-
1. Re: cxf.xml doesn't work under JBoss 6.1
asoldano Dec 12, 2011 5:02 AM (in response to tao_dl)1 of 1 people found this helpfulIn the JBossWS-CXF integration, you can also turn on the disableCNCheck flag by setting the org.jboss.security.ignoreHttpsHost sys property (-Dorg.jboss.security.ignoreHttpsHost=true)
-
2. Re: cxf.xml doesn't work under JBoss 6.1
tao_dl Dec 12, 2011 6:34 AM (in response to asoldano)Hello Soldano, thanks a lot for your tipp! I solved the problem with the following line:
System.setProperty("org.jboss.security.ignoreHttpsHost", "true");
Another way to solve the problem is to use the JaxWsProxyFactoryBean method:
---------------------------------------------------------------------------------------------------------------------------------------
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.interceptor.*;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
MyWebServiceEndpoint port = null;
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(MyWebServiceEndpoint.class);
factory.setAddress(MyWebServiceURL());
port = (MyWebServiceEndpoint) factory.create();
configHttpConduit(port);
BindingProvider bp = (BindingProvider)port;
bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
...
private void configHttpConduit(Object service) {
Client clientProxy = ClientProxy.getClient(service);
HTTPConduit conduit = (HTTPConduit) clientProxy.getConduit();
String targetAddr = conduit.getTarget().getAddress().getValue();
if (targetAddr.toLowerCase().startsWith("https:")) {
TrustManager[] simpleTrustManager = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
}
} };
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setTrustManagers(simpleTrustManager);
tlsParams.setDisableCNCheck(true);
tlsParams.setSecureSocketProtocol("SSL"); // This line is not very necessary.
conduit.setTlsClientParameters(tlsParams);
}
}