You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@servicemix.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2008/10/07 09:30:53 UTC

[jira] Updated: (SM-1308) CxfBcProviderSecurityTest test failed

     [ https://issues.apache.org/activemq/browse/SM-1308?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Guillaume Nodet updated SM-1308:
--------------------------------

    Fix Version/s: servicemix-cxf-bc-2008.01

> CxfBcProviderSecurityTest test failed
> -------------------------------------
>
>                 Key: SM-1308
>                 URL: https://issues.apache.org/activemq/browse/SM-1308
>             Project: ServiceMix
>          Issue Type: Test
>          Components: servicemix-cxf-bc
>            Reporter: Freeman Fang
>            Assignee: Freeman Fang
>             Fix For: 3.2.2, 3.3, servicemix-cxf-bc-2008.01
>
>
> this test failed caused by recent change in cxf
> we need add disableCNCheck="true" to tlsClientParameters to allow to use localhost during test
> paste the related comment from cxf wiki
> "The TLSClientParameters are listed here and here. A new feature starting in CXF 2.0.5 is the disableCNcheck attribute for this element. It defaults to false, indicating that the hostname given in the HTTPS URL will be checked against the service's Common Name (CN) given in its certificate during SOAP client requests, and failing if there is a mismatch. If set to true (not recommended for production use), such checks will be bypassed. That will allow you, for example, to use a URL such as localhost during development."

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Re: [jira] Updated: (SM-1308) CxfBcProviderSecurityTest test failed

Posted by Naresh <it...@gmail.com>.

Guillaume Nodet (JIRA <ji...@...> writes:

> 
> 
>      [
> https://issues.apache.org/activemq/browse/SM-1308?
page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
> 
> Guillaume Nodet updated SM-1308:
> --------------------------------
> 
>     Fix Version/s: servicemix-cxf-bc-2008.01
> 
> > CxfBcProviderSecurityTest test failed
> > -------------------------------------
> >
> >                 Key: SM-1308
> >                 URL: https://issues.apache.org/activemq/browse/SM-1308
> >             Project: ServiceMix
> >          Issue Type: Test
> >          Components: servicemix-cxf-bc
> >            Reporter: Freeman Fang
> >            Assignee: Freeman Fang
> >             Fix For: 3.2.2, 3.3, servicemix-cxf-bc-2008.01
> >
> >
> > this test failed caused by recent change in cxf
> > we need add disableCNCheck="true" to tlsClientParameters to allow to use 
localhost during test
> > paste the related comment from cxf wiki
> > "The TLSClientParameters are listed here and here. A new feature starting 
in CXF 2.0.5 is the
> disableCNcheck attribute for this element. It defaults to false, indicating 
that the hostname given in
> the HTTPS URL will be checked against the service's Common Name (CN) given in 
its certificate during SOAP
> client requests, and failing if there is a mismatch. If set to true (not 
recommended for production use),
> such checks will be bypassed. That will allow you, for example, to use a URL 
such as localhost during development."
> 




Hi ,

It is said that adding disableCNCheck="true" to tlsClientParameters is not 
recommended in production use .... if that is the case how do we proceed furthr 
in bypassing the common name check in production........

what would be the possible options ...