You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by "Bouchard, Kevin" <Ke...@cardinal.com> on 2006/05/05 22:07:34 UTC

servicemix-http provider ssl problem

 

Hi all,

 

I've done a few tests with servicemix-http over HTTPS. On the consumer
side, everyting works fine. However, I've found a few bugs in the
ProviderProcessor when the URL connection is HTTPS. The
trustStorePassword property is not set if the trust store location
doesn't begin by "classpath:" so the code throws a NullPointerException.
Moreover, the connection still fails even though I fixed the first
problem. After a few hours of debugging, I found the problem and fixed
it.

 

 

To fix the first problem, add the following snippet after line 95 in
org.apache.servicemix.http.processors.CommonsHttpSSLSocketFactory.java:

 

trustStorePassword = ssl.getTrustStorePassword();

            if (trustStorePassword == null) {

                trustStorePassword =
System.getProperty("javax.net.ssl.trustStorePassword");

                if (keyStorePassword == null) {

                    throw new
IllegalArgumentException("trustStorePassword or system property
javax.net.ssl.trustStorePassword must be set");

                }

            }

 

To fix the second problem, add the following line after line 164 in
org.apache.servicemix.http.processors.ProviderProcessor.java:

Protocol.registerProtocol("https",protocol);

 

Everyting works fine after those modifications are applied. I will raise
a JIRA for this and submit a patch for it, though I want to inform
everybody of the problem and solution to it.

 

Kevin.


Cardinal Health -- Working together. For life. (sm)
_________________________________________________

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.

Dansk - Deutsch - Espanol - Francais - Italiano - Japanese - Nederlands - Norsk - Portuguese - Svenska: www.cardinalhealth.com/legal/email

Re: servicemix-http provider ssl problem

Posted by Guillaume Nodet <gn...@gmail.com>.
Thanks a lot !!!
I had seen the problem and raised a jira some time ago but never had
time to figure where the problem was.
I have checked in both fixes.

However, I have slightly modified the fix for the second problem:  the
registerProtocol uses a static map indexed by the protocol, but the
servicemix-http may support more than one ssl configuration at the
same time.  The real problem was that we use an absolute uri when
creating the PostMethod and this constructor overrides the settings
from the host.  Using a relative uri solve the problem nicely.

Cheers,
Guillaume Nodet

On 5/5/06, Bouchard, Kevin <Ke...@cardinal.com> wrote:
>
>
> Hi all,
>
>
>
> I've done a few tests with servicemix-http over HTTPS. On the consumer
> side, everyting works fine. However, I've found a few bugs in the
> ProviderProcessor when the URL connection is HTTPS. The
> trustStorePassword property is not set if the trust store location
> doesn't begin by "classpath:" so the code throws a NullPointerException.
> Moreover, the connection still fails even though I fixed the first
> problem. After a few hours of debugging, I found the problem and fixed
> it.
>
>
>
>
>
> To fix the first problem, add the following snippet after line 95 in
> org.apache.servicemix.http.processors.CommonsHttpSSLSocketFactory.java:
>
>
>
> trustStorePassword = ssl.getTrustStorePassword();
>
>             if (trustStorePassword == null) {
>
>                 trustStorePassword =
> System.getProperty("javax.net.ssl.trustStorePassword");
>
>                 if (keyStorePassword == null) {
>
>                     throw new
> IllegalArgumentException("trustStorePassword or system property
> javax.net.ssl.trustStorePassword must be set");
>
>                 }
>
>             }
>
>
>
> To fix the second problem, add the following line after line 164 in
> org.apache.servicemix.http.processors.ProviderProcessor.java:
>
> Protocol.registerProtocol("https",protocol);
>
>
>
> Everyting works fine after those modifications are applied. I will raise
> a JIRA for this and submit a patch for it, though I want to inform
> everybody of the problem and solution to it.
>
>
>
> Kevin.
>
>
> Cardinal Health -- Working together. For life. (sm)
> _________________________________________________
>
> This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.
>
> Dansk - Deutsch - Espanol - Francais - Italiano - Japanese - Nederlands - Norsk - Portuguese - Svenska: www.cardinalhealth.com/legal/email
>
>