RE: Using custom TrustManager in Apache Axis for Java

[John Maynard]

Oh no! This is most unfortunate. Has anyone here tried using Java’s JAX-RPC? I would assume they use their own SSL contexts. Then I could use this:   protected void initFactory() throws IOException {         // Create a trust manager that does not validate certificate chains         TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {                 public java.security.cert.X509Certificate[] getAcceptedIssuers() {                         return null;                 }                 public void checkClientTrusted(                                 java.security.cert.X509Certificate[] certs, String authType) {                 }                 public void checkServerTrusted(                                 java.security.cert.X509Certificate[] certs, String authType) {                 }          }};           // Install the all-trusting trust manager         try {                 SSLContext sc = SSLContext.getInstance("SSL");                 sc.init(null, trustAllCerts, new java.security.SecureRandom());                 HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());         } catch (Exception e) {                 e.printStackTrace();         }   I’ve successfully confused myself on all fronts –spending an entire day swimming in the Axis source code. Ideas are welcome.   Thanks again, -John     -----Original Message----- From: Rajal Shah [mailto:[EMAIL PROTECTED]] Sent: Friday, December 03, 2004 5:14 PM To: [EMAIL PROTECTED] Subject: RE: Using custom TrustManager in Apache Axis for Java   Unfortuntely, I have don’t have an answer to your question.. But just wanted to let you know that I hear you.. and we’re all struggling to get this thingy working without any proper documentation or understanding.. I wish, some of the authors of the Axis modules would respond to basic questions.. It will spur adoption of the Axis engine immensely.   -- Rajal     From: John Maynard [mailto:[EMAIL PROTECTED] Sent: Friday, December 03, 2004 2:07 PM To: [EMAIL PROTECTED] Subject: Using custom TrustManager in Apache Axis for Java   Greetings all,   I’ve been smashing my head against a wall for the better part of 3 days now trying to get Axis to use a custom TrustManager. I initialize the SSL context (in java’s JSSE) with my own list of trusted certs, with no luck.   I’ve also attempted to implement my own SecureSocketFactory with the call to “AxisProperties.setClassDefault(SecureSocketFactory.class, "MySocketFactory");” , but my class is never picked up and always defaults to JSSESocketFactory.   I’m running out of ideas, if anyone has any insight I’d be forever grateful. Thanks in advance for your response.   Regards, -John