Hello, I am not sure if this problem is a Synapse, Axis2 or a JVM problem.
What I do want to do? - There is a backend system, which is using the SSL client certificate for authenticate and login. - I want to use Synapse to change from a HTTP proxy to a HTTPS endpoint. - I have tried to write a Synapse mediator (in Java) which will generate the client certificate for SSL and create a keystore at runtime and change the keystore which is used by the "org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender" for the SSL connection at runtime. - The endpoint in Synapse is configured with HTTPS. - The mediator is looking after the "customSSLProfiles" parameter in the Axis configuration, change the "KeyStore" parameter at runtime. - I have reinitialized the HttpCoreNIOSSLSender. This works fine for the first time. But now I find the following misbehaviour: - The first request is using the username "aaa" and the backend system is using the "aaa" account - worked as expected. - The second request is using the username "bbb", the keystore is changed but the SSL connection is still using the "aaa" certificate and therefor the backend system is still action with the user account "aaa" instead of "bbb". Not desired. I have not found a possibility to disable the SSLSessionContext caching. I have tried to write my own "HttpCoreNIOSSLSender" where I set the SessionTimeout and SessionCacheSize both to 1. But without any effect. Who can explain me how I can disable the SSLSessionContext caching in Synapse? Mit freundlichen Grüßen / Best regards, i.A. Holger Thorein ________________________________________________________________ Behr GmbH & Co. KG FI15 Mauserstraße 3 70469 Stuttgart DE Tel.: +49 711 896-2721 Fax: 0049 711 8902 2721 [email protected] --------------------------------------------- Persönlich haftende Gesellschafterin der Behr GmbH & Co. KG (Amtsgericht Stuttgart HRA 2257) ist die Behr Verwaltung GmbH (Amtsgericht Stuttgart HRB 3333), beide mit Sitz in Stuttgart. Geschäftsführer: Dipl.-Kfm. Peter Grunow (Vorsitzender), Colin Carter, Michael Frick, Klemens Schmiederer Vorsitzender des Aufsichtsrates: Horst Geidel. --------------------------------------------- NOTICE: The information contained in this e-mail is confidential or may otherwise be legally privileged. It is intended for the named recipient only. If you have received it in error, please notify us immediately by reply or by calling the telephone number above and delete this message and all its attachments. Please note that any unauthorised review, copying, disclosing or otherwise making use of the information is strictly prohibited. Thank you. --------------------------------------------- Ich werde ab 24.12.2012 nicht im Büro sein. Ich kehre zurück am 07.01.2013.
