cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Freeman Fang <freeman.f...@gmail.com>
Subject Re: SSL testing
Date Thu, 06 Mar 2014 08:20:21 GMT
Hi,

You need a dummy TrustManager which can bypass the Certificate check
Some code like
        SOAPService service = new SOAPService(url, SOAPService.SERVICE);

        assertNotNull("Service is null", service);  

        final Greeter port = service.getHttpsPort();

        assertNotNull("Port is null", port);

        
        BindingProvider provider = (BindingProvider)port;

        provider.getRequestContext().put(

              BindingProvider.ENDPOINT_ADDRESS_PROPERTY,

              address);

        Client client = ClientProxy.getClient(port);

        HTTPConduit httpConduit = (HTTPConduit) client.getConduit();

        TrustManager[] trustAllCerts = new TrustManager[] {

            new X509TrustManager() {

 
                public void checkClientTrusted(java.security.cert.X509Certificate[] certs,
String authType) {

                }

 
                public void checkServerTrusted(java.security.cert.X509Certificate[] certs,
String authType) {

                }

 
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {

                    return null;

                }

 
            }

        };

 
        TLSClientParameters tlsParams = new TLSClientParameters();

 
        tlsParams.setTrustManagers(trustAllCerts);

 
       
        tlsParams.setDisableCNCheck(true);

        httpConduit.setTlsClientParameters(tlsParams);

        assertEquals(port.greetMe("Kitty"), "Hello Kitty");

-------------
Freeman(Yue) Fang

Red Hat, Inc. 
FuseSource is now part of Red Hat



On 2014-3-6, at 上午8:34, Matthew Lohbihler wrote:

> How can i configure a client to trust all certificates for testing WS under SSL? I'm
using CXF 3.0.0m2, and the examples i've found appear obsolete. Are there updated examples
somewhere?
> 
> Many thanks,
> Matthew
> 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message