You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Timothy Waxland <ti...@gmail.com> on 2010/06/15 15:58:11 UTC
use of disableCNCheck
hi
i'm trying to use the disableCNCheck flag and i'm not convinced its
being applied correctly or perhaps at all. when using a self-signed
cert the request fails to hit the web service host and returns no
fault code or similar - it actually throws a null pointer exception
when generating the soap fault as qname for the fault is null.
i'm wiring cxf with spring. i have cxf.xml in the WEB-INF/classes dir
with the following:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml"/>
<import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
<http:conduit name="*.http-conduit">
<http:tlsClientParameters disableCNCheck="true"
secureSocketProtocol="SSL">
</http:tlsClientParameters>
</http:conduit>
</beans>
can anyone shed some light on the above? is the above correct to
enforce the disableCNCheck flag? is the locaiton of cxf.xml correct?
suggestions appreciated.
thanks
Tim
Re: use of disableCNCheck
Posted by Daniel Kulp <dk...@apache.org>.
On Tuesday 15 June 2010 10:38:13 am Timothy Waxland wrote:
> hi
>
> sorry - i should have included this - i'm using 2.1.6.
Any chance you could at least try with a more recent version?
> the cn check is a hunch since it is unsigned (production system with
> service calls withina 'trusted' network). the service is never hit the
> dump occurs here:
>
> java.lang.NullPointerException at
> com.sun.xml.messaging.saaj.soap.impl.FaultImpl.setFaultCode(FaultImpl.java:
> 171)
Would probably need the full stack trace, at least the lines in the
org.apache.cxf packages. That said, if it could be duplicated with 2.2.9,
that would be preferred.
> i'm trying to rule out numerous things - its been rather tough to
> debug this one. i had a look at the docs here:
> http://www.opendocs.net/apache/cxf/2.2.4/client-http-transport-including-ss
> l-support.html - a very good reference and suggests WEB-INF/classes should
> be fine.
That should be fine. However, the setFaultCode NPE might be hiding the
"real" error. I'm hoping a new version of CXF may allow the real exception
to propagate up through better.
Dan
>
> thanks
> Tim
>
> On Wed, Jun 16, 2010 at 12:34 AM, Glen Mazza <gl...@gmail.com> wrote:
> > What version of CXF are you using?
> >
> > Timothy Waxland wrote:
> >> hi
> >>
> >> i'm trying to use the disableCNCheck flag and i'm not convinced its
> >> being applied correctly or perhaps at all. when using a self-signed
> >> cert the request fails to hit the web service host and returns no
> >> fault code or similar - it actually throws a null pointer exception
> >> when generating the soap fault as qname for the fault is null.
> >>
> >> i'm wiring cxf with spring. i have cxf.xml in the WEB-INF/classes dir
> >> with the following:
> >>
> >> <beans xmlns="http://www.springframework.org/schema/beans"
> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> >> xmlns:http="http://cxf.apache.org/transports/http/configuration"
> >> xmlns:jaxws="http://cxf.apache.org/jaxws"
> >> xsi:schemaLocation="http://www.springframework.org/schema/beans
> >> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
> >>
> >> http://cxf.apache.org/transports/http/configuration
> >> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> >> http://cxf.apache.org/jaxws
> >> http://cxf.apache.org/schemas/jaxws.xsd">
> >>
> >> <import resource="classpath:META-INF/cxf/cxf.xml"/>
> >> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml"/>
> >> <import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
> >>
> >> <http:conduit name="*.http-conduit">
> >> <http:tlsClientParameters disableCNCheck="true"
> >> secureSocketProtocol="SSL">
> >> </http:tlsClientParameters>
> >> </http:conduit>
> >>
> >> </beans>
> >>
> >> can anyone shed some light on the above? is the above correct to
> >> enforce the disableCNCheck flag? is the locaiton of cxf.xml correct?
> >>
> >> suggestions appreciated.
> >>
> >> thanks
> >> Tim
> >
> > --
> > View this message in context:
> > http://old.nabble.com/use-of-disableCNCheck-tp28891682p28892130.html
> > Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Re: use of disableCNCheck
Posted by Timothy Waxland <ti...@gmail.com>.
hi
sorry - i should have included this - i'm using 2.1.6.
the cn check is a hunch since it is unsigned (production system with
service calls withina 'trusted' network). the service is never hit the
dump occurs here:
java.lang.NullPointerException at
com.sun.xml.messaging.saaj.soap.impl.FaultImpl.setFaultCode(FaultImpl.java:171)
i'm trying to rule out numerous things - its been rather tough to
debug this one. i had a look at the docs here:
http://www.opendocs.net/apache/cxf/2.2.4/client-http-transport-including-ssl-support.html
- a very good reference and suggests WEB-INF/classes should be fine.
thanks
Tim
On Wed, Jun 16, 2010 at 12:34 AM, Glen Mazza <gl...@gmail.com> wrote:
>
> What version of CXF are you using?
>
>
> Timothy Waxland wrote:
>>
>> hi
>>
>> i'm trying to use the disableCNCheck flag and i'm not convinced its
>> being applied correctly or perhaps at all. when using a self-signed
>> cert the request fails to hit the web service host and returns no
>> fault code or similar - it actually throws a null pointer exception
>> when generating the soap fault as qname for the fault is null.
>>
>> i'm wiring cxf with spring. i have cxf.xml in the WEB-INF/classes dir
>> with the following:
>>
>> <beans xmlns="http://www.springframework.org/schema/beans"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns:http="http://cxf.apache.org/transports/http/configuration"
>> xmlns:jaxws="http://cxf.apache.org/jaxws"
>> xsi:schemaLocation="http://www.springframework.org/schema/beans
>> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>>
>> http://cxf.apache.org/transports/http/configuration
>> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>> http://cxf.apache.org/jaxws
>> http://cxf.apache.org/schemas/jaxws.xsd">
>>
>> <import resource="classpath:META-INF/cxf/cxf.xml"/>
>> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml"/>
>> <import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
>>
>> <http:conduit name="*.http-conduit">
>> <http:tlsClientParameters disableCNCheck="true"
>> secureSocketProtocol="SSL">
>> </http:tlsClientParameters>
>> </http:conduit>
>>
>> </beans>
>>
>> can anyone shed some light on the above? is the above correct to
>> enforce the disableCNCheck flag? is the locaiton of cxf.xml correct?
>>
>> suggestions appreciated.
>>
>> thanks
>> Tim
>>
>>
>
> --
> View this message in context: http://old.nabble.com/use-of-disableCNCheck-tp28891682p28892130.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>
Re: use of disableCNCheck
Posted by Glen Mazza <gl...@gmail.com>.
What version of CXF are you using?
Timothy Waxland wrote:
>
> hi
>
> i'm trying to use the disableCNCheck flag and i'm not convinced its
> being applied correctly or perhaps at all. when using a self-signed
> cert the request fails to hit the web service host and returns no
> fault code or similar - it actually throws a null pointer exception
> when generating the soap fault as qname for the fault is null.
>
> i'm wiring cxf with spring. i have cxf.xml in the WEB-INF/classes dir
> with the following:
>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:http="http://cxf.apache.org/transports/http/configuration"
> xmlns:jaxws="http://cxf.apache.org/jaxws"
> xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://cxf.apache.org/jaxws
> http://cxf.apache.org/schemas/jaxws.xsd">
>
> <import resource="classpath:META-INF/cxf/cxf.xml"/>
> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml"/>
> <import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
>
> <http:conduit name="*.http-conduit">
> <http:tlsClientParameters disableCNCheck="true"
> secureSocketProtocol="SSL">
> </http:tlsClientParameters>
> </http:conduit>
>
> </beans>
>
> can anyone shed some light on the above? is the above correct to
> enforce the disableCNCheck flag? is the locaiton of cxf.xml correct?
>
> suggestions appreciated.
>
> thanks
> Tim
>
>
--
View this message in context: http://old.nabble.com/use-of-disableCNCheck-tp28891682p28892130.html
Sent from the cxf-user mailing list archive at Nabble.com.