration parameters are completely ignored (invalid or incomplete
configuration).

I suggest to fix it in 'TLSClientParametersConfig' by quickly return out of the function 'createTLSClientParametersFromType'
 when "params.isUseHttpsURLConnectionDefaultSslSocketFactory()" is true.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message