cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tog <guillaume.all...@gmail.com>
Subject Re: cxf server using https
Date Mon, 09 Mar 2009 22:29:11 GMT
Well, that's what I thought first then I change the definition in
    src/demo/hw_https/server/CherryServer.xml
to match
          <sec:clientAuthentication want="true" required="false"/>
and
          <sec:clientAuthentication want="false" required="false"/>

Both case give the same results:

Firefox says: ssl_error_no_cypher_overlap
while the sample returns the same as previously:

[INFO] WARNING: EXCEPTION
[INFO] javax.net.ssl.SSLHandshakeException: no cipher suites in common
[INFO]  at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
[INFO]  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
[INFO]  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
[INFO]  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
[INFO]  at com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:639)
[INFO]  at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:450)
[INFO]  at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:178)
[INFO]  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
[INFO]  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)

It looks that the client auth is still required ?




On Tue, Mar 10, 2009 at 2:05 AM, Daniel Kulp <dkulp@apache.org> wrote:
>
> That sample is setup to require the client to authenticate with the
> appropriate certs.   Thus, the only way to get firefox to view the wsdl would
> be import the certs into the firefox stores and such (which I have no idea how
> to do).      Basically, it's showing you that it's working exactly as
> designed.  :-)   Only people with the right credentials can get in.
>
>
> Dan
>
>
> On Mon March 9 2009 9:08:50 am tog wrote:
>> Hi
>>
>> I run the
>> "apache-cxf-2.1.4-src/distribution/src/main/release/samples/wsdl_first_http
>>s" sample ... using mvn -Pserver.
>> It does start succesfully but when I want to get the wsdl in firefox I
>> got this error:
>>
>> [INFO] WARNING: EXCEPTION
>> [INFO] javax.net.ssl.SSLHandshakeException: no cipher suites in common
>> [INFO]  at
>> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) [INFO]
>>  at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
>> [INFO]  at
>> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174) [INFO]
>>  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
>> [INFO]  at
>> com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHands
>>haker.java:639) [INFO]  at
>> com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.
>>java:450) [INFO]  at
>> com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshak
>>er.java:178) [INFO]  at
>> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
>> [INFO]  at
>> com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
>> [INFO]  at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:81
>>8) [INFO]  at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocke
>>tImpl.java:1030) [INFO]  at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.jav
>>a:1057) [INFO]  at
>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.jav
>>a:1041) [INFO]  at
>> org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketCo
>>nnector.java:630) [INFO]  at
>> org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:48
>>8)
>>
>> What am I doing wrong and how can I fix this ?
>>
>> Best Regards
>> Guillaume
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>



-- 

PGP KeyID: 1024D/47172155
FingerPrint: C739 8B3C 5ABF 127F CCFA  5835 F673 370B 4717 2155

http://cheztog.blogspot.com

Mime
View raw message