Hi Dan, Thanks. How can I set the TLS params in the STSClient? Is there an example of using STSClient this way?
-Vinay -----Original Message----- From: Daniel Kulp [mailto:[email protected]] Sent: Friday, August 05, 2011 5:29 PM To: [email protected] Cc: Penmatsa, Vinay Subject: Re: TLSClientParameters > Client client = ClientProxy.getClient(port); > STSClient stsClient = new STSClient(client.getBus()); You have two separate clients there.... the client from the port and an STSClient. You are setting the TLS stuff on the port's client, but not the STSClient. That's likely the issue. Dan On Friday, August 05, 2011 12:11:43 PM Penmatsa, Vinay wrote: > Hi Dan, > No. But not sure if I'm affecting it somehow. Here's my code: > > ------ > Client client = ClientProxy.getClient(port); > STSClient stsClient = new STSClient(client.getBus()); > HTTPConduit http = (HTTPConduit) client.getConduit(); > TLSClientParameters param = new TLSClientParameters(); > param.setDisableCNCheck(true); > Properties cProps = new Properties(); > cProps.load(new FileReader("client.properties")); > Merlin m = new Merlin(cProps); > KeyManagerFactory kmf = > KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); > TrustManagerFactory tmf = > TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); > kmf.init(m.getKeyStore(), "password1".toCharArray()); > tmf.init(m.getTrustStore()); > param.setKeyManagers(kmf.getKeyManagers()); > param.setTrustManagers(tmf.getTrustManagers()); > http.setTlsClientParameters(param); > > stsClient.setWsdlLocation("<wsdl url>"); > stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512} > STS"); > stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/20051 > 2}UT"); Map<String,Object> stsProps = new HashMap<String,Object>(); > stsProps.put("ws-security.username", "user"); > stsProps.put("ws-security.password", "password"); > stsClient.setProperties(stsProps); > SecurityToken st = stsClient.requestSecurityToken(); > ----- > > I'm using cxf 2.4. > > > > > -----Original Message----- > From: Daniel Kulp [mailto:[email protected]] > Sent: Friday, August 05, 2011 11:49 AM > To: [email protected] > Cc: Penmatsa, Vinay > Subject: Re: TLSClientParameters > > On Friday, August 05, 2011 11:32:08 AM Penmatsa, Vinay wrote: > > Hi Prisca, > > Thanks for the link. > > This can be fallback solution, but I prefer to do it programmatically. > > While debugging the source, it seems a new conduit object is created in > > HttpTransportFactory.getConduit(). So, the client.getConduit() in my > > code > > is ignored. Not sure how to fix that > > Do you have a different ConduitSelector installed on the client? The > default one should just be creating a single Conduit for the client and > re-using it. I'm not sure why a second call to > HttpTransportFactory.getConduit would be occuring. > > Dan > > > Regards, > > Vinay > > > > -----Original Message----- > > From: Prisca POLYTE [mailto:[email protected]] > > Sent: Friday, August 05, 2011 11:18 AM > > To: [email protected] > > Subject: Re: TLSClientParameters > > > > Hey, > > > > is it possible for you to use Spring for instance ? > > > > If it is then you should have a look to > > http://cxf.apache.org/docs/client-http-transport-including-ssl-support.h > > tml# ClientHTTPTransport%28includingSSLsupport%29-ConfiguringSSLSupport > > > > HTH > > > > Regards > > -- > > Prisca > > > > On Fri, Aug 5, 2011 at 5:10 PM, Penmatsa, Vinay > > <[email protected]>wrote: > > > I'm unable to set the 'disableCNCheck' programmatically as below: > > > > > > HTTPConduit http = (HTTPConduit) client.getConduit(); > > > TLSClientParameters param = new TLSClientParameters(); > > > param.setDisableCNCheck(true); > > > http.setTlsClientParameters(param); > > > > > > > > > What's the correct way to do this? > > > > > > > > > Thanks, > > > Vinay -- Daniel Kulp [email protected] http://dankulp.com/blog Talend - http://www.talend.com
