You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by boriss <bs...@eunet.rs> on 2008/11/05 11:37:52 UTC
CxfProducer + SSL
Hi,
I'm trying to use a CxfProducer as a Client for the external WS and I had no
luck finding a documentation about the way of how to configure a cxf-bus on
a Camel cxf-endpoint with additional SSL properties (http:conduit).
Cheers,
Boris
--
View this message in context: http://www.nabble.com/CxfProducer-%2B-SSL-tp20339349s22882p20339349.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: CxfProducer + SSL
Posted by boriss <bs...@eunet.rs>.
Hi,
> BTW, I don't see any @Resource annotation in the HttpConduit source code.
>
we are obviously looking at the two different versions of HTTPConduit. Mine
was, as I’ve mentioned before, 2.1.1 and I can definitely see some
annotations inside of it.
And that’s why I needed them all…
> I don't think you need to add the elements of
> <http-conf:authorization/>
> <http-conf:proxyAuthorization/>
> <http-conf:client/> in your httpconduit configuration.
>
Camel 1.5 and Cxf 2.1.3 looks better -> no @Resource indeed
Cheers,
Boris
--
View this message in context: http://www.nabble.com/CxfProducer-%2B-SSL-tp20339349s22882p20370260.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: CxfProducer + SSL
Posted by Willem Jiang <wi...@gmail.com>.
Hi ,
I don't think you need to add the elements of
<http-conf:authorization/>
<http-conf:proxyAuthorization/>
<http-conf:client/> in your httpconduit configuration.
For the second question, CXF Endpoint's HttpConduit instance will be
configured with the endpoint Qname + "conduit" postfix. You can find
that the HttpConduit implements the Configurable interface.
BTW, I don't see any @Resource annotation in the HttpConduit source code.
Willem
boriss wrote:
> Hi Wiliam,
>
> thanks for your reply. Yes, I did take a look at this example before, but
> still couldn’t figure out how to do it :-(. Finally, yesterday I’ve looked a
> bit through the source code and here is the practical solution for those who
> don’t want to spend the half day trying like I did =^D:
>
> <cxf:cxfEndpoint id="serviceEndpoint"
> address="https://localhost:443/SoapContext/SoapPort"
> serviceClass="org.apache.hello_world_soap_http.Greeter"
> endpointName="s:SoapPort"
> xmlns:s="http://apache.org/hello_world_soap_http" />
>
>
> <http-conf:conduit name="{
> http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
> <http-conf:tlsClientParameters secureSocketProtocol="SSL">
> <sec:keyManagers keyPassword="changeit">
> <sec:keyStore type="JKS" password="changeit"
> resource="conf/cert/keystore.jks"/>
> </sec:keyManagers>
> <sec:trustManagers>
> <sec:keyStore type="JKS" password="changeit"
> resource="conf/cert/truststore.jks"/>
> </sec:trustManagers>
> <sec:cipherSuitesFilter>
> <sec:include>.*.*</sec:include>
> </sec:cipherSuitesFilter>
> </http-conf:tlsClientParameters>
> <http-conf:authorization/>
> <http-conf:proxyAuthorization/>
> <http-conf:trustDecider class="foo.MessageTrustDecider"/>
> <http-conf:client/>
> <http-conf:basicAuthSupplier class="foo.AuthSupplier"/>
> </http-conf:conduit>
>
> So, the solution is ugly because the HTTPConduit (cxf 2.1.1) has the couple
> of @Resource annotations inside which could/should be removed; don’t you
> think?!; which makes the “conduit” element unnecessary large. Actually I
> needed only to define the <keyManagers> element .
>
> Another thing to look for is inside of the <cxfEndpoint> definition, and
> that is the attribute “elementName” -> it has to correlate to the “name”
> attribute of the <conduit> Element.
>
> So, hope that helps… :drunk:
>
> Cheers,
> Boris
>
>
>
> William Tam wrote:
>> You may want to take a look at the https sample in CXF.
>>
>> http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/
>>
>> Then, try to put your cxf endpoint configuration into the camel cxf
>> endpoint. Hope that helps.
>>
>> - William
>>
>> On Wed, Nov 5, 2008 at 5:37 AM, boriss <bs...@eunet.rs> wrote:
>>
>
Re: CxfProducer + SSL
Posted by boriss <bs...@eunet.rs>.
Hi Wiliam,
thanks for your reply. Yes, I did take a look at this example before, but
still couldn’t figure out how to do it :-(. Finally, yesterday I’ve looked a
bit through the source code and here is the practical solution for those who
don’t want to spend the half day trying like I did =^D:
<cxf:cxfEndpoint id="serviceEndpoint"
address="https://localhost:443/SoapContext/SoapPort"
serviceClass="org.apache.hello_world_soap_http.Greeter"
endpointName="s:SoapPort"
xmlns:s="http://apache.org/hello_world_soap_http" />
<http-conf:conduit name="{
http://apache.org/hello_world_soap_http}SoapPort.http-conduit">
<http-conf:tlsClientParameters secureSocketProtocol="SSL">
<sec:keyManagers keyPassword="changeit">
<sec:keyStore type="JKS" password="changeit"
resource="conf/cert/keystore.jks"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="changeit"
resource="conf/cert/truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*.*</sec:include>
</sec:cipherSuitesFilter>
</http-conf:tlsClientParameters>
<http-conf:authorization/>
<http-conf:proxyAuthorization/>
<http-conf:trustDecider class="foo.MessageTrustDecider"/>
<http-conf:client/>
<http-conf:basicAuthSupplier class="foo.AuthSupplier"/>
</http-conf:conduit>
So, the solution is ugly because the HTTPConduit (cxf 2.1.1) has the couple
of @Resource annotations inside which could/should be removed; don’t you
think?!; which makes the “conduit” element unnecessary large. Actually I
needed only to define the <keyManagers> element .
Another thing to look for is inside of the <cxfEndpoint> definition, and
that is the attribute “elementName” -> it has to correlate to the “name”
attribute of the <conduit> Element.
So, hope that helps… :drunk:
Cheers,
Boris
William Tam wrote:
>
> You may want to take a look at the https sample in CXF.
>
> http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/
>
> Then, try to put your cxf endpoint configuration into the camel cxf
> endpoint. Hope that helps.
>
> - William
>
> On Wed, Nov 5, 2008 at 5:37 AM, boriss <bs...@eunet.rs> wrote:
>
--
View this message in context: http://www.nabble.com/CxfProducer-%2B-SSL-tp20339349s22882p20358022.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: CxfProducer + SSL
Posted by William Tam <em...@gmail.com>.
You may want to take a look at the https sample in CXF.
http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/
Then, try to put your cxf endpoint configuration into the camel cxf
endpoint. Hope that helps.
- William
On Wed, Nov 5, 2008 at 5:37 AM, boriss <bs...@eunet.rs> wrote:
>
> Hi,
>
> I'm trying to use a CxfProducer as a Client for the external WS and I had no
> luck finding a documentation about the way of how to configure a cxf-bus on
> a Camel cxf-endpoint with additional SSL properties (http:conduit).
>
> Cheers,
> Boris
> --
> View this message in context: http://www.nabble.com/CxfProducer-%2B-SSL-tp20339349s22882p20339349.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
>