You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by adam_j_bradley <ad...@yahoo.com> on 2008/04/24 10:36:02 UTC

Q: CXF and Mutual authentication

I've been struggling to work out if CXF supports mutual (certificate)
authentication. It would appear XFire had this sorted some time ago
http://xfire.codehaus.org/HTTP+Transport.

Thanks in advance!
Adam
-- 
View this message in context: http://www.nabble.com/Q%3A-CXF-and-Mutual-authentication-tp16847419p16847419.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Q: CXF and Mutual authentication

Posted by adam_j_bradley <ad...@yahoo.com>.

Thankyou for the good news! Still having issues and I get the feeling the
following  http://www.nabble.com/file/p16922997/2444291761_fb40038f35_o.jpg 
isn't actual mutual authentication!

I'm referring to
http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#HowSSLWorks
(search for "The SSL Protocol") 
http://www.nabble.com/file/p16922997/sslmessages.gif  which indicates I
should find a "Certificate Request" (step 4).

What do you think?
Thanks again!

Adam



Glen Mazza-2 wrote:
> 
> I think so, but perhaps our documentation[1] is not as strong as it
> should be.  The TLSParameterBase[2], which is the superclass of
> TLSClientParameters explained in [1] and TLSServerParameters[3] for the
> service provider should be able to support what you need.
> 
> HTH,
> Glen
> 
> 
> [1]
> http://cwiki.apache.org/CXF20DOC/client-http-transport-including-ssl-support.html
> 
> [2]
> https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterBase.java
> 
> [3]
> https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParameters.java
> 
> 
> 
> 2008-04-24 adam_j_bradley wrote:
>> I've been struggling to work out if CXF supports mutual (certificate)
>> authentication. It would appear XFire had this sorted some time ago
>> http://xfire.codehaus.org/HTTP+Transport.
>> 
>> Thanks in advance!
>> Adam
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Q%3A-CXF-and-Mutual-authentication-tp16847419p16922997.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Q: CXF and Mutual authentication

Posted by Glen Mazza <gl...@verizon.net>.

I think so, but perhaps our documentation[1] is not as strong as it
should be.  The TLSParameterBase[2], which is the superclass of
TLSClientParameters explained in [1] and TLSServerParameters[3] for the
service provider should be able to support what you need.

HTH,
Glen

[1]
http://cwiki.apache.org/CXF20DOC/client-http-transport-including-ssl-support.html

[2]
https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterBase.java

[3]
https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParameters.java

2008-04-24 adam_j_bradley wrote:
> I've been struggling to work out if CXF supports mutual (certificate)
> authentication. It would appear XFire had this sorted some time ago
> http://xfire.codehaus.org/HTTP+Transport.
> 
> Thanks in advance!
> Adam