cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Lohbihler ...@serotoninsoftware.com>
Subject Re: SSL testing
Date Thu, 06 Mar 2014 14:34:14 GMT
Thank you Freeman! Note that i couldn't find the classes SOAPService and 
Greeter, but was able to use ClientProxyFactoryBean for the same 
purpose. The key was this:

         HTTPConduit httpConduit = (HTTPConduit) 
((org.apache.cxf.endpoint.Client) client).getConduit();

I didn't know where the conduit came from. The rest of your code matched 
that from the previous CXF version. Below is the code that i got working.

Again, many thanks,
Matthew

         ClientProxyFactoryBean factory = new ClientProxyFactoryBean();

         // factory.setAddress("http://localhost:9000/ota");
         factory.setAddress("https://localhost:9001/ota");

         OTAEndpoint client = factory.create(OTAEndpoint.class);
         HTTPConduit httpConduit = (HTTPConduit) 
((org.apache.cxf.endpoint.Client) client).getConduit();

         TLSClientParameters params = httpConduit.getTlsClientParameters();
         if (params == null) {
             params = new TLSClientParameters();
             httpConduit.setTlsClientParameters(params);
         }

         params.setTrustManagers(new TrustManager[] { new 
X509TrustManager() {
             @Override
             public java.security.cert.X509Certificate[] 
getAcceptedIssuers() {
                 return null;
             }

             @Override
             public void 
checkServerTrusted(java.security.cert.X509Certificate[] chain, String 
authType)
                     throws CertificateException {
                 // no op
             }

             @Override
             public void 
checkClientTrusted(java.security.cert.X509Certificate[] chain, String 
authType)
                     throws CertificateException {
                 // no op
             }
         } });

         params.setDisableCNCheck(true);





On 3/6/2014 3:20 AM, Freeman Fang wrote:
> Hi,
>
> You need a dummy TrustManager which can bypass the Certificate check
> Some code like
>          SOAPService service = new SOAPService(url, SOAPService.SERVICE);
>
>          assertNotNull("Service is null", service);
>
>          final Greeter port = service.getHttpsPort();
>
>          assertNotNull("Port is null", port);
>
>          
>          BindingProvider provider = (BindingProvider)port;
>
>          provider.getRequestContext().put(
>
>                BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
>
>                address);
>
>          Client client = ClientProxy.getClient(port);
>
>          HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
>
>          TrustManager[] trustAllCerts = new TrustManager[] {
>
>              new X509TrustManager() {
>
>   
>                  public void checkClientTrusted(java.security.cert.X509Certificate[]
certs, String authType) {
>
>                  }
>
>   
>                  public void checkServerTrusted(java.security.cert.X509Certificate[]
certs, String authType) {
>
>                  }
>
>   
>                  public java.security.cert.X509Certificate[] getAcceptedIssuers() {
>
>                      return null;
>
>                  }
>
>   
>              }
>
>          };
>
>   
>          TLSClientParameters tlsParams = new TLSClientParameters();
>
>   
>          tlsParams.setTrustManagers(trustAllCerts);
>
>   
>         
>          tlsParams.setDisableCNCheck(true);
>
>          httpConduit.setTlsClientParameters(tlsParams);
>
>          assertEquals(port.greetMe("Kitty"), "Hello Kitty");
>
> -------------
> Freeman(Yue) Fang
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
>
>
>
> On 2014-3-6, at 上午8:34, Matthew Lohbihler wrote:
>
>> How can i configure a client to trust all certificates for testing WS under SSL?
I'm using CXF 3.0.0m2, and the examples i've found appear obsolete. Are there updated examples
somewhere?
>>
>> Many thanks,
>> Matthew
>>
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message