Hi, Currently, I´m developing an OSGi packaged CXF-BC bundle which has to host several web service clients. The communication has to be secured setting a TLS configuration based on PKCS#12 keystores. Everything is ok when I use the 'file' parameter in the keystore configuration but I´m not able to make it work using the 'resource' parameter.
I guess it´s a classloading problem but I can´t find out why my bundle doesn´t resolve the resources. The keystores are embedded into the bundle. The main parts of my configuration files are the following: * service-client.xml <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"; xmlns:ns="http://......"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://servicemix.apache.org/cxfbc/1.0 http://servicemix.apache.org/cxfbc/1.0/servicemix-cxf-bc.xsd";> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-http.xml" /> <cxfbc:provider wsdl="classpath:wsdl/myws.wsdl" locationURI="https://..../MyService"; service="ns:myservice" endpoint="myport" interfaceName="ns:myporttype"> <cxfbc:providedBus> <ref bean="cxf"/> </cxfbc:providedBus> </cxfbc:provider> <bean class="org.apache.servicemix.common.osgi.EndpointExporter" /> </beans> * sec.xml <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:sec="http://cxf.apache.org/configuration/security"; xmlns:http="http://cxf.apache.org/transports/http/configuration"; xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"; xsi:schemaLocation="http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd";> <http:conduit name="{......}myport.http-conduit"> <http:tlsClientParameters> <sec:trustManagers> <sec:keyStore type="JKS" resource="security/mytruststore.jks" /> </sec:trustManagers> <sec:keyManagers keyPassword="*******"> <sec:keyStore type="PKCS12" password="********" resource="security/mykeystore.p12" /> </sec:keyManagers> <sec:cipherSuitesFilter> <!-- these filters ensure that a ciphersuite with export-suitable or null encryption is used, but exclude anonymous Diffie-Hellman key change as this is vulnerable to man-in-the-middle attacks --> <sec:include>.*_EXPORT_.*</sec:include> <sec:include>.*_EXPORT1024_.*</sec:include> <sec:include>.*_WITH_DES_.*</sec:include> <sec:include>.*_WITH_NULL_.*</sec:include> <sec:exclude>.*_DH_anon_.*</sec:exclude> </sec:cipherSuitesFilter> </http:tlsClientParameters> </http:conduit> <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl" /> </beans> * pom.xml .......... <plugin> <groupId>org.apache.felix</groupId> <artifactId>maven-bundle-plugin</artifactId> <extensions>true</extensions> <configuration> <instructions> <Import-Package> javax.jws, javax.wsdl, javax.xml.bind, javax.xml.bind.annotation, javax.xml.namespace, javax.xml.soap, javax.xml.ws, META-INF.cxf, org.apache.cxf.bus, org.apache.cxf.bus.spring, org.apache.cxf.bus.resource, org.apache.cxf.configuration.spring, org.apache.cxf.resource, org.apache.servicemix.cxfbc, org.springframework.beans.factory.config, org.apache.servicemix.common.osgi </Import-Package> <Require-Bundle>org.apache.cxf.bundle</Require-Bundle> </instructions> </configuration> </plugin> ........ I would appreciate any help. Thanks in advance. BR, Juanjo.
