Cool. I added it to our articles page: http://cxf.apache.org/resources-and-articles.html.
It should appear in a few hours, once the site refreshes. Glen Arul Dhesiaseelan wrote: > > I blogged recently about configuring SSL for Jetty based CXF services > using Java APIs here. > http://aruld.info/programming-ssl-for-jetty-based-cxf-services/ > > The sample is all Apache licensed. So, feel free to use. > > -Arul > > _____ > > From: Arul Dhesiaseelan [mailto:[EMAIL PROTECTED] > To: [email protected] > Sent: Wed, 23 Jul 2008 13:40:25 -0600 > Subject: Re: CXF ssl sample using CXF APIs > > Glen, > > Created a JIRA report for this issue > (https://issues.apache.org/jira/browse/CXF-1718). > > Thanks! > Arul > > Glen Mazza wrote: > > Good to hear. About the Java API issue, feel free to type up a JIRA > report > > on it. Attach this thread to it: > > http://www.nabble.com/CXF-ssl-sample-using-CXF-APIs-tt18570914.html > > > > Glen > > > > > > Arul Dhesiaseelan wrote: > > > >> Glen, > >> > >> Thanks for all your help. I appreciate your inputs. > >> > >> I did a quick test using the spring-configs and embedded Jetty server > >> (JaxWsServerFactoryBean). It worked like a charm. CXF uses Jetty SSL > >> connector to support SSL (CXFJettySslSocketConnector). > >> > >> My only gut feeling says if embedded Jetty supports SSL using > >> spring-config, it should support Java APIs as well. > >> > >> -Arul > >> > >> Glen Mazza wrote: > >> > >>> Actually, we may not be able to support SSL with embedded Jetty > >>> anyway--look > >>> at this thread, as well as a J2SE 6.0 based alternative solution: > >>> > >>> > http://www.nabble.com/Help-needed-for-SSL-and-Basic-authentication-tt17761832.html > >>> > >>> HTH, > >>> Glen > >>> > >>> > >>> Glen Mazza wrote: > >>> > >>> > >>>> While I hope others can help you with your problem, if you want to > use > >>>> SSL, I suspect you'd be better off with a standalone container[1] > >>>> anyway--WAR file, web.xml, all that good stuff--this way at least > you > >>>> know > >>>> what you're coding on top of. I just haven't researched SSL over > >>>> embedded > >>>> Jetty containers. > >>>> > >>>> Glen > >>>> > >>>> [1] http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic > >>>> > >>>> > >>>> Arul Dhesiaseelan wrote: > >>>> > >>>> > >>>>> Can someone look into this pls? > >>>>> > >>>>> I am close to making this work. But, figuring out what could be > wrong > >>>>> is > >>>>> still a puzzle to me. > >>>>> > >>>>> Thank you, > >>>>> Arul > >>>>> > >>>>> Arul Dhesiaseelan wrote: > >>>>> > >>>>> > >>>>>> Hello, > >>>>>> > >>>>>> I did some debugging using CXF 2.1.1 sources. I see the problem > in > >>>>>> line 201 in > JettyHTTPServerEngineFactory.createJettyHTTPServerEngine() > >>>>>> where it makes a call to ref.finalizeConfig(). > >>>>>> > >>>>>> In JettyHTTPServerEngine.finalizeConfig(), it calls method > >>>>>> retrieveListenerFactory(). In this method the > "tlsServerParameters" is > >>>>>> null so the protocol is defaulted to "http" and finally throws > the > >>>>>> exception. > >>>>>> > >>>>>> This tells me that I am not correctly setting the > TLSServerParameters > >>>>>> to the JettyHTTPServerEngine in my code in the correct order. Or, > I am > >>>>>> not creating the JettyHTTPServerEngine instance properly. > >>>>>> > >>>>>> Does some one help me if I am missing something here? > >>>>>> > >>>>>> Appreciate your help. > >>>>>> > >>>>>> -Arul > >>>>>> > >>>>>> Arul Dhesiaseelan wrote: > >>>>>> > >>>>>> > >>>>>>> Hello, > >>>>>>> > >>>>>>> I was trying to use CXF APIs to configure SSL on the service. > But, I > >>>>>>> am getting an illegal state exception: Port 9001 is configured > with > >>>>>>> wrong protocol "http" for "https://localhost:9001/hello"; > >>>>>>> > >>>>>>> JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean(); > >>>>>>> sf.setServiceClass(HelloWorld.class); > >>>>>>> sf.getServiceFactory().setWrapped(true); > >>>>>>> > >>>>>>> QName name = new QName("http://test.com";, "ws", ""); > >>>>>>> sf.setServiceName(name); > >>>>>>> sf.setAddress("https://localhost:9001/hello";); > >>>>>>> > >>>>>>> HelloWorld helloService = new HelloWorldImpl(); > >>>>>>> > >>>>>>> sf.getServiceFactory().setInvoker(new > BeanInvoker(helloService)); > >>>>>>> //org.apache.cxf.endpoint.Server server = sf.create(); > >>>>>>> > >>>>>>> JettyHTTPServerEngineFactory factory = > >>>>>>> sf.getBus().getExtension(JettyHTTPServerEngineFactory.class); > >>>>>>> > >>>>>>> TLSServerParameters tlsParams = new TLSServerParameters(); > >>>>>>> JettyHTTPServerEngine engine = null; > >>>>>>> try { > >>>>>>> engine = factory.createJettyHTTPServerEngine(9001, > "https"); > >>>>>>> KeyStore keyStore = KeyStore.getInstance("JKS"); > >>>>>>> String trustpass = "password"; > >>>>>>> File truststore = new > >>>>>>> > File("C:\\apache-cxf-2.1.1\\samples\\wsdl_first_https\\certs\\cherry.jks"); > >>>>>>> > >>>>>>> keyStore.load(new FileInputStream(truststore), > >>>>>>> trustpass.toCharArray()); > >>>>>>> KeyManagerFactory keyFactory = > >>>>>>> > KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); > >>>>>>> keyFactory.init(keyStore, trustpass.toCharArray()); > >>>>>>> KeyManager[] km = keyFactory.getKeyManagers(); > >>>>>>> tlsParams.setKeyManagers(km); > >>>>>>> > >>>>>>> truststore = new > >>>>>>> > File("C:\\apache-cxf-2.1.1\\samples\\wsdl_first_https\\certs\\truststore.jks"); > > >>>>>>> > >>>>>>> keyStore.load(new FileInputStream(truststore), > >>>>>>> trustpass.toCharArray()); > >>>>>>> TrustManagerFactory trustFactory = > >>>>>>> > TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > >>>>>>> > >>>>>>> trustFactory.init(keyStore); > >>>>>>> TrustManager[] tm = trustFactory.getTrustManagers(); > >>>>>>> tlsParams.setTrustManagers(tm); > >>>>>>> FiltersType filter = new FiltersType(); > >>>>>>> filter.getInclude().add(".*_EXPORT_.*"); > >>>>>>> filter.getInclude().add(".*_EXPORT1024_.*"); > >>>>>>> filter.getInclude().add(".*_WITH_DES_.*"); > >>>>>>> filter.getInclude().add(".*_WITH_NULL_.*"); > >>>>>>> filter.getExclude().add(".*_DH_anon_.*"); > >>>>>>> tlsParams.setCipherSuitesFilter(filter); > >>>>>>> ClientAuthentication ca = new ClientAuthentication(); > >>>>>>> ca.setRequired(true); > >>>>>>> ca.setWant(true); > >>>>>>> tlsParams.setClientAuthentication(ca); > >>>>>>> tlsParams.setSecureSocketProtocol("SSL"); > >>>>>>> if (engine != null) { > >>>>>>> engine.setTlsServerParameters(tlsParams); > >>>>>>> } > >>>>>>> } catch (KeyStoreException kse) { > >>>>>>> } catch (NoSuchAlgorithmException nsa) { > >>>>>>> } catch (FileNotFoundException fnfe) { > >>>>>>> } catch (UnrecoverableKeyException uke) { > >>>>>>> } catch (CertificateException ce) { > >>>>>>> } catch (GeneralSecurityException gse) { > >>>>>>> } catch (IOException ioe) { > >>>>>>> } > >>>>>>> > >>>>>>> List<JettyHTTPServerEngine> engines = new > >>>>>>> ArrayList<JettyHTTPServerEngine>(); > >>>>>>> if (engine != null) > >>>>>>> engines.add(engine); > >>>>>>> factory.setEnginesList(engines); > >>>>>>> org.apache.cxf.endpoint.Server server = sf.create(); > >>>>>>> ((JettyHTTPServerEngine) ((JettyHTTPDestination) > >>>>>>> > server.getDestination()).getEngine()).setJettyHTTPServerEngineFactory(factory); > > >>>>>>> > >>>>>>> > >>>>>>> String endpoint = > >>>>>>> server.getEndpoint().getEndpointInfo().getAddress(); > >>>>>>> System.out.println("Server started at " + endpoint); > >>>>>>> > >>>>>>> > >>>>>>> But when I start the service, I get the below error: > >>>>>>> > >>>>>>> Jul 21, 2008 9:15:10 AM > >>>>>>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean > >>>>>>> buildServiceFromClass > >>>>>>> INFO: Creating Service {http://test.com}ws from class > >>>>>>> com.test.cxf.HelloWorld > >>>>>>> Exception in thread "main" java.lang.IllegalStateException: Port > 9001 > >>>>>>> is configured with wrong protocol "http" for > >>>>>>> "https://localhost:9001/hello"; > >>>>>>> at > >>>>>>> > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.retrieveEngine(JettyHTTPDestination.java:115) > > >>>>>>> > >>>>>>> at > >>>>>>> > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.finalizeConfig(JettyHTTPDestination.java:134) > > >>>>>>> > >>>>>>> at > >>>>>>> > org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.createDestination(JettyHTTPTransportFactory.java:123) > > >>>>>>> > >>>>>>> at > >>>>>>> > org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.getDestination(JettyHTTPTransportFactory.java:103) > > >>>>>>> > >>>>>>> at > >>>>>>> > org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90) > >>>>>>> at > org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69) > >>>>>>> at > >>>>>>> > org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:115) > >>>>>>> > >>>>>>> at > >>>>>>> > org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.java:164) > > >>>>>>> > >>>>>>> at com.test.cxf.Server.main(Server.java:104) > >>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > >>>>>>> at > >>>>>>> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > >>>>>>> > >>>>>>> at > >>>>>>> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > > >>>>>>> > >>>>>>> at java.lang.reflect.Method.invoke(Method.java:585) > >>>>>>> at > >>>>>>> > com.intellij.rt.execution.application.AppMain.main(AppMain.java:90) > >>>>>>> > >>>>>>> > >>>>>>> Any thoughts on this issue? > >>>>>>> > >>>>>>> Thank you, > >>>>>>> -Arul > >>>>>>> > >>>>>>> > >>>>>>> ______________________________ > >>>>>>> > >>>>>>> > >>>>> > >>>>> > >>>> > >>>> > >>> > >>> > >> > >> > > > > > > > ________________________________ > Scanned by MessageLabs for Flux > ________________________________ > > -- View this message in context: http://www.nabble.com/CXF-ssl-sample-using-CXF-APIs-tp18570914p18671409.html Sent from the cxf-user mailing list archive at Nabble.com.
