I have created a CXF webservice and exposed it through a Secured (HTTPS) webdomain. From my client directly i access the webservice without even using the SSL certificate of that webdomain.
In my client code i am explicitly setting to trust all the certificates due to which, it not even checks the authenticity of the client. This should not ideally happen for me. On doing some analysis, I see it is possible to do it using the tag <httpj:engine-factory bus="cxf"> (http://fusesource.com/docs/framework/2.1/security/HTTPCompatible.html#i488847). even after adding those entries to my wsdl, i am unable to secure my webservice through my webdomain cert. Could some one please advice ? -- View this message in context: http://cxf.547215.n5.nabble.com/Enadling-Security-for-the-cxf-webservice-tp5730750.html Sent from the cxf-user mailing list archive at Nabble.com.
