You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2018/10/03 13:34:01 UTC
[jira] [Closed] (CXF-7782) Client session context is null before
SSL context initialization
[ https://issues.apache.org/jira/browse/CXF-7782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh closed CXF-7782.
------------------------------------
> Client session context is null before SSL context initialization
> ----------------------------------------------------------------
>
> Key: CXF-7782
> URL: https://issues.apache.org/jira/browse/CXF-7782
> Project: CXF
> Issue Type: Bug
> Components: Transports
> Affects Versions: 3.2.5
> Environment: bctls-jdk15on-1.59
> Reporter: Oliver Knerr
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Labels: easyfix
> Fix For: 3.2.6, 3.1.17
>
>
> We are going to replace the default (Sun) JSSE provider with the one from BouncyCastle and are running into a {{NullPointerException}} when getting the {{SSLSessionContext}} from the {{SSLContext}}.
> The problem occurs in
> {{org.apache.cxf.transport.https.SSLUtils.getSSLContext(TLSParameterBase):73}}
> when trying to set the timeout for the SSL session.
> The javadoc of
> {{javax.net.ssl.SSLContext.getClientSessionContext()}}
> states that "[the client session context] may be unavailable in some environments, in which case this method returns null. [...]"
> Apparently, this is (in general) not the case for the SunJSSE provider, but the BCJSSE provider needs the {{SSLContext}} to be initialized before the client session context is available. So after the call of
> {{javax.net.ssl.SSLContext.init(KeyManager[], TrustManager[], SecureRandom)}}
> which happens further below (line 87), the client session context is not null any more, but it's too late, obviously.
> For the BCJSSE provider, setting the session timeout musst happen after the {{init()}} of the {{SSLContext}}. But a general handling in case of {{getClientSessionContext()}}returning null wouldn't hurt either.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)