Yes, for clients who have no strong requirements for SSL themselves
(i.e. are happy to use insecure HTTP if they ca get away with it)
it would be reasonable to expect to be able to use SSL without being
required to have per-conduit config if the other required SSL config was
defaulted or otherwise specified at a higher level (or via appropriate
defaults).
Every SSL application in the world does have SSL configuration its just
a matter of how its picked up :-)
---
However for clients that DO have specific security requirements one
would also want to be able to enforce the use of SSL in some fashion.
For these types of secure apps though : basing the decision purely on
the URL which might even have been retrieved dynamically over an
insecure connection would be inappropriate.
In general this (fairly typical) type of secure application would like
to be able to specify this type of strictly secure behaviour at a high
level
(not per conduit/endpoint).
Cheers,
Donal
-----Original Message-----
From: John-M Baker [mailto:[EMAIL PROTECTED]
Sent: 05 March 2008 10:44
To: [email protected]
Cc: [email protected]
Subject: Re: HTTPs and CXF
Isn't that an awful lot of effort? Shouldn't it "just work" like any
other
application in the world?
John Baker
--
Web SSO
IT Infrastructure
Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com
"Christian Vest Hansen" <[EMAIL PROTECTED]>
05/03/2008 10:43
Please respond to
[email protected]
To
[email protected]
cc
Subject
Re: HTTPs and CXF
You are expected to configure a http conduit so that it will make
proper use of SSL:
http://cwiki.apache.org/CXF20DOC/client-http-transport.html
:)
On 3/5/08, John-M Baker <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I see the topic of HTTPs has been discussed very recently, however
has
> there been a conclusion? I've created a CXF client stub that operates
> correctly with HTTP, but when I do nothing more than change the
location
> in the WSDL to an HTTPs URL, and generate stubs, I receive the
following
> runtime exception:
>
> Caused by: java.io.IOException: Illegal Protocol https for HTTP
> URLConnection Factory.
> at
>
org.apache.cxf.transport.http.HttpURLConnectionFactoryImpl.createConnect
ion(HttpURLConnectionFactoryImpl.java:44)
> at
>
org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:474)
> at
>
org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(Messag
eSenderInterceptor.java:46)
> ... 8 more
>
> Is this a bug? Surely CXF is able to handle an HTTPs URL? If it's not
a
> bug, what am I expected to do?
>
> Thanks,
>
>
> John Baker
> --
> Web SSO
> IT Infrastructure
> Deutsche Bank London
>
> URL: http://websso.cto.gt.intranet.db.com
>
>
> ---
>
> This e-mail may contain confidential and/or privileged information.
If
you are not the intended recipient (or have received this e-mail in
error)
please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
>
> Please refer to http://www.db.com/en/content/eu_disclosures.htm for
additional EU corporate and regulatory disclosures.
--
Venlig hilsen / Kind regards,
Christian Vest Hansen.
---
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this e-mail in
error) please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
Please refer to http://www.db.com/en/content/eu_disclosures.htm for
additional EU corporate and regulatory disclosures.
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
