I am also have this issue. I cannot provide a test case because the service I am connecting to is a SAS. Anything I can provide or logging I can turn on to help with this?
dkulp wrote: > > On Tue May 12 2009 5:10:02 am Marc Logemann wrote: >> Daniel. >> >> >> not that easy to isolate a test case in terms of JAR creation and >> classpath. What IDE are u using? It would be easier to share a small >> test project..... > > I'm using Eclipse. > > Dan > > >> >> --- >> regards >> Marc Logemann >> http://www.logemann.org >> http://www.logentis.de >> >> Am 11.05.2009 um 18:39 schrieb Daniel Kulp: >> > Any chance you could package together a small test case. (maybe a >> > modified >> > version of one of the samples?) I've seen a couple people report >> > that the >> > "*.http-conduit" method of config isn't working, but I haven't been >> > able to >> > reproduce it. If I could get a testcase that shows that it's not >> > working, I >> > could debug it a bit to see what is going on. >> > >> > Thanks! >> > Dan >> > >> > On Sun May 10 2009 12:49:42 pm Marc Logemann wrote: >> >> Hi, >> >> >> >> on testing the my client with HTTPS i am getting this in the console >> >> many times: >> >> >> >> 10.05.2009 18:42:20 org.apache.cxf.transport.https.SSLUtils >> >> getCiphersuites >> >> INFO: The cipher suites have not been configured, falling back to >> >> cipher suite filters. >> >> 10.05.2009 18:42:20 org.apache.cxf.transport.https.SSLUtils >> >> getCiphersuites >> >> INFO: The cipher suite filters have not been configured, falling back >> >> to default filters. >> >> 10.05.2009 18:42:20 org.apache.cxf.transport.https.SSLUtils >> >> getCiphersFromList >> >> INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5, >> >> SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, >> >> TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, >> >> TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, >> >> TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, >> >> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, >> >> SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, >> >> SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, >> >> SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, >> >> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, >> >> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, >> >> TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, >> >> TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, >> >> TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, >> >> TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, >> >> TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5. >> >> >> >> This problem is also described in this "old" thread: >> >> http://markmail.org/thread/kkcp6lbx26al2fo6 >> >> >> >> Of course i also tried the >> >> >> >> <http:conduit name="*.http-conduit"> >> >> <http:tlsClientParameters secureSocketProtocol="SSL"> >> >> <sec:cipherSuitesFilter> <!-- these filters ensure that >> >> a ciphersuite with export-suitable or null encryption is used, but >> >> exclude anonymous Diffie-Hellman key change as this is vulnerable to >> >> man-in-the-middle attacks --> >> >> <sec:include>.*_EXPORT_.*</sec:include> >> >> <sec:include>.*_EXPORT1024_.*</sec:include> >> >> <sec:include>.*_WITH_DES_.*</sec:include> >> >> <sec:include>.*_WITH_NULL_.*</sec:include> >> >> <sec:exclude>.*_DH_anon_.*</sec:exclude> >> >> </sec:cipherSuitesFilter> >> >> </http:tlsClientParameters> >> >> </http:conduit> >> >> >> >> config without luck. But my cxf.xml gets read in my Test client (the >> >> generated client of WSDL2Java). >> >> >> >> In general the client call works with the JAX-WS-style supplied >> >> username and password but i really dont like the logging and i wonder >> >> if its too slow then as mentioned in the thread above. >> >> >> >> Thx for info on this. >> >> >> >> --- >> >> regards >> >> Marc Logemann >> >> http://www.logemann.org >> >> http://www.logentis.de >> > >> > -- >> > Daniel Kulp >> > [email protected] >> > http://www.dankulp.com/blog > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog > > ----- Buzzterrier http://buzzterrier.blogspot.com/ View my blog: Ordinary Average Developer... -- View this message in context: http://www.nabble.com/cipher-suite-filters-have-not-been-configured-tp23471838p24293269.html Sent from the cxf-user mailing list archive at Nabble.com.
