You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Oliver Knerr (JIRA)" <ji...@apache.org> on 2018/07/05 09:32:00 UTC

[jira] [Created] (CXF-7782) Client session context is null before SSL context initialization

Oliver Knerr created CXF-7782:
---------------------------------

             Summary: Client session context is null before SSL context initialization
                 Key: CXF-7782
                 URL: https://issues.apache.org/jira/browse/CXF-7782
             Project: CXF
          Issue Type: Bug
          Components: Transports
    Affects Versions: 3.2.5
         Environment: bctls-jdk15on-1.59
            Reporter: Oliver Knerr


We are going to replace the default (Sun) JSSE provider with the one from BouncyCastle and are running into a {{NullPointerException}} when getting the {{SSLSessionContext}} from the {{SSLContext}}.

The problem occurs in

{{org.apache.cxf.transport.https.SSLUtils.getSSLContext(TLSParameterBase):73}}

when trying to set the timeout for the SSL session.

The javadoc of

{{javax.net.ssl.SSLContext.getClientSessionContext()}}

states that "[the client session context] may be unavailable in some environments, in which case this method returns null. [...]"

Apparently, this is (in general) not the case for the SunJSSE provider, but the BCJSSE provider needs the {{SSLContext}} to be initialized before the client session context is available. So after the call of

{{javax.net.ssl.SSLContext.init(KeyManager[], TrustManager[], SecureRandom)}}

which happens further below (line 87), the client session context is not null any more, but it's too late, obviously.

For the BCJSSE provider, setting the session timeout musst happen after the {{init()}} of the {{SSLContext}}. But a general handling in case of {{getClientSessionContext()}}returning null wouldn't hurt either.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)