cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shaw, Richard A" <richard.s...@atkinsglobal.com>
Subject Wsdl returned from secure service
Date Thu, 07 Jun 2007 09:50:28 GMT
I've secured my service using the following bean -

<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:sec="http://cxf.apache.org/configuration/security"
  xmlns:http="http://cxf.apache.org/transports/http/configuration"
  xsi:schemaLocation="
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schema/transports/http.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">

  <http:destination id="{http://www.atkinsglobal.com/mosaic/traffic/twdatabaseaccess/}TWDatabaseAccessPort.http-destination">
    <http:sslServer>
      <sec:Keystore>etc/TrafficWales.p12</sec:Keystore>
      <sec:KeystoreType>PKCS12</sec:KeystoreType>
      <sec:KeystorePassword>password</sec:KeystorePassword>
      <sec:KeyPassword>m0sa1c</sec:KeyPassword>
      <sec:WantClientAuthentication>true</sec:WantClientAuthentication>
      <sec:RequireClientAuthentication>true</sec:RequireClientAuthentication>
      <sec:TrustStore>etc/mosaic.truststore</sec:TrustStore>
      <sec:CiphersuiteFilters>
        <!-- these filters ensure that a ciphersuite with
          export-suitable or null encryption is used,
          but exclude anonymous Diffie-Hellman key change as
          this is vulnerable to man-in-the-middle attacks -->
        <sec:include>.*_EXPORT_.*</sec:include>
        <sec:include>.*_EXPORT1024_.*</sec:include>
        <sec:include>.*_WITH_DES_.*</sec:include>
        <sec:include>.*_WITH_NULL_.*</sec:include>
        <sec:exclude>.*_DH_anon_.*</sec:exclude>
      </sec:CiphersuiteFilters>
    </http:sslServer>
  </http:destination>

</beans>

And when I call the https://localhost:9095/TWDatabaseAccessService?wsdl the returned wsdl
has the address set as http://localhost:9095/TWDatabaseAccessService

I then get the following error -

Caused by: java.io.IOException: Illegal Protocol http for HTTPS URLConnection Factory.
	at org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:112)
	at org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:447)
	at org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:45)
	... 31 more

Richard Shaw

¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø¤º°`°º¤ø,¸¸,ø¤

Richard Shaw  
Technical Design Authority - Information Solutions Consultancy  
Intelligent Transport Systems 

Atkins Highways and Transportation 
Woodcote Grove, Ashley Road, Epsom, Surrey, KT18 5BW

Tel: +44 (0) 1372 756407 
Fax: +44 (0) 1372 740055
Mob: 07740 817586 
E-mail: richard.shaw@atkinsglobal.com

www.atkinsglobal.com/its



This email and any attached files are confidential and copyright protected. If you are not
the addressee, any dissemination of this communication is strictly prohibited. Unless otherwise
expressly agreed in writing, nothing stated in this communication shall be legally binding.

The ultimate parent company of the Atkins Group is WS Atkins plc.  Registered in England No.
1885586.  Registered Office Woodcote Grove, Ashley Road, Epsom, Surrey KT18 5BW.

Consider the environment. Please don't print this e-mail unless you really need to. 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message