On Thu May 28 2009 3:11:32 pm ning_sunrise wrote: > Hi John: > Did you find clue? I have same problem. Thanks
I don't think it's possible. I ran into the same issue when trying to debug some ssl things and ended up putting some temporary code into the HttpsURLConnectionFactory to put a null TrustManager in place. The code is still there, just commented out. Right now, it looks like the TrustManagers can only be created via the normal javax.net.ssl.TrustManagerFactory mechanisms. Thus, to use a custom TrustManager, you have to create and register your own TrustManagerFactory which involves all kinds of yucky things like signed jars and stuff. Not fun. I'd LOVE to see a JIRA issue filed with a patch to support something simpler. Maybe on the TrustManagersType schema type, add a "bean" attribute or something that can point to a separate spring bean or something. Dan > Ning > > John Hite wrote: > > Hi, > > > > > > > > I have a jaxws web service that runs over https. I need the client to use > > a > > custom TrustManager that we have implemented. I know how to do this > > programmatically, but I would like to be able to do this in a > > configuration > > file so I can use Spring to handle the client creation. I looked at > > http://cxf.apache.org/schemas/configuration/security.xsd as well as the > > getTrustManagers(TrustManagersType tmc) code and it does not look like > > this > > is supported. > > > > > > > > Does anyone know a work around? Are there plans to implement this > > functionality? > > > > > > > > > > > > Here is the code that I have that installs the custom trust manager. This > > is > > what I want to be able to do in configuration. > > > > > > > > JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); > > > > factory.setServiceClass(com.mycompany.Service.class); > > > > factory.setAddress(Configuration.getInstance().getConsoleURL()); > > > > Session.service = (com.mycompany.Service) factory.create(); > > > > > > > > Client client = ClientProxy.getClient(Session.adc); > > > > HTTPConduit http = (HTTPConduit) client.getConduit(); > > > > > > > > TLSClientParameters tls = new TLSClientParameters(); > > > > > > > > tls.setDisableCNCheck(true); > > > > tls.setTrustManagers(new TrustManager[]{new CustomTrustManager()}); > > > > > > > > http.setTlsClientParameters(tls); > > > > > > > > Thanks, > > > > John -- Daniel Kulp [email protected] http://www.dankulp.com/blog
