You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Vassilis Virvilis (JIRA)" <ji...@apache.org> on 2009/03/30 15:44:50 UTC

[jira] Updated: (CXF-2142) HTTPS: custom keystore: regression in 2.2 from 2.1.3

     [ https://issues.apache.org/jira/browse/CXF-2142?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vassilis Virvilis updated CXF-2142:
-----------------------------------


Please ignore / forget about this issue. My testing was incomplete and wrong.

The problem was that the cxf.xml was not being picked up and the reason for that was the absence of the spring libraries.

So this is a non issue. Sorry for the noise

> HTTPS: custom keystore: regression in 2.2 from 2.1.3
> ----------------------------------------------------
>
>                 Key: CXF-2142
>                 URL: https://issues.apache.org/jira/browse/CXF-2142
>             Project: CXF
>          Issue Type: Bug
>    Affects Versions: 2.2
>         Environment: debian linux java jre 1.5 unstable
>            Reporter: Vassilis Virvilis
>
> I have the following regression in https usage. My previous setup in 2.1.3 was working correctly with a custom keystore in resources. My cxf.xml was like this
> <beans xmlns="http://www.springframework.org/schema/beans"
>         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>         xmlns:sec="http://cxf.apache.org/configuration/security"
>         xmlns:http="http://cxf.apache.org/transports/http/configuration"
>         xsi:schemaLocation="http://cxf.apache.org/configuration/security
>                 http://cxf.apache.org/schemas/configuration/security.xsd
>                 http://cxf.apache.org/transports/http/configuration
>                 http://cxf.apache.org/schemas/configuration/http-conf.xsd
>                 http://www.springframework.org/schema/beans
>                 http://www.springframework.org/schema/beans/spring-beans.xsd">
>   <http:conduit name="{http://lib.biovista.com/}UserSessionManagerPort.http-conduit">
>     <http:tlsClientParameters secureSocketProtocol="SSL">
>       <sec:trustManagers>
>         <sec:keyStore resource="resources/keystore.jks" />
>       </sec:trustManagers>
>       <sec:cipherSuitesFilter>
>         <sec:include>.*</sec:include>
>         <sec:exclude>.*_DH_anon_.*</sec:exclude>
>       </sec:cipherSuitesFilter>
>     </http:tlsClientParameters>
>     <http:client Connection="Keep-Alive"/>
>   </http:conduit>
> </beans>
> With 2.2 cxf doesn't pickup the correct keystore. It uses JRE's original keystore.
> Looks like that something has changed. Following  Dan Kulp's  advise I was
> able to get it working by specifying
>  <http:conduit name="https://host.foo.com.*">
> Also it worked the following so I don't need to have the same xml configuration for multiple servers
>  <http:conduit name="https://.*.foo.com.*">
> so it looks to me that now we CXF matches against urls instead of wsdl stuff (port names, ifnames etc) like
> name="{http://lib.foo.com/}UserSessionManagerPort.http-conduit">
> 		^		^
> 		|____ java package name
> 				|___ java interface

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.