Good to hear. About the Java API issue, feel free to type up a JIRA report on it. Attach this thread to it: http://www.nabble.com/CXF-ssl-sample-using-CXF-APIs-tt18570914.html
Glen Arul Dhesiaseelan wrote: > > Glen, > > Thanks for all your help. I appreciate your inputs. > > I did a quick test using the spring-configs and embedded Jetty server > (JaxWsServerFactoryBean). It worked like a charm. CXF uses Jetty SSL > connector to support SSL (CXFJettySslSocketConnector). > > My only gut feeling says if embedded Jetty supports SSL using > spring-config, it should support Java APIs as well. > > -Arul > > Glen Mazza wrote: >> Actually, we may not be able to support SSL with embedded Jetty >> anyway--look >> at this thread, as well as a J2SE 6.0 based alternative solution: >> >> http://www.nabble.com/Help-needed-for-SSL-and-Basic-authentication-tt17761832.html >> >> HTH, >> Glen >> >> >> Glen Mazza wrote: >> >>> While I hope others can help you with your problem, if you want to use >>> SSL, I suspect you'd be better off with a standalone container[1] >>> anyway--WAR file, web.xml, all that good stuff--this way at least you >>> know >>> what you're coding on top of. I just haven't researched SSL over >>> embedded >>> Jetty containers. >>> >>> Glen >>> >>> [1] http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic >>> >>> >>> Arul Dhesiaseelan wrote: >>> >>>> Can someone look into this pls? >>>> >>>> I am close to making this work. But, figuring out what could be wrong >>>> is >>>> still a puzzle to me. >>>> >>>> Thank you, >>>> Arul >>>> >>>> Arul Dhesiaseelan wrote: >>>> >>>>> Hello, >>>>> >>>>> I did some debugging using CXF 2.1.1 sources. I see the problem in >>>>> line 201 in JettyHTTPServerEngineFactory.createJettyHTTPServerEngine() >>>>> where it makes a call to ref.finalizeConfig(). >>>>> >>>>> In JettyHTTPServerEngine.finalizeConfig(), it calls method >>>>> retrieveListenerFactory(). In this method the "tlsServerParameters" is >>>>> null so the protocol is defaulted to "http" and finally throws the >>>>> exception. >>>>> >>>>> This tells me that I am not correctly setting the TLSServerParameters >>>>> to the JettyHTTPServerEngine in my code in the correct order. Or, I am >>>>> not creating the JettyHTTPServerEngine instance properly. >>>>> >>>>> Does some one help me if I am missing something here? >>>>> >>>>> Appreciate your help. >>>>> >>>>> -Arul >>>>> >>>>> Arul Dhesiaseelan wrote: >>>>> >>>>>> Hello, >>>>>> >>>>>> I was trying to use CXF APIs to configure SSL on the service. But, I >>>>>> am getting an illegal state exception: Port 9001 is configured with >>>>>> wrong protocol "http" for "https://localhost:9001/hello"; >>>>>> >>>>>> JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean(); >>>>>> sf.setServiceClass(HelloWorld.class); >>>>>> sf.getServiceFactory().setWrapped(true); >>>>>> >>>>>> QName name = new QName("http://test.com";, "ws", ""); >>>>>> sf.setServiceName(name); >>>>>> sf.setAddress("https://localhost:9001/hello";); >>>>>> >>>>>> HelloWorld helloService = new HelloWorldImpl(); >>>>>> >>>>>> sf.getServiceFactory().setInvoker(new BeanInvoker(helloService)); >>>>>> //org.apache.cxf.endpoint.Server server = sf.create(); >>>>>> >>>>>> JettyHTTPServerEngineFactory factory = >>>>>> sf.getBus().getExtension(JettyHTTPServerEngineFactory.class); >>>>>> >>>>>> TLSServerParameters tlsParams = new TLSServerParameters(); >>>>>> JettyHTTPServerEngine engine = null; >>>>>> try { >>>>>> engine = factory.createJettyHTTPServerEngine(9001, "https"); >>>>>> KeyStore keyStore = KeyStore.getInstance("JKS"); >>>>>> String trustpass = "password"; >>>>>> File truststore = new >>>>>> File("C:\\apache-cxf-2.1.1\\samples\\wsdl_first_https\\certs\\cherry.jks"); >>>>>> >>>>>> >>>>>> keyStore.load(new FileInputStream(truststore), >>>>>> trustpass.toCharArray()); >>>>>> KeyManagerFactory keyFactory = >>>>>> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); >>>>>> keyFactory.init(keyStore, trustpass.toCharArray()); >>>>>> KeyManager[] km = keyFactory.getKeyManagers(); >>>>>> tlsParams.setKeyManagers(km); >>>>>> >>>>>> truststore = new >>>>>> File("C:\\apache-cxf-2.1.1\\samples\\wsdl_first_https\\certs\\truststore.jks"); >>>>>> >>>>>> >>>>>> keyStore.load(new FileInputStream(truststore), >>>>>> trustpass.toCharArray()); >>>>>> TrustManagerFactory trustFactory = >>>>>> TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); >>>>>> >>>>>> >>>>>> trustFactory.init(keyStore); >>>>>> TrustManager[] tm = trustFactory.getTrustManagers(); >>>>>> tlsParams.setTrustManagers(tm); >>>>>> FiltersType filter = new FiltersType(); >>>>>> filter.getInclude().add(".*_EXPORT_.*"); >>>>>> filter.getInclude().add(".*_EXPORT1024_.*"); >>>>>> filter.getInclude().add(".*_WITH_DES_.*"); >>>>>> filter.getInclude().add(".*_WITH_NULL_.*"); >>>>>> filter.getExclude().add(".*_DH_anon_.*"); >>>>>> tlsParams.setCipherSuitesFilter(filter); >>>>>> ClientAuthentication ca = new ClientAuthentication(); >>>>>> ca.setRequired(true); >>>>>> ca.setWant(true); >>>>>> tlsParams.setClientAuthentication(ca); >>>>>> tlsParams.setSecureSocketProtocol("SSL"); >>>>>> if (engine != null) { >>>>>> engine.setTlsServerParameters(tlsParams); >>>>>> } >>>>>> } catch (KeyStoreException kse) { >>>>>> } catch (NoSuchAlgorithmException nsa) { >>>>>> } catch (FileNotFoundException fnfe) { >>>>>> } catch (UnrecoverableKeyException uke) { >>>>>> } catch (CertificateException ce) { >>>>>> } catch (GeneralSecurityException gse) { >>>>>> } catch (IOException ioe) { >>>>>> } >>>>>> >>>>>> List<JettyHTTPServerEngine> engines = new >>>>>> ArrayList<JettyHTTPServerEngine>(); >>>>>> if (engine != null) >>>>>> engines.add(engine); >>>>>> factory.setEnginesList(engines); >>>>>> org.apache.cxf.endpoint.Server server = sf.create(); >>>>>> ((JettyHTTPServerEngine) ((JettyHTTPDestination) >>>>>> server.getDestination()).getEngine()).setJettyHTTPServerEngineFactory(factory); >>>>>> >>>>>> >>>>>> >>>>>> String endpoint = >>>>>> server.getEndpoint().getEndpointInfo().getAddress(); >>>>>> System.out.println("Server started at " + endpoint); >>>>>> >>>>>> >>>>>> But when I start the service, I get the below error: >>>>>> >>>>>> Jul 21, 2008 9:15:10 AM >>>>>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean >>>>>> buildServiceFromClass >>>>>> INFO: Creating Service {http://test.com}ws from class >>>>>> com.test.cxf.HelloWorld >>>>>> Exception in thread "main" java.lang.IllegalStateException: Port 9001 >>>>>> is configured with wrong protocol "http" for >>>>>> "https://localhost:9001/hello"; >>>>>> at >>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.retrieveEngine(JettyHTTPDestination.java:115) >>>>>> >>>>>> >>>>>> at >>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.finalizeConfig(JettyHTTPDestination.java:134) >>>>>> >>>>>> >>>>>> at >>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.createDestination(JettyHTTPTransportFactory.java:123) >>>>>> >>>>>> >>>>>> at >>>>>> org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.getDestination(JettyHTTPTransportFactory.java:103) >>>>>> >>>>>> >>>>>> at >>>>>> org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90) >>>>>> at org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69) >>>>>> at >>>>>> org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:115) >>>>>> >>>>>> >>>>>> at >>>>>> org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.java:164) >>>>>> >>>>>> >>>>>> at com.test.cxf.Server.main(Server.java:104) >>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>>> at >>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >>>>>> >>>>>> >>>>>> at >>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >>>>>> >>>>>> >>>>>> at java.lang.reflect.Method.invoke(Method.java:585) >>>>>> at >>>>>> com.intellij.rt.execution.application.AppMain.main(AppMain.java:90) >>>>>> >>>>>> >>>>>> Any thoughts on this issue? >>>>>> >>>>>> Thank you, >>>>>> -Arul >>>>>> >>>>>> >>>>>> ______________________________ >>>>>> >>>> >>>> >>> >> >> > > > -- View this message in context: http://www.nabble.com/CXF-ssl-sample-using-CXF-APIs-tp18570914p18594995.html Sent from the cxf-user mailing list archive at Nabble.com.
