Re: Http:conduit isn't picked up

Mon, 14 Feb 2011 00:16:29 -0800 

Hi,
http:conduit is used for client side configuration, your http:conduit configuration here is enable a client to connect a https service, but not enable a https service. If I understand your requirement correctly, you want to run cxf service in tomcat container over https transport, you need check with tomcat docs to see how to configure tomcat to support https. 

Freeman
On 2011-2-3, at 下午4:36, HHendriks wrote:



Hello,


I want to be able to run my service over SSL. I've created a simple  
service

and added the following http-conduit to my applicationContext-cxf.xml:

        <!-- Webservice endpoints -->

	<jaxws:endpoint id="calendarWebService"  
implementor="#calendarService"

                address="/CalendarService">
        </jaxws:endpoint>

        <http:conduit name="*.http-conduit">
                <http:tlsClientParameters>
                        <sec:keyManagers keyPassword="server">
                                <sec:keyStore type="JKS" password="server"

					file="src/main/java/resources/certificates/ 
server_keystore.jks" />

                        </sec:keyManagers>
                        <sec:trustManagers>
                                <sec:keyStore type="JKS" password="server"

					file="src/main/java/resources/certificates/ 
server_truststore.jks" />

                        </sec:trustManagers>
                        <sec:cipherSuitesFilter>

				<!-- these filters ensure that a ciphersuite with export- 
suitable or

                                        null encryption is used, but exclude 
anonymous Diffie-Hellman key
change
                                        as this is vulnerable to man-in-the-middle 
attacks -->
                                <sec:include>.*_EXPORT_.*</sec:include>
                                <sec:include>.*_EXPORT1024_.*</sec:include>
                                <sec:include>.*_WITH_DES_.*</sec:include>
                                <sec:include>.*_WITH_NULL_.*</sec:include>
                                <sec:exclude>.*_DH_anon_.*</sec:exclude>
                        </sec:cipherSuitesFilter>
                </http:tlsClientParameters>
                <http:authorization>
                        <sec:UserName>Betty</sec:UserName>
                        <sec:Password>Ugly</sec:Password>
                </http:authorization>
                <http:client AutoRedirect="true" Connection="Keep-Alive" />
        </http:conduit>


When i deploy the service, i can get the wsdl with any certificate  
request
or anything. I also see no logging of somekind that an SSL  
connection is

setup for the service.

Can anyone tell me what I'm doing wrong?


I'm running on Spring 3.0.5.RELEASE with CXF 2.2.3 and deploying on  
Tomcat

6.0.29

Best regards!
--
View this message in context: 
http://cxf.547215.n5.nabble.com/Http-conduit-isn-t-picked-up-tp3368957p3368957.html
Sent from the cxf-user mailing list archive at Nabble.com.



--
Freeman Fang

------------------------

FuseSource: http://fusesource.com
blog: http://freemanfang.blogspot.com
twitter: http://twitter.com/freemanfang
Apache Servicemix:http://servicemix.apache.org
Apache Cxf: http://cxf.apache.org
Apache Karaf: http://karaf.apache.org
Apache Felix: http://felix.apache.org























					Reply via email to