cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rahul Somasunderam <r...@certifydatasystems.com>
Subject Re: Setting TLS Client Parameters on Decoupled Response
Date Tue, 27 Jan 2015 16:50:05 GMT
I realized what I was doing wrong. I moved my interceptor to the SETUP phase and it works now.

On Jan 26, 2015, at 2:08 PM, Rahul Somasunderam <rsom@certifydatasystems.com> wrote:

> Hi,
> 
> I noticed that the system keystore is not being used for the part where CXF
> is the server, and sends the decoupled response to the ReplyTo url.
> 
> I tried putting an Out Interceptor that does this:
> 
>  void handleMessage(Message message) throws Fault {
>    def conduit = message.getExchange().getConduit()
>    if (conduit instanceof HTTPConduit) {
>      def keyStore = /* obtain keystore */
>      def keyManagerFactory =
> KeyManagerFactory.getInstance(KeyManagerFactory.defaultAlgorithm)
>      keyManagerFactory.init(keyStore, [] as char[])
>      conduit.tlsClientParameters = new TLSClientParameters()
>      conduit.tlsClientParameters.keyManagers =
> keyManagerFactory.keyManagers
>    }
>  }
> 
> This doesn't work either.
> 
> I always get this exception:
> 
> Interceptor for
> {urn:ihe:iti:xds-b:2007}RespondingGatewayQuery_Service#{urn:ihe:iti:xds-b:2007}RespondingGateway_CrossGatewayQuery
> has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: Could not send Message.
> 	at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
> 	at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> 	at
> org.apache.cxf.interceptor.OutgoingChainInterceptor.handleMessage(OutgoingChainInterceptor.java:77)
> 	at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> 	at
> org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:231)
> 	at
> org.apache.cxf.ws.addressing.impl.InternalContextUtils$1.run(InternalContextUtils.java:264)
> 	at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:426)
> 	at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> 	at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> 	at
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:351)
> 	at java.lang.Thread.run(Thread.java:722)
> Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException
> invoking https://hl-connect2/hl/Clinic/xca-r-query: Received fatal alert:
> handshake_failure
> 	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1474)
> 	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1459)
> 	at
> org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:50)
> 	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:229)
> 	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
> 	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:660)
> 	at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> 	... 10 more
> Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert:
> handshake_failure
> 	at java.io.BufferedInputStream.fill(BufferedInputStream.java:235)
> 	at java.io.BufferedInputStream.read1(BufferedInputStream.java:275)
> 	at java.io.BufferedInputStream.read(BufferedInputStream.java:334)
> 	at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
> 	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1611)
> 	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1537)
> 	at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1445)
> 	... 15 more
> 
> 
> Is there any documentation or trick to get this to work?
> 
> R,
> rahul
> 
> 
> 
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Setting-TLS-Client-Parameters-on-Decoupled-Response-tp5753578.html
> Sent from the cxf-user mailing list archive at Nabble.com.

The information transmitted is intended only for the person or entity to which it is addressed
and may contain CONFIDENTIAL material.  If you receive this material/information in error,
please contact the sender and delete or destroy the material/information.

Mime
View raw message