You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ay...@apache.org on 2012/04/04 17:15:25 UTC
svn commit: r1309449 - in /cxf/trunk/rt/transports:
http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/blueprint/
http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/osgi/
http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/...
Author: ay
Date: Wed Apr 4 15:15:25 2012
New Revision: 1309449
URL: http://svn.apache.org/viewvc?rev=1309449&view=rev
Log:
change the package name of jsse.TLS config classes (remove spring)
Added:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
Removed:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/
Modified:
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/blueprint/JettyHTTPServerEngineFactoryHolder.java
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/osgi/HTTPJettyTransportActivator.java
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettySpringTypesFactory.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/blueprint/HttpConduitBPBeanDefinitionParser.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/osgi/HTTPTransportActivator.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
Modified: cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/blueprint/JettyHTTPServerEngineFactoryHolder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/blueprint/JettyHTTPServerEngineFactoryHolder.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/blueprint/JettyHTTPServerEngineFactoryHolder.java (original)
+++ cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/blueprint/JettyHTTPServerEngineFactoryHolder.java Wed Apr 4 15:15:25 2012
@@ -38,7 +38,7 @@ import org.apache.cxf.common.logging.Log
import org.apache.cxf.common.util.PackageUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
-import org.apache.cxf.configuration.jsse.spring.TLSServerParametersConfig;
+import org.apache.cxf.configuration.jsse.TLSServerParametersConfig;
import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine;
import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;
import org.apache.cxf.transport.http_jetty.ThreadingParameters;
Modified: cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/osgi/HTTPJettyTransportActivator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/osgi/HTTPJettyTransportActivator.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/osgi/HTTPJettyTransportActivator.java (original)
+++ cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/osgi/HTTPJettyTransportActivator.java Wed Apr 4 15:15:25 2012
@@ -29,8 +29,8 @@ import java.util.StringTokenizer;
import javax.management.MBeanServer;
+import org.apache.cxf.configuration.jsse.TLSParameterJaxBUtils;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
-import org.apache.cxf.configuration.jsse.spring.TLSParameterJaxBUtils;
import org.apache.cxf.configuration.security.CertStoreType;
import org.apache.cxf.configuration.security.CertificateConstraintsType;
import org.apache.cxf.configuration.security.ClientAuthentication;
Modified: cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java (original)
+++ cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java Wed Apr 4 15:15:25 2012
@@ -32,7 +32,7 @@ import org.w3c.dom.Element;
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProcessor;
import org.apache.cxf.common.injection.NoJSR250Annotations;
-import org.apache.cxf.configuration.jsse.spring.TLSServerParametersConfig;
+import org.apache.cxf.configuration.jsse.TLSServerParametersConfig;
import org.apache.cxf.configuration.security.TLSServerParametersType;
import org.apache.cxf.configuration.spring.AbstractBeanDefinitionParser;
import org.apache.cxf.helpers.DOMUtils;
Modified: cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettySpringTypesFactory.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettySpringTypesFactory.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettySpringTypesFactory.java (original)
+++ cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettySpringTypesFactory.java Wed Apr 4 15:15:25 2012
@@ -36,7 +36,7 @@ import org.w3c.dom.Node;
import org.apache.cxf.common.injection.NoJSR250Annotations;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
-import org.apache.cxf.configuration.jsse.spring.TLSServerParametersConfig;
+import org.apache.cxf.configuration.jsse.TLSServerParametersConfig;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.transport.http_jetty.ThreadingParameters;
import org.apache.cxf.transports.http_jetty.configuration.TLSServerParametersIdentifiedType;
Added: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java?rev=1309449&view=auto
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java (added)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParametersConfig.java Wed Apr 4 15:15:25 2012
@@ -0,0 +1,149 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.configuration.jsse;
+
+import java.io.IOException;
+import java.io.StringReader;
+import java.security.GeneralSecurityException;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.stream.XMLStreamReader;
+
+
+import org.apache.cxf.common.injection.NoJSR250Annotations;
+import org.apache.cxf.common.jaxb.JAXBContextCache;
+import org.apache.cxf.common.jaxb.JAXBContextCache.CachedContextAndSchemas;
+import org.apache.cxf.common.util.PackageUtils;
+import org.apache.cxf.configuration.security.TLSClientParametersType;
+import org.apache.cxf.staxutils.StaxUtils;
+
+/**
+ * This class provides the TLSClientParameters that programmatically
+ * configure a HTTPConduit. It is initialized with the JAXB
+ * type TLSClientParametersType that was used in the Spring configuration
+ * of the http-conduit bean.
+ */
+@NoJSR250Annotations
+public final class TLSClientParametersConfig {
+ private static Set<Class<?>> classes;
+ private static JAXBContext context;
+
+ private TLSClientParametersConfig() {
+ //not constructed
+ }
+
+ private static synchronized JAXBContext getContext() throws JAXBException {
+ if (context == null || classes == null) {
+ Set<Class<?>> c2 = new HashSet<Class<?>>();
+ JAXBContextCache.addPackage(c2,
+ PackageUtils.getPackageName(TLSClientParametersType.class),
+ TLSClientParametersConfig.class.getClassLoader());
+ CachedContextAndSchemas ccs
+ = JAXBContextCache.getCachedContextAndSchemas(c2, null, null, null, false);
+ classes = ccs.getClasses();
+ context = ccs.getContext();
+ }
+ return context;
+ }
+
+ static TLSClientParameters createTLSClientParametersFromType(TLSClientParametersType params)
+ throws GeneralSecurityException,
+ IOException {
+
+ TLSClientParameters ret = new TLSClientParameters();
+ boolean usingDefaults = params.isUseHttpsURLConnectionDefaultSslSocketFactory();
+
+ if (params.isDisableCNCheck()) {
+ ret.setDisableCNCheck(true);
+ }
+ if (params.isUseHttpsURLConnectionDefaultHostnameVerifier()) {
+ ret.setUseHttpsURLConnectionDefaultHostnameVerifier(true);
+ }
+ if (params.isUseHttpsURLConnectionDefaultSslSocketFactory()) {
+ ret.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
+ }
+ if (params.isSetSecureSocketProtocol()) {
+ ret.setSecureSocketProtocol(params.getSecureSocketProtocol());
+ }
+ if (params.isSetCipherSuitesFilter()) {
+ ret.setCipherSuitesFilter(params.getCipherSuitesFilter());
+ }
+ if (params.isSetCipherSuites()) {
+ ret.setCipherSuites(params.getCipherSuites().getCipherSuite());
+ }
+ if (params.isSetJsseProvider()) {
+ ret.setJsseProvider(params.getJsseProvider());
+ }
+ if (params.isSetSecureRandomParameters() && !usingDefaults) {
+ ret.setSecureRandom(
+ TLSParameterJaxBUtils.getSecureRandom(
+ params.getSecureRandomParameters()));
+ }
+ if (params.isSetKeyManagers() && !usingDefaults) {
+ ret.setKeyManagers(
+ TLSParameterJaxBUtils.getKeyManagers(params.getKeyManagers()));
+ }
+ if (params.isSetTrustManagers() && !usingDefaults) {
+ ret.setTrustManagers(
+ TLSParameterJaxBUtils.getTrustManagers(
+ params.getTrustManagers()));
+ }
+ if (params.isSetCertConstraints()) {
+ ret.setCertConstraints(params.getCertConstraints());
+ }
+ if (params.isSetSslCacheTimeout()) {
+ ret.setSslCacheTimeout(params.getSslCacheTimeout());
+ }
+ if (params.isSetCertAlias()) {
+ ret.setCertAlias(params.getCertAlias());
+ }
+ return ret;
+ }
+
+
+
+ public static Object createTLSClientParameters(String s) {
+
+ StringReader reader = new StringReader(s);
+ XMLStreamReader data = StaxUtils.createXMLStreamReader(reader);
+ Unmarshaller u;
+ try {
+ u = getContext().createUnmarshaller();
+ Object obj = u.unmarshal(data, TLSClientParametersType.class);
+ if (obj instanceof JAXBElement<?>) {
+ JAXBElement<?> el = (JAXBElement<?>)obj;
+ obj = el.getValue();
+
+ }
+
+ TLSClientParametersType cpt = (TLSClientParametersType)obj;
+ return createTLSClientParametersFromType(cpt);
+ } catch (RuntimeException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+}
Added: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java?rev=1309449&view=auto
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java (added)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterJaxBUtils.java Wed Apr 4 15:15:25 2012
@@ -0,0 +1,293 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.configuration.jsse;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+import java.util.logging.Logger;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.configuration.security.CertStoreType;
+import org.apache.cxf.configuration.security.KeyManagersType;
+import org.apache.cxf.configuration.security.KeyStoreType;
+import org.apache.cxf.configuration.security.SecureRandomParameters;
+import org.apache.cxf.configuration.security.TrustManagersType;
+import org.apache.cxf.transport.https.SSLUtils;
+
+/**
+ * This class provides some functionality to convert the JAXB
+ * generated types in the security.xsd to the items needed
+ * to programatically configure the HTTPConduit and HTTPDestination
+ * with TLSClientParameters and TLSServerParameters respectively.
+ */
+public final class TLSParameterJaxBUtils {
+
+ private static final Logger LOG =
+ LogUtils.getL7dLogger(TLSParameterJaxBUtils.class);
+
+ private TLSParameterJaxBUtils() {
+ // empty
+ }
+ /**
+ * This method converts the JAXB generated type into a SecureRandom.
+ */
+ public static SecureRandom getSecureRandom(
+ SecureRandomParameters secureRandomParams
+ ) throws GeneralSecurityException {
+
+ SecureRandom secureRandom = null;
+ if (secureRandomParams != null) {
+ String secureRandomAlg =
+ secureRandomParams.getAlgorithm();
+ String randomProvider =
+ secureRandomParams.getProvider();
+ if (randomProvider != null) {
+ secureRandom = secureRandomAlg != null
+ ? SecureRandom.getInstance(
+ secureRandomAlg,
+ randomProvider)
+ : null;
+ } else {
+ secureRandom = secureRandomAlg != null
+ ? SecureRandom.getInstance(
+ secureRandomAlg)
+ : null;
+ }
+ }
+ return secureRandom;
+ }
+ /**
+ * This method converts a JAXB generated KeyStoreType into a KeyStore.
+ */
+ public static KeyStore getKeyStore(KeyStoreType kst)
+ throws GeneralSecurityException,
+ IOException {
+
+ if (kst == null) {
+ return null;
+ }
+ String type = SSLUtils.getKeystoreType(kst.isSetType()
+ ? kst.getType() : null, LOG, KeyStore.getDefaultType());
+
+ char[] password = kst.isSetPassword()
+ ? deobfuscate(kst.getPassword())
+ : null;
+ if (password == null) {
+ String tmp = SSLUtils.getKeystorePassword(null, LOG);
+ if (tmp != null) {
+ password = tmp.toCharArray();
+ }
+ }
+ String provider = SSLUtils.getKeystoreProvider(kst.isSetProvider()
+ ? kst.getProvider() : null,
+ LOG);
+ KeyStore keyStore = provider == null
+ ? KeyStore.getInstance(type)
+ : KeyStore.getInstance(type, provider);
+
+ if (kst.isSetFile()) {
+ keyStore.load(new FileInputStream(kst.getFile()), password);
+ } else if (kst.isSetResource()) {
+ final java.io.InputStream is =
+ ClassLoaderUtils.getResourceAsStream(kst.getResource(), kst.getClass());
+ if (is == null) {
+ final String msg =
+ "Could not load keystore resource " + kst.getResource();
+ LOG.severe(msg);
+ throw new java.io.IOException(msg);
+ }
+ keyStore.load(is, password);
+ } else if (kst.isSetUrl()) {
+ keyStore.load(new URL(kst.getUrl()).openStream(), password);
+ } else {
+ String loc = SSLUtils.getKeystore(null, LOG);
+ InputStream ins = null;
+ if (loc != null) {
+ ins = new FileInputStream(loc);
+ }
+ keyStore.load(ins, password);
+ }
+ return keyStore;
+ }
+
+ /**
+ * This method converts a JAXB generated CertStoreType into a KeyStore.
+ */
+ public static KeyStore getKeyStore(final CertStoreType pst)
+ throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
+
+ if (pst == null) {
+ return null;
+ }
+
+ if (pst.isSetFile()) {
+ return createTrustStore(new FileInputStream(pst.getFile()));
+ }
+ if (pst.isSetResource()) {
+ final java.io.InputStream is =
+ ClassLoaderUtils.getResourceAsStream(pst.getResource(), pst.getClass());
+ if (is == null) {
+ final String msg =
+ "Could not load truststore resource " + pst.getResource();
+ LOG.severe(msg);
+ throw new java.io.IOException(msg);
+ }
+ return createTrustStore(is);
+ }
+ if (pst.isSetUrl()) {
+ return createTrustStore(new URL(pst.getUrl()).openStream());
+ }
+ // TODO error?
+ return null;
+ }
+
+ /**
+ * Create a KeyStore containing the trusted CA certificates contained
+ * in the supplied input stream.
+ */
+ private static KeyStore createTrustStore(final java.io.InputStream is)
+ throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
+
+ final Collection<? extends Certificate> certs = loadCertificates(is);
+ final KeyStore keyStore =
+ KeyStore.getInstance(KeyStore.getDefaultType());
+ keyStore.load(null, null);
+ for (Certificate cert : certs) {
+ final X509Certificate xcert = (X509Certificate) cert;
+ keyStore.setCertificateEntry(
+ xcert.getSubjectX500Principal().getName(),
+ cert
+ );
+ }
+ return keyStore;
+ }
+
+ /**
+ * load the certificates as X.509 certificates
+ */
+ private static Collection<? extends Certificate>
+ loadCertificates(final java.io.InputStream is)
+ throws IOException, CertificateException {
+
+ final CertificateFactory factory = CertificateFactory.getInstance("X.509");
+ return factory.generateCertificates(is);
+ }
+
+ private static char[] deobfuscate(String s) {
+ // From the Jetty org.eclipse.jetty.http.security.Password class
+ if (!s.startsWith("OBF:")) {
+ return s.toCharArray();
+ }
+ s = s.substring(4);
+
+ char[] b = new char[s.length() / 2];
+ int l = 0;
+ for (int i = 0; i < s.length(); i += 4) {
+ String x = s.substring(i, i + 4);
+ int i0 = Integer.parseInt(x, 36);
+ int i1 = i0 / 256;
+ int i2 = i0 % 256;
+ b[l++] = (char) ((i1 + i2 - 254) / 2);
+ }
+
+ return new String(b, 0, l).toCharArray();
+ }
+
+ /**
+ * This method converts the JAXB KeyManagersType into a list of
+ * JSSE KeyManagers.
+ */
+ public static KeyManager[] getKeyManagers(KeyManagersType kmc)
+ throws GeneralSecurityException,
+ IOException {
+
+ KeyStore keyStore = getKeyStore(kmc.getKeyStore());
+
+ if (keyStore == null) {
+ return null;
+ }
+
+ String alg = kmc.isSetFactoryAlgorithm()
+ ? kmc.getFactoryAlgorithm()
+ : KeyManagerFactory.getDefaultAlgorithm();
+
+ char[] keyPass = kmc.isSetKeyPassword()
+ ? deobfuscate(kmc.getKeyPassword())
+ : null;
+
+ KeyManagerFactory fac =
+ kmc.isSetProvider()
+ ? KeyManagerFactory.getInstance(alg, kmc.getProvider())
+ : KeyManagerFactory.getInstance(alg);
+
+ fac.init(keyStore, keyPass);
+
+ return fac.getKeyManagers();
+ }
+
+ /**
+ * This method converts the JAXB KeyManagersType into a list of
+ * JSSE TrustManagers.
+ */
+ public static TrustManager[] getTrustManagers(TrustManagersType tmc)
+ throws GeneralSecurityException,
+ IOException {
+
+ final KeyStore keyStore =
+ tmc.isSetKeyStore()
+ ? getKeyStore(tmc.getKeyStore())
+ : (tmc.isSetCertStore()
+ ? getKeyStore(tmc.getCertStore())
+ : (KeyStore) null);
+ if (keyStore == null) {
+ return null;
+ }
+
+ String alg = tmc.isSetFactoryAlgorithm()
+ ? tmc.getFactoryAlgorithm()
+ : KeyManagerFactory.getDefaultAlgorithm();
+
+ TrustManagerFactory fac =
+ tmc.isSetProvider()
+ ? TrustManagerFactory.getInstance(alg, tmc.getProvider())
+ : TrustManagerFactory.getInstance(alg);
+
+ fac.init(keyStore);
+
+ return fac.getTrustManagers();
+ }
+}
Added: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java?rev=1309449&view=auto
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java (added)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java Wed Apr 4 15:15:25 2012
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.configuration.jsse;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+
+import org.apache.cxf.common.injection.NoJSR250Annotations;
+import org.apache.cxf.configuration.security.TLSServerParametersType;
+
+/**
+ * This class is used by Spring Config to convert the TLSServerParameters
+ * JAXB generated type into programmatic TLS Server Parameters for the
+ * configuration of the http-destination.
+ */
+@NoJSR250Annotations
+public class TLSServerParametersConfig
+ extends TLSServerParameters {
+
+ public TLSServerParametersConfig(TLSServerParametersType params)
+ throws GeneralSecurityException,
+ IOException {
+ if (params.isSetSecureSocketProtocol()) {
+ this.setSecureSocketProtocol(params.getSecureSocketProtocol());
+ }
+ if (params.isSetCipherSuitesFilter()) {
+ this.setCipherSuitesFilter(params.getCipherSuitesFilter());
+ }
+ if (params.isSetCipherSuites()) {
+ this.setCipherSuites(params.getCipherSuites().getCipherSuite());
+ }
+ if (params.isSetJsseProvider()) {
+ this.setJsseProvider(params.getJsseProvider());
+ }
+ if (params.isSetSecureRandomParameters()) {
+ this.setSecureRandom(
+ TLSParameterJaxBUtils.getSecureRandom(
+ params.getSecureRandomParameters()));
+ }
+ if (params.isSetClientAuthentication()) {
+ this.setClientAuthentication(params.getClientAuthentication());
+ }
+ if (params.isSetKeyManagers()) {
+ this.setKeyManagers(
+ TLSParameterJaxBUtils.getKeyManagers(params.getKeyManagers()));
+ }
+ if (params.isSetTrustManagers()) {
+ this.setTrustManagers(
+ TLSParameterJaxBUtils.getTrustManagers(
+ params.getTrustManagers()));
+ }
+ if (params.isSetCertConstraints()) {
+ this.setCertConstraints(params.getCertConstraints());
+ }
+ if (params.isSetCertAlias()) {
+ this.setCertAlias(params.getCertAlias());
+ }
+ }
+}
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/blueprint/HttpConduitBPBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/blueprint/HttpConduitBPBeanDefinitionParser.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/blueprint/HttpConduitBPBeanDefinitionParser.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/blueprint/HttpConduitBPBeanDefinitionParser.java Wed Apr 4 15:15:25 2012
@@ -31,7 +31,7 @@ import org.apache.aries.blueprint.Parser
import org.apache.aries.blueprint.mutable.MutableBeanMetadata;
import org.apache.aries.blueprint.mutable.MutablePassThroughMetadata;
import org.apache.cxf.configuration.blueprint.AbstractBPBeanDefinitionParser;
-import org.apache.cxf.configuration.jsse.spring.TLSClientParametersConfig;
+import org.apache.cxf.configuration.jsse.TLSClientParametersConfig;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.configuration.security.ProxyAuthorizationPolicy;
import org.apache.cxf.staxutils.StaxUtils;
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/osgi/HTTPTransportActivator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/osgi/HTTPTransportActivator.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/osgi/HTTPTransportActivator.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/osgi/HTTPTransportActivator.java Wed Apr 4 15:15:25 2012
@@ -31,7 +31,7 @@ import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.configuration.jsse.spring.TLSParameterJaxBUtils;
+import org.apache.cxf.configuration.jsse.TLSParameterJaxBUtils;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.configuration.security.CertStoreType;
import org.apache.cxf.configuration.security.CertificateConstraintsType;
Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java?rev=1309449&r1=1309448&r2=1309449&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java (original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/spring/HttpConduitBeanDefinitionParser.java Wed Apr 4 15:15:25 2012
@@ -28,7 +28,7 @@ import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
-import org.apache.cxf.configuration.jsse.spring.TLSClientParametersConfig;
+import org.apache.cxf.configuration.jsse.TLSClientParametersConfig;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.configuration.security.ProxyAuthorizationPolicy;
import org.apache.cxf.configuration.spring.AbstractBeanDefinitionParser;