Hello, I'd like to confirm something: The CXF documentation shows where cipher suite filters can be defined on the client-side: http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
However, for service-side, you apparently need to configure the underlying servlet container and not the web service itself, for example here with Jetty: https://cwiki.apache.org/confluence/display/CXF20DOC/Standalone+HTTP+Transport http://fusesource.com/docs/framework/2.2/security/i343422.html And Tomcat has a "ciphers" element that will apparently do the same thing: http://tomcat.apache.org/tomcat-6.0-doc/config/http.html. So there is no web-service level configuration of cipher suite filters, but just that of the servlet container (or Endpoint implementation) hosting the web service, correct? Thanks, Glen -- View this message in context: http://cxf.547215.n5.nabble.com/How-service-side-HTTPS-cipher-suite-filters-are-defined-tp2638182p2638182.html Sent from the cxf-user mailing list archive at Nabble.com.
