On Wed, Jul 3, 2013 at 6:46 PM, Supun Malinga <[email protected]> wrote:
> Hi Amila, > > On Tue, Jun 25, 2013 at 3:18 PM, Amila Suriarachchi <[email protected]>wrote: > >> >> >> >> On Tue, Jun 25, 2013 at 3:03 PM, Prabath Siriwardena <[email protected]>wrote: >> >>> Currently key stores are configured in following files.. >> >> >> +1. we need to configure that only at the carbon.xml file. >> >> >>> >>> 1. carbon.xml >>> 2. axis2.xml >>> >> >> Should be able to do by extending the transports and setting the keystore >> values from there. >> > > This means we have to extent all the transports in synapse/axis2... ? > Not all transports uses key stores. > Or is there a generic way to extend?. Please enlighten.. > What you mean by a generic way? thanks, Amila. > > thanks, > > >> >>> 3. catalina-server.xml >>> >> >> This is already fixed. >> >> >>> 4. identity.xml >>> >> >> thanks, >> Amila. >> >>> >>> Key store configurations are duplicated across all these files.. so we >>> need to bring all to a single file and refer that from different places... >>> >>> Thanks & regards, >>> -Prabath >>> >>> On Mon, Jun 24, 2013 at 1:31 PM, Prabath Siriwardena >>> <[email protected]>wrote: >>> >>>> +1 >>>> >>>> Also we need to avoid keystores been configured in different places. >>>> Like datasources - we need to have key stores configured in a single place >>>> and reference those from other places.. >>>> >>>> Thanks & regards, >>>> -Prabath >>>> >>>> On Sat, Jun 22, 2013 at 3:05 PM, Amila Suriarachchi <[email protected]>wrote: >>>> >>>>> hi, >>>>> >>>>> After reading some tomcat codes I found we can set the keystore >>>>> password by overriding the setkeystorepass method in Http1NioProtocol >>>>> class. >>>>> >>>>> package org.wso2.carbon.tomcat.ext.transport; >>>>> >>>>> import org.apache.coyote.http11.Http11NioProtocol; >>>>> >>>>> public class CarbonHttp1NioProtocol extends Http11NioProtocol { >>>>> >>>>> @Override >>>>> public void setKeystorePass(String s) { >>>>> System.out.println("setting the key store pass "); >>>>> super.setKeystorePass("wso2carbon"); >>>>> } >>>>> } >>>>> >>>>> Now we can set our class at the tomcat connector level. >>>>> >>>>> <Connector >>>>> protocol="org.wso2.carbon.tomcat.ext.transport.CarbonHttp1NioProtocol" >>>>> port="9443" >>>>> bindOnInit="false" >>>>> sslProtocol="TLS" >>>>> maxHttpHeaderSize="8192" >>>>> acceptorThreadCount="2" >>>>> maxThreads="250" >>>>> minSpareThreads="50" >>>>> disableUploadTimeout="false" >>>>> enableLookups="false" >>>>> connectionUploadTimeout="120000" >>>>> maxKeepAliveRequests="200" >>>>> acceptCount="200" >>>>> server="WSO2 Carbon Server" >>>>> clientAuth="false" >>>>> compression="on" >>>>> scheme="https" >>>>> secure="true" >>>>> SSLEnabled="true" >>>>> compressionMinSize="2048" >>>>> noCompressionUserAgents="gozilla, traviata" >>>>> >>>>> compressableMimeType="text/html,text/javascript,application/x-javascript,application/javascript,application/xml,text/css,application/xslt+xml,text/xsl,image/gif,image/jpg,image/jpeg" >>>>> >>>>> keystoreFile="${carbon.home}/repository/resources/security/wso2carbon.jks" >>>>> keystorePass="carbon1" >>>>> URIEncoding="UTF-8"/> >>>>> >>>>> so what we can do is to read the pass word from the carbon.xml key >>>>> stores which is secured at that method and set the correct password >>>>> instead >>>>> of letting users to declare it. Even we can override the keystore >>>>> location. >>>>> so we can remove both those parameters from there and read only from >>>>> carbon.xml file. >>>>> >>>>> WDYT? >>>>> >>>>> thanks, >>>>> Amila. >>>>> >>>>> >>>>> -- >>>>> *Amila Suriarachchi* >>>>> >>>>> Software Architect >>>>> WSO2 Inc. ; http://wso2.com >>>>> lean . enterprise . middleware >>>>> >>>>> phone : +94 71 3082805 >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> Thanks & Regards, >>>> Prabath >>>> >>>> Mobile : +94 71 809 6732 >>>> >>>> http://blog.facilelogin.com >>>> http://RampartFAQ.com >>>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> Prabath >>> >>> Mobile : +94 71 809 6732 >>> >>> http://blog.facilelogin.com >>> http://RampartFAQ.com >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> *Amila Suriarachchi* >> >> Software Architect >> WSO2 Inc. ; http://wso2.com >> lean . enterprise . middleware >> >> phone : +94 71 3082805 >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Supun Malinga, > > Senior Software Engineer, > > WSO2 Inc. > http://wso2.com > http://wso2.org > email - [email protected] <[email protected]> > mobile - 071 56 91 321 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Amila Suriarachchi* Software Architect WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 71 3082805
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
