Greetings,
I have a patch that I attached to JIRA CXF-706.
I'd appreciate if somebody could apply it.
It doesn't have any binary files so, its application should be okay.
This patch gets rid of the Deprecated SSL stuff, allows to
you to use multiple Http Destinations on the same HTTPS port.
This required some refactoring of the Spring configuration, so if you were
using
<http:destination name"...">
<http:sslServer>
....
</http:sslServer>
</http:destination>
before you need to revamp.
You now configure the "port" for SSL/TLS, no longer the destination.
This is done by
configuring arguments to the Jetty Http Server Engine Factory for a
particular bus, like
so;
<beans
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
>
<httpj:engine-factory bus="cxf">
<httpj:engine port="2999">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="pass">
<sec:keyStore type="jks" password="pass"
file="path/to/keystore.jks"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="jks" password="pass"
file="path/to/truststore.jks"/>
</sec:trustManagers>
<sec:clientAuthentication want="true" required="true"/>
</httpj:tlsServerParameters>
<httpj:threadingParameters minThreads="10" maxThreads="20"/>
</httpj:engine>
<httpj:engine-factory>
<bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl"/>
</beans>
For programmatic configuration you pull the JettyHTTPServerEngineFactory
off of the bus
as an extension, and
factory.setTLSServerParametersForPort(port, tlsServerParameters);
before the Server Engine is created. Setting this after the engine is
created for that
port will have no effect.
If you were using a "special" configurer that looked for the
implemenation name
of a JettyHTTPServerEngine.port#, and tried to configurer it
programatically, that no longer
works as the JettyHTTPServerEngine is not longer "configurable" by
anything but its factory.
You must configure the factory.
Cheers,
-Polar
