Author: ffang
Date: Thu Sep 9 05:29:44 2010
New Revision: 995314
URL: http://svn.apache.org/viewvc?rev=995314&view=rev
Log:
[CXF-2976] Allow to configure SSL session cache size and TTL on the client
Modified:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java
cxf/trunk/common/schemas/src/main/resources/schemas/configuration/security.xsd
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSClientParametersConfig.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
Modified:
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java?rev=995314&r1=995313&r2=995314&view=diff
==============================================================================
---
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java
(original)
+++
cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java
Thu Sep 9 05:29:44 2010
@@ -28,6 +28,7 @@ import javax.net.ssl.SSLSocketFactory;
public class TLSClientParameters extends TLSParameterBase {
private boolean disableCNCheck;
private SSLSocketFactory sslSocketFactory;
+ private int sslCacheTimeout = 86400000;
private boolean useHttpsURLConnectionDefaultSslSocketFactory;
private boolean useHttpsURLConnectionDefaultHostnameVerifier;
@@ -67,6 +68,21 @@ public class TLSClientParameters extends
}
/**
+ * Returns the SSL cache timeout if it has been configured or the JDK
default value
+ */
+ public int getSslCacheTimeout() {
+ return sslCacheTimeout;
+ }
+
+ /**
+ * This sets the SSL Session Cache timeout value for client sessions
handled by CXF
+ */
+ public void setSslCacheTimeout(int sslCacheTimeout) {
+ this.sslCacheTimeout = sslCacheTimeout;
+ }
+
+
+ /**
* Returns whether or not {...@link
javax.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory()} should be
* used to create https connections. If <code>true</code> , {...@link
#getJsseProvider()} ,
* {...@link #getSecureSocketProtocol()}, {...@link #getTrustManagers()},
{...@link #getKeyManagers()},
Modified:
cxf/trunk/common/schemas/src/main/resources/schemas/configuration/security.xsd
URL:
http://svn.apache.org/viewvc/cxf/trunk/common/schemas/src/main/resources/schemas/configuration/security.xsd?rev=995314&r1=995313&r2=995314&view=diff
==============================================================================
---
cxf/trunk/common/schemas/src/main/resources/schemas/configuration/security.xsd
(original)
+++
cxf/trunk/common/schemas/src/main/resources/schemas/configuration/security.xsd
Thu Sep 9 05:29:44 2010
@@ -479,6 +479,13 @@
</xs:documentation>
</xs:annotation>
</xs:attribute>
+ <xs:attribute name="sslCacheTimeout" type="xs:int">
+ <xs:annotation>
+ <xs:documentation>
+ This attribute contains the JDK SSL session cache timeout
+ </xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
</xs:complexType>
<xs:complexType name="TLSServerParametersType">
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSClientParametersConfig.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSClientParametersConfig.java?rev=995314&r1=995313&r2=995314&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSClientParametersConfig.java
(original)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSClientParametersConfig.java
Thu Sep 9 05:29:44 2010
@@ -102,6 +102,9 @@ public final class TLSClientParametersCo
if (params.isSetCertConstraints()) {
ret.setCertConstraints(params.getCertConstraints());
}
+ if (params.isSetSslCacheTimeout()) {
+ ret.setSslCacheTimeout(params.getSslCacheTimeout());
+ }
return ret;
}
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java?rev=995314&r1=995313&r2=995314&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
(original)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
Thu Sep 9 05:29:44 2010
@@ -171,7 +171,7 @@ public final class HttpsURLConnectionFac
SSLContext ctx = provider == null ?
SSLContext.getInstance(protocol) : SSLContext
.getInstance(protocol, provider);
-
+
ctx.getClientSessionContext().setSessionTimeout(tlsClientParameters.getSslCacheTimeout());
ctx.init(tlsClientParameters.getKeyManagers(),
tlsClientParameters.getTrustManagers(),
tlsClientParameters.getSecureRandom());
