cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <>
Subject Re: How service-side HTTPS cipher suite filters are defined
Date Tue, 17 Aug 2010 18:09:02 GMT
On Tuesday 17 August 2010 9:59:54 am Glen Mazza wrote:
> Hello, I'd like to confirm something:
> The CXF documentation shows where cipher suite filters can be defined on
> the client-side:
> However, for service-side, you apparently need to configure the underlying
> servlet container and not the web service itself, for example here with
> Jetty:
> ort
> And Tomcat has a "ciphers" element that will apparently do the same thing:
> So there is no web-service level configuration of cipher suite filters, but
> just that of the servlet container (or Endpoint implementation) hosting the
> web service, correct?

That's correct.   For the most part, the ciphers and such are part of the 
socket level negotiation of SSL/TLS.   Thus, it occurs long before CXF really 
has any say in anything.   That's why it needs to be configured on the 
container or jetty directly.

Daniel Kulp

View raw message