You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cxf.apache.org by Polar Humenn <ph...@iona.com> on 2007/06/07 05:48:45 UTC

CXF-706 Patch

Greetings,

I have a patch that I attached to JIRA CXF-706.
I'd appreciate if somebody could apply it.
It doesn't have any binary files so, its application should be okay.

This patch gets rid of the Deprecated SSL stuff, allows to
you to use multiple Http Destinations on the same HTTPS port.

This required some refactoring of the Spring configuration, so if you were
using
   <http:destination name"...">
         <http:sslServer>
          ....
        </http:sslServer>
   </http:destination>
before you need to revamp.

You now configure the "port" for SSL/TLS, no longer the destination. 
This is done by
configuring arguments to the Jetty Http Server Engine Factory for a 
particular bus, like
so;
<beans
  xmlns:sec="http://cxf.apache.org/configuration/security"
  xmlns:http="http://cxf.apache.org/transports/http/configuration"
  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
 >
  <httpj:engine-factory bus="cxf">
        <httpj:engine port="2999">
            <httpj:tlsServerParameters>
                <sec:keyManagers keyPassword="pass">
                    <sec:keyStore type="jks" password="pass" 
file="path/to/keystore.jks"/>
                </sec:keyManagers>
                <sec:trustManagers>
                    <sec:keyStore type="jks" password="pass" 
file="path/to/truststore.jks"/>
                </sec:trustManagers>
                <sec:clientAuthentication want="true" required="true"/>
            </httpj:tlsServerParameters>
            <httpj:threadingParameters minThreads="10" maxThreads="20"/>
       </httpj:engine>
  <httpj:engine-factory>

  <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl"/>

</beans>

For programmatic configuration you pull the JettyHTTPServerEngineFactory 
off of the bus
as an extension, and

         factory.setTLSServerParametersForPort(port, tlsServerParameters);

before the Server Engine is created. Setting this after the engine is 
created for that
port will have no effect.

If you were using a "special" configurer that looked for the 
implemenation name
of a JettyHTTPServerEngine.port#, and tried to configurer it 
programatically, that no longer
works as the JettyHTTPServerEngine is not longer "configurable" by 
anything but its factory.
You must configure the factory.

Cheers,
-Polar

Re: CXF-706 Patch

Posted by Willem Jiang <ni...@iona.com>.

Hi Polar ,

I will take care of it  :)

Cheers,

Willem.

Polar Humenn wrote:
>
> Greetings,
>
> I have a patch that I attached to JIRA CXF-706.
> I'd appreciate if somebody could apply it.
> It doesn't have any binary files so, its application should be okay.
>
> This patch gets rid of the Deprecated SSL stuff, allows to
> you to use multiple Http Destinations on the same HTTPS port.
>
> This required some refactoring of the Spring configuration, so if you 
> were
> using
>   <http:destination name"...">
>         <http:sslServer>
>          ....
>        </http:sslServer>
>   </http:destination>
> before you need to revamp.
>
> You now configure the "port" for SSL/TLS, no longer the destination. 
> This is done by
> configuring arguments to the Jetty Http Server Engine Factory for a 
> particular bus, like
> so;
> <beans
>  xmlns:sec="http://cxf.apache.org/configuration/security"
>  xmlns:http="http://cxf.apache.org/transports/http/configuration"
>  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
> >
>  <httpj:engine-factory bus="cxf">
>        <httpj:engine port="2999">
>            <httpj:tlsServerParameters>
>                <sec:keyManagers keyPassword="pass">
>                    <sec:keyStore type="jks" password="pass" 
> file="path/to/keystore.jks"/>
>                </sec:keyManagers>
>                <sec:trustManagers>
>                    <sec:keyStore type="jks" password="pass" 
> file="path/to/truststore.jks"/>
>                </sec:trustManagers>
>                <sec:clientAuthentication want="true" required="true"/>
>            </httpj:tlsServerParameters>
>            <httpj:threadingParameters minThreads="10" maxThreads="20"/>
>       </httpj:engine>
>  <httpj:engine-factory>
>
>  <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl"/>
>
> </beans>
>
> For programmatic configuration you pull the 
> JettyHTTPServerEngineFactory off of the bus
> as an extension, and
>
>         factory.setTLSServerParametersForPort(port, tlsServerParameters);
>
> before the Server Engine is created. Setting this after the engine is 
> created for that
> port will have no effect.
>
> If you were using a "special" configurer that looked for the 
> implemenation name
> of a JettyHTTPServerEngine.port#, and tried to configurer it 
> programatically, that no longer
> works as the JettyHTTPServerEngine is not longer "configurable" by 
> anything but its factory.
> You must configure the factory.
>
> Cheers,
> -Polar
>
>