Author: buildbot
Date: Mon Aug 12 15:48:16 2013
New Revision: 874344
Log:
Production update by buildbot for cxf
Added:
websites/production/cxf/content/docs/tls-configuration.html
Modified:
websites/production/cxf/content/cache/docs.pageCache
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
websites/production/cxf/content/docs/jetty-configuration.html
websites/production/cxf/content/docs/standalone-http-transport.html
Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.
Modified:
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
==============================================================================
---
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
(original)
+++
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
Mon Aug 12 15:48:16 2013
@@ -473,32 +473,7 @@ Language tags are regulated by the Inter
<h3><a shape="rect"
name="ClientHTTPTransport%28includingSSLsupport%29-The%7B%7BtlsClientParameters%7D%7Delement"></a>The
<tt>tlsClientParameters</tt> element</h3>
-<p>The TLSClientParameters are listed <a shape="rect" class="external-link"
href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterBase.java";>here</a>
and <a shape="rect" class="external-link"
href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java";>here</a>.
</p>
-
-<div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Attribute </th><th colspan="1" rowspan="1"
class="confluenceTh"> Default </th><th colspan="1" rowspan="1"
class="confluenceTh"> Since </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>certConstraints</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Certificate Constraints specification. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>cipherSuites</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> default sslContext cipher suites
</td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td
colspan="1" rowspan="1" class="confluenceTd"> CipherSuites that will be
supported. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>cipherS
uitesFilter</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> filters of the supported CipherSuites that will be
supported and used if available. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>disableCNcheck</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> 2.0.5 </td><td colspan="1" rowspan="1"
class="confluenceTd"> Indicates whether that the hostname given in the HTTPS
URL will be checked against the service's Common Name (CN) given in its
certificate during SOAP client requests, and failing if there is a mismatch.
If set to <tt>true</tt> (<b>not recommended for production use</b>), such
checks will be bypassed. That will allow you, for example, to use a URL such
as <tt>localhost</tt> during development. </td></tr><tr><td colspan="1"
rowspan="1" class=
"confluenceTd"> <tt>jsseProvider</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> default JVM provider associated with protocol
</td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td
colspan="1" rowspan="1" class="confluenceTd"> JSSE provider name.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>keyManagers</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> JVM
default Key Managers </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Key Managers to hold X509 certificates. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>secureRandomParameters</tt>
</td><td colspan="1" rowspan="1" class="confluenceTd"> JVM default Secure
Random </td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td
colspan="1" rowspan="1" class="confluenceTd"> SecureRandom specification.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd"> <tt>secureSock
etProtocol</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> "TLS"
</td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td
colspan="1" rowspan="1" class="confluenceTd"> Protocol Name. Most common
example are "SSL", "TLS" or "TLSv1". </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>trustManagers</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> JVM default Trust Managers </td><td colspan="1"
rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> TrustManagers to validate peer X509 certificates.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>useHttpsURLConnectionDefaultSslSocketFactory</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> 2.2.7 </td><td colspan="1" rowspan="1"
class="confluenceTd"> specifies if <a shape="rect" class="external-link"
href="http://java.sun.com/javase/6/docs/api/javax/ne
t/ssl/HttpsURLConnection.html#getDefaultSSLSocketFactory()"
rel="nofollow">HttpsURLConnection.getDefaultSSLSocketFactory()</a> should be
used to create https connections. If '<tt>true</tt>', '<tt>jsseProvider</tt>',
'<tt>secureSocketProtocol</tt>', '<tt>trustManagers</tt>',
'<tt>keyManagers</tt>', '<tt>secureRandom</tt>', '<tt>cipherSuites</tt>' and
'<tt>cipherSuitesFilter</tt>' configuration parameters are ignored.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>useHttpsURLConnectionDefaultHostnameVerifier</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> 2.2.7 </td><td colspan="1" rowspan="1"
class="confluenceTd"> This attribute specifies if <a shape="rect"
class="external-link"
href="http://java.sun.com/javase/6/docs/api/javax/net/ssl/HttpsURLConnection.html#getDefaultHostnameVerifier()"
rel="nofollow">HttpsURLConnection.getDefaultHostnameVerifier()</a> should be
used to create htt
ps connections. If '<tt>true</tt>', '<tt>disableCNCheck</tt>' configuration
parameter is ignored. </td></tr></tbody></table>
-</div>
-
-
-
-<p>Note : <tt>disableCNcheck</tt> is a parameterized boolean, you can use a
fixed variable <tt>true</tt>|<tt>false</tt> as well as a <a shape="rect"
class="external-link"
href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer";
rel="nofollow">Spring externalized property</a> variable (e.g.
<tt>${disable-https-hostname-verification</tt>}) or a <a shape="rect"
class="external-link"
href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef";
rel="nofollow">Spring expression</a> (e.g.
<tt>#{systemProperties['dev-mode']</tt>}).</p>
-
-<p>Sample : </p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;"><b>HTTP conduit configuration
disabling HTTP URL hostname verification (usage of localhost,
etc)</b></div><div class="codeContent panelContent">
-<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[
- ...
- <http-conf:conduit
- name="{http://example.com/}HelloWorldServicePort.http-conduit">
-
- <!-- deactivate HTTPS url hostname verification (localhost, etc)
-->
- <!-- WARNING ! disableCNcheck=true should NOT be used in production
-->
- <http-conf:tlsClientParameters disableCNcheck="true" />
- ...
- </http-conf:conduit>
- ...
-]]></script>
-</div></div>
+<p>Please see <a shape="rect" class="external-link"
href="https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration";>TLS
Configuration</a> page for more information. </p>
<h2><a shape="rect"
name="ClientHTTPTransport%28includingSSLsupport%29-UsingWSDL"></a>Using
WSDL</h2>
Modified: websites/production/cxf/content/docs/jetty-configuration.html
==============================================================================
--- websites/production/cxf/content/docs/jetty-configuration.html (original)
+++ websites/production/cxf/content/docs/jetty-configuration.html Mon Aug 12
15:48:16 2013
@@ -167,7 +167,7 @@ Apache CXF -- Jetty Configuration
<p>The child elements used to provide the configuration properties are
described below.</p>
<div class="table-wrap">
-<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Element </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> httpj:tlsServerParameters </td><td colspan="1"
rowspan="1" class="confluenceTd"> Specifies a set of properties for configuring
the security used for the specific Jetty instance. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> httpj:tlsServerParametersRef
</td><td colspan="1" rowspan="1" class="confluenceTd"> Refers to a set of
security properties defined by a <tt>identifiedTLSServerParameters</tt>
element. The <tt>id</tt> attribute provides the id of the referred
<tt>identifiedTLSServerParameters</tt> element. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:threadingParameters </td><td
colspan="1" rowspan="1" class="confluenceTd"> Specifies the size of the thread
pool used by the specific Jetty instance. </td></tr><tr>
<td colspan="1" rowspan="1" class="confluenceTd"> httpj:threadingParametersRef
</td><td colspan="1" rowspan="1" class="confluenceTd"> Refers to a set of
properties defined by a <tt>identifiedThreadingParameters</tt> element. The
<tt>id</tt> attribute provides the id of the referred
<tt>identifiedThreadingParameters</tt> element. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:connector </td><td colspan="1"
rowspan="1" class="confluenceTd"> You can use spring beans syntax to
instantiate a connector and set the connector's properties , this connector
will be set to the Jetty server engine </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:handlers </td><td colspan="1"
rowspan="1" class="confluenceTd"> You can use spring beans syntax to
instantiate a Jetty handler list and set these handlers' properties , the jetty
handlers will be set to the Jetty server engine </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:sessionSupport
</td><td colspan="1" rowspan="1" class="confluenceTd"> If the value is true ,
the Jetty Engine will set up a session manager for the Jetty server engine to
maintain the sessions. The default value of it is false.</td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> httpj:reuseAddress </td><td
colspan="1" rowspan="1" class="confluenceTd"> The the value is true, the Jetty
Engine connector's socket will enable the SO_REUSEADDR flage. The default value
of it is true. (This feature is available in CXF
2.0.3)</td></tr></tbody></table>
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Element </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> httpj:tlsServerParameters </td><td colspan="1"
rowspan="1" class="confluenceTd"> Specifies a set of properties for configuring
the security used for the specific Jetty instance. See the <a shape="rect"
class="external-link"
href="https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration";>TLS
Configuration</a> page for more information.</td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> httpj:tlsServerParametersRef </td><td
colspan="1" rowspan="1" class="confluenceTd"> Refers to a set of security
properties defined by a <tt>identifiedTLSServerParameters</tt> element. The
<tt>id</tt> attribute provides the id of the referred
<tt>identifiedTLSServerParameters</tt> element. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"
> httpj:threadingParameters </td><td colspan="1" rowspan="1"
> class="confluenceTd"> Specifies the size of the thread pool used by the
> specific Jetty instance. </td></tr><tr><td colspan="1" rowspan="1"
> class="confluenceTd"> httpj:threadingParametersRef </td><td colspan="1"
> rowspan="1" class="confluenceTd"> Refers to a set of properties defined by a
> <tt>identifiedThreadingParameters</tt> element. The <tt>id</tt> attribute
> provides the id of the referred <tt>identifiedThreadingParameters</tt>
> element. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
> httpj:connector </td><td colspan="1" rowspan="1" class="confluenceTd"> You
> can use spring beans syntax to instantiate a connector and set the
> connector's properties , this connector will be set to the Jetty server
> engine </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
> httpj:handlers </td><td colspan="1" rowspan="1" class="confluenceTd"> You
> can use spring beans syntax to instantiate a Jetty handler list and set
these handlers' properties , the jetty handlers will be set to the Jetty
server engine </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:sessionSupport </td><td colspan="1" rowspan="1" class="confluenceTd"> If
the value is true , the Jetty Engine will set up a session manager for the
Jetty server engine to maintain the sessions. The default value of it is
false.</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
httpj:reuseAddress </td><td colspan="1" rowspan="1" class="confluenceTd"> The
the value is true, the Jetty Engine connector's socket will enable the
SO_REUSEADDR flage. The default value of it is true. (This feature is available
in CXF 2.0.3)</td></tr></tbody></table>
</div>
Modified: websites/production/cxf/content/docs/standalone-http-transport.html
==============================================================================
--- websites/production/cxf/content/docs/standalone-http-transport.html
(original)
+++ websites/production/cxf/content/docs/standalone-http-transport.html Mon Aug
12 15:48:16 2013
@@ -129,7 +129,7 @@ Apache CXF -- Standalone HTTP Transport
<div class="wiki-content">
<div id="ConfluenceContent"><h1><a shape="rect"
name="StandaloneHTTPTransport-ConfiguringSSL"></a>Configuring SSL</h1>
-<p>To configure the standalone HTTP transport to use SSL, you'll need to add
an <http:destination> definition to your XML configuration file. See the
<a shape="rect" href="configuration.html"
title="Configuration">Configuration</a> guide to learn how to supply your own
XML configuration file to CXF. If you are already using Spring, this can be
added to your existing beans definitions.</p>
+<p>To configure the standalone HTTP transport to use SSL, you'll need to add
an <http:destination> definition to your XML configuration file. See the
<a shape="rect" href="configuration.html"
title="Configuration">Configuration</a> guide to learn how to supply your own
XML configuration file to CXF. If you are already using Spring, this can be
added to your existing beans definitions. For more information about
configuring TLS, see the <a shape="rect" class="external-link"
href="https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration";>Configuring
TLS</a> page.</p>
<p>Destinations in CXF are responsible for listening for server side
requests.</p>
<div class="code panel" style="border-width: 1px;"><div class="codeContent
panelContent">
Added: websites/production/cxf/content/docs/tls-configuration.html
==============================================================================
--- websites/production/cxf/content/docs/tls-configuration.html (added)
+++ websites/production/cxf/content/docs/tls-configuration.html Mon Aug 12
15:48:16 2013
@@ -0,0 +1,202 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd";>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<html>
+ <head>
+ <link type="text/css" rel="stylesheet"
href="http://cxf.apache.org/resources/site.css";>
+ <script src="http://cxf.apache.org/resources/space.js";
type="text/javascript"></script>
+
+<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+<meta name="keywords" content="business integration, EAI, SOA, Service
Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic
Data Interchange, standards support, integration standards, application
integration, middleware, software, solutions, services, CXF, open source">
+<meta name="description" content="Apache CXF, Services Framework - TLS
Configuration">
+
+ <link
href='http://cxf.apache.org/resources/highlighter/styles/shCoreCXF.css'
rel='stylesheet' type='text/css' />
+ <link
href='http://cxf.apache.org/resources/highlighter/styles/shThemeCXF.css'
rel='stylesheet' type='text/css' />
+ <script src='http://cxf.apache.org/resources/highlighter/scripts/shCore.js'
type='text/javascript'></script>
+ <script
src='http://cxf.apache.org/resources/highlighter/scripts/shBrushJava.js'
type='text/javascript'></script>
+ <script
src='http://cxf.apache.org/resources/highlighter/scripts/shBrushXml.js'
type='text/javascript'></script>
+
+ <script type="text/javascript">
+ SyntaxHighlighter.defaults['toolbar'] = false;
+ SyntaxHighlighter.all();
+ </script>
+
+ <title>
+Apache CXF -- TLS Configuration
+ </title>
+ </head>
+<body onload="init()">
+
+
+<table width="100%" cellpadding="0" cellspacing="0">
+ <tr>
+ <td id="cell-0-0" colspan="2"> </td>
+ <td id="cell-0-1"> </td>
+ <td id="cell-0-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-1-0"> </td>
+ <td id="cell-1-1"> </td>
+ <td id="cell-1-2">
+ <!-- Banner -->
+<div class="banner" id="banner"><div><table border="0" cellpadding="0"
cellspacing="0" width="100%"><tr><td align="left" colspan="1" nowrap>
+<a shape="rect" href="http://cxf.apache.org/"; title="Apache CXF"><span
style="font-weight: bold; font-size: 170%; color: white">Apache CXF</span></a>
+</td><td align="right" colspan="1" nowrap>
+<a shape="rect" href="http://www.apache.org/"; title="The Apache Sofware
Foundation"><img border="0" alt="ASF Logo"
src="http://cxf.apache.org/images/asf-logo.png";></a>
+</td></tr></table></div></div>
+ <!-- Banner -->
+ <div id="top-menu">
+ <table border="0" cellpadding="1" cellspacing="0" width="100%">
+ <tr>
+ <td>
+ <div align="left">
+ <!-- Breadcrumbs -->
+<a href="index.html">Index</a> > <a
href="transports.html">Transports</a> > <a
href="http-transport.html">HTTP Transport</a> > <a
href="asynchronous-client-http-transport.html">Asynchronous Client HTTP
Transport</a> > <a href="tls-configuration.html">TLS
Configuration</a>
+ <!-- Breadcrumbs -->
+ </div>
+ </td>
+ <td>
+ <div align="right">
+ <!-- Quicklinks -->
+<div id="quicklinks"><p><a shape="rect"
href="http://cxf.apache.org/download.html";>Download</a> | <a shape="rect"
href="http://cxf.apache.org/docs/index.html";>Documentation</a></p></div>
+ <!-- Quicklinks -->
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ <td id="cell-1-3"> </td>
+ <td id="cell-1-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-2-0" colspan="2"> </td>
+ <td id="cell-2-1">
+ <table>
+ <tr valign="top">
+ <td height="100%">
+ <div id="wrapper-menu-page-right">
+ <div id="wrapper-menu-page-top">
+ <div id="wrapper-menu-page-bottom">
+ <div id="menu-page">
+ <!-- NavigationBar -->
+<div id="navigation"><ul class="alternate" type="square"><li><a shape="rect"
href="overview.html" title="Overview">Overview</a></li><li><a shape="rect"
href="how-tos.html" title="How-Tos">How-Tos</a></li><li><a shape="rect"
href="frontends.html" title="Frontends">Frontends</a></li><li><a shape="rect"
href="databindings.html" title="DataBindings">DataBindings</a></li><li><a
shape="rect" href="transports.html"
title="Transports">Transports</a></li><li><a shape="rect"
href="configuration.html" title="Configuration">Configuration</a></li><li><a
shape="rect" href="debugging-and-logging.html" title="Debugging and
Logging">Debugging and Logging</a></li><li><a shape="rect" href="tools.html"
title="Tools">Tools</a></li><li><a shape="rect" href="restful-services.html"
title="RESTful Services">RESTful Services</a></li><li><a shape="rect"
href="wsdl-bindings.html" title="WSDL Bindings">WSDL Bindings</a></li><li><a
shape="rect" href="service-routing.html" title="Service Routing">Service
Routing<
/a></li><li><a shape="rect" href="dynamic-languages.html" title="Dynamic
Languages">Dynamic Languages</a></li><li><a shape="rect" href="ws-support.html"
title="WS-* Support">WS-* Support</a></li><li><a shape="rect"
href="advanced-integration.html" title="Advanced Integration">Advanced
Integration</a></li><li><a shape="rect" href="deployment.html"
title="Deployment">Deployment</a></li><li><a shape="rect"
href="schemas-and-namespaces.html" title="Schemas and Namespaces">Use of
Schemas and Namespaces</a></li></ul>
+
+
+<hr>
+<ul class="alternate" type="square"><li>Search<br clear="none">
+
+<form enctype="application/x-www-form-urlencoded" method="get"
id="cse-search-box" action="http://www.google.com/cse";>
+ <div>
+ <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
+ <input type="hidden" name="ie" value="UTF-8">
+ <input type="text" name="q" size="21">
+ <input type="submit" name="sa" value="Search">
+ </div>
+</form>
+<script type="text/javascript"
src="http://www.google.com/cse/brand?form=cse-search-box&lang=en";></script>
+</li></ul>
+
+
+<hr>
+<ul class="alternate" type="square"><li><a shape="rect"
href="http://cxf.apache.org/javadoc/latest/";>API (Javadoc)</a></li><li><a
shape="rect" href="http://cxf.apache.org/";>CXF Website</a></li></ul>
+
+</div>
+ <!-- NavigationBar -->
+ </div>
+ </div>
+ </div>
+ </div>
+ </td>
+ <td height="100%">
+ <!-- Content -->
+ <div class="wiki-content">
+<div id="ConfluenceContent"><p>The TLSClientParameters are listed <a
shape="rect" class="external-link"
href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSParameterBase.java";>here</a>
and <a shape="rect" class="external-link"
href="https://svn.apache.org/repos/asf/cxf/trunk/api/src/main/java/org/apache/cxf/configuration/jsse/TLSClientParameters.java";>here</a>.
</p>
+
+<div class="table-wrap">
+<table class="confluenceTable"><tbody><tr><th colspan="1" rowspan="1"
class="confluenceTh"> Attribute </th><th colspan="1" rowspan="1"
class="confluenceTh"> Default </th><th colspan="1" rowspan="1"
class="confluenceTh"> Since </th><th colspan="1" rowspan="1"
class="confluenceTh"> Description </th></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>certConstraints</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> Certificate Constraints specification. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>cipherSuites</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> default sslContext cipher suites
</td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td
colspan="1" rowspan="1" class="confluenceTd"> CipherSuites that will be
supported. </td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>cipherS
uitesFilter</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> filters of the supported CipherSuites that will be
supported and used if available. </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>disableCNcheck</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>false</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> 2.0.5 </td><td colspan="1" rowspan="1"
class="confluenceTd"> Indicates whether that the hostname given in the HTTPS
URL will be checked against the service's Common Name (CN) given in its
certificate during SOAP client requests, and failing if there is a mismatch.
If set to <tt>true</tt> (<b>not recommended for production use</b>), such
checks will be bypassed. That will allow you, for example, to use a URL such
as <tt>localhost</tt> during development. </td></tr><tr><td colspan="1"
rowspan="1" class=
"confluenceTd"> <tt>jsseProvider</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> default JVM provider associated with protocol </td><td
colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1"
rowspan="1" class="confluenceTd"> JSSE provider name. </td></tr><tr><td
colspan="1" rowspan="1" class="confluenceTd"> <tt>keyManagers</tt> </td><td
colspan="1" rowspan="1" class="confluenceTd"> JVM default Key Managers </td><td
colspan="1" rowspan="1" class="confluenceTd"> </td><td colspan="1"
rowspan="1" class="confluenceTd"> Key Managers to hold X509 certificates.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>secureRandomParameters</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> JVM default Secure Random </td><td colspan="1"
rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> SecureRandom specification. </td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>secureSocketPro
tocol</tt> </td><td colspan="1" rowspan="1" class="confluenceTd"> "TLS"
</td><td colspan="1" rowspan="1" class="confluenceTd"> </td><td
colspan="1" rowspan="1" class="confluenceTd"> Protocol Name. Most common
example are "SSL", "TLS" or "TLSv1". </td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"> <tt>trustManagers</tt> </td><td colspan="1" rowspan="1"
class="confluenceTd"> JVM default Trust Managers </td><td colspan="1"
rowspan="1" class="confluenceTd"> </td><td colspan="1" rowspan="1"
class="confluenceTd"> TrustManagers to validate peer X509 certificates.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>useHttpsURLConnectionDefaultSslSocketFactory</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> 2.2.7 </td><td colspan="1" rowspan="1"
class="confluenceTd"> specifies if <a shape="rect" class="external-link"
href="http://java.sun.com/javase/6/docs/api/javax/net/ssl
/HttpsURLConnection.html#getDefaultSSLSocketFactory()"
rel="nofollow">HttpsURLConnection.getDefaultSSLSocketFactory()</a> should be
used to create https connections. If '<tt>true</tt>', '<tt>jsseProvider</tt>',
'<tt>secureSocketProtocol</tt>', '<tt>trustManagers</tt>',
'<tt>keyManagers</tt>', '<tt>secureRandom</tt>', '<tt>cipherSuites</tt>' and
'<tt>cipherSuitesFilter</tt>' configuration parameters are ignored.
</td></tr><tr><td colspan="1" rowspan="1" class="confluenceTd">
<tt>useHttpsURLConnectionDefaultHostnameVerifier</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> <tt>false</tt> </td><td colspan="1"
rowspan="1" class="confluenceTd"> 2.2.7 </td><td colspan="1" rowspan="1"
class="confluenceTd"> This attribute specifies if <a shape="rect"
class="external-link"
href="http://java.sun.com/javase/6/docs/api/javax/net/ssl/HttpsURLConnection.html#getDefaultHostnameVerifier()"
rel="nofollow">HttpsURLConnection.getDefaultHostnameVerifier()</a> should be
used to create https co
nnections. If '<tt>true</tt>', '<tt>disableCNCheck</tt>' configuration
parameter is ignored. </td></tr></tbody></table>
+</div>
+
+
+
+<p>Note : <tt>disableCNcheck</tt> is a parameterized boolean, you can use a
fixed variable <tt>true</tt>|<tt>false</tt> as well as a <a shape="rect"
class="external-link"
href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer";
rel="nofollow">Spring externalized property</a> variable (e.g.
<tt>${disable-https-hostname-verification</tt>}) or a <a shape="rect"
class="external-link"
href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef";
rel="nofollow">Spring expression</a> (e.g.
<tt>#{systemProperties['dev-mode']</tt>}).</p>
+
+<p>Sample : </p>
+
+<div class="code panel" style="border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;"><b>HTTP conduit configuration
disabling HTTP URL hostname verification (usage of localhost,
etc)</b></div><div class="codeContent panelContent">
+<script class="theme: Default; brush: xml; gutter: false"
type="syntaxhighlighter"><![CDATA[
+ ...
+ <http-conf:conduit
+ name="{http://example.com/}HelloWorldServicePort.http-conduit">
+
+ <!-- deactivate HTTPS url hostname verification (localhost, etc)
-->
+ <!-- WARNING ! disableCNcheck=true should NOT be used in production
-->
+ <http-conf:tlsClientParameters disableCNcheck="true" />
+ ...
+ </http-conf:conduit>
+ ...
+]]></script>
+</div></div></div>
+ </div>
+ <!-- Content -->
+ </td>
+ </tr>
+ </table>
+ </td>
+ <td id="cell-2-2" colspan="2"> </td>
+ </tr>
+ <tr>
+ <td id="cell-3-0"> </td>
+ <td id="cell-3-1"> </td>
+ <td id="cell-3-2">
+ <div id="footer">
+ <!-- Footer -->
+ <div id="site-footer">
+ <a href="http://cxf.apache.org/privacy-policy.html";>Privacy
Policy</a> -
+ (<a
href="https://cwiki.apache.org/confluence/pages/editpage.action?pageId=34014457";>edit
page</a>)
+ (<a
href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34014457&showComments=true&showCommentArea=true#addcomment";>add
comment</a>)<br>
+ Apache CXF, CXF, Apache, the Apache feather logo are trademarks of The
Apache Software Foundation.<br>
+ All other marks mentioned may be trademarks or registered trademarks
of their respective owners.
+ </div>
+ <!-- Footer -->
+ </div>
+ </td>
+ <td id="cell-3-3"> </td>
+ <td id="cell-3-4"> </td>
+ </tr>
+ <tr>
+ <td id="cell-4-0" colspan="2"> </td>
+ <td id="cell-4-1"> </td>
+ <td id="cell-4-2" colspan="2"> </td>
+ </tr>
+</table>
+
+<script type="text/javascript">
+var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl."; :
"http://www.";);
+document.write(unescape("%3Cscript src='" + gaJsHost +
"google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
+</script>
+<script type="text/javascript">
+try {
+var pageTracker = _gat._getTracker("UA-4458903-1");
+pageTracker._trackPageview();
+} catch(err) {}</script>
+
+</body>
+</html>
+
![http://cxf.apache.org/images/asf-logo.png"](http://cxf.apache.org/images/asf-logo.png"){kind=link}