HTTPConduit JSSE Trust Decider JIRA CXF-438

Wed, 07 Mar 2007 12:25:41 -0800 

Greetings,
I would like to enable the HTTP Conduit with some security hooks to establish a client's trust in the endpoint. This is in response to JIRA https://issues.apache.org/jira/browse/CXF-438 


The approach will only be applicable to the https protocol using the 
JSSE.  I would like to propose the following interface JSSETrustDecider, 
which will be instantiated by spring configuration based on endpoint or 
on the bus (for all potential https connections).



A call will be made to the JSSETrustDecider at the point the SSL 
handshake completes. If trust is not established, the 
SSLSocket.getOutputStream() will throw the exception from the trust 
decider, which has the desired effect, forbidding anything to be written 
to the wire.



The bean will be spring loaded per statically configured endpoint by 
using the "http-conduit.jsse-trust" suffix, like so:



    <bean name="{http://Qname}EndpointName.http-conduit.jsse-trust"; 
class="...">



This work mandates changes to the SSLSocketFactoryWrapper, 
HTTPTransportFactory, HTTPUrlConnectionFactory, and requires a wrapper 
for the SSLSocket.



I have implemented this in http, I need to "translate" that to http2, 
come up with some system tests, and create the patch.


Does everybody agree with the approach?

Cheers,
-Polar

----------
package org.apache.cxf.transport.https;

import javax.net.ssl.HandshakeCompletedEvent;

import org.apache.cxf.service.model.EndpointInfo;

/**
* This interface is used to decide trust in the TLS peer
* within the HTTP Conduit using JSSE TLS. The method within
* this interface is called once at the successfull completion
* of the inital TLS handshake.
*
*/
public interface JSSETrustDecider {
       /**
        * This method is called at the completion of the
        * initial handshake for a TLS connection, but before
        * anything else is sent to the peer.
        *

        * @param endpointInfo The CXF Endpoint associated with this 
HTTP conduit.
        * @param event        The JSSE event that contains SSL security 
information.

        *
        * @throws UntrustedTLSConnectionIOException
        *                     The trust decider throws this if
        *                     trust cannot be established.
        */
       void establishTrust(
                       EndpointInfo             endpointInfo,
                       HandshakeCompletedEvent  event
       ) throws
               UntrustedTLSConnectionIOException;
}























					Reply via email to