-
1. Re: blueprint conversion problems
Hi,
I just checked the CXF trunk code, current we don't have blueprint support as you want on the Jetty server. If you want to do it , you may need write some java code to such kind of configuration.
Willem
-
2. Re: blueprint conversion problems
Below is the code I used to configure this in Java. It tends to work. You will need to add cxf-rt-transports-http-jetty as a dependency in your pom.xml.
-
package my.test.classes
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.camel.builder.RouteBuilder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.BusFactory;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
import org.apache.cxf.configuration.security.ClientAuthentication;
import org.apache.cxf.configuration.security.FiltersType;
import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;
public class TlsConfigurator extends RouteBuilder
{
private static final Log LOG = LogFactory.getLog(TlsConfigurator.class);
@Override
public void configure()
{
try
{
final String ksLoc=getContext().resolvePropertyPlaceholders("{{karaf.home}}/{{keystore.location}}");
final String ksPass=getContext().resolvePropertyPlaceholders("{{keystore.password}}");
final String kPass=getContext().resolvePropertyPlaceholders("{{key.password}}");
final String tsLoc=getContext().resolvePropertyPlaceholders("{{karaf.home}}/{{truststore.location}}");
final String tsPass=getContext().resolvePropertyPlaceholders("{{truststore.passwprd}}");
final String portStr=getContext().resolvePropertyPlaceholders("{{port}}");
final int port=Integer.valueOf(portStr);
ClientAuthentication ca = new ClientAuthentication();
ca.setRequired(true);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(ksLoc),ksPass.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, kPass.toCharArray());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(tsLoc),tsPass.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustMaanagerFactory.getDefaultAlgorithm());
tmf.init(ts);
FiltersType ft = new FiltersType();
ft.getInclude().add(".WITH3DES_.");
fs.getExclude().add(".WITHDES_.");
fs.getExclude().add(".WITHNULL_.");
fs.getExclude().add(".DHanon_.");
TLSServerParameters sp = new TLSServerParameters();
sp.setClientAuthentication(ca);
sp.setKeyManagers(kmf.getKeyManagers);
sp.setTrustManagers(tmf.getTrustManagers);
sp.setCipherSuitesFilter(ft);
JettyHTTPServerEngineFactory f = BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class);
if (f == null)
{
f = new JettyHTTPServerEngineFactory();
BusFactory.getDefaultBus().setExtension(f, JettyHTTPServerEngineFactory.class);
}
f.setTLSServerParametersForPort(port, sp);
}
catch(Exception e)
{
LOG.error(e.getMessage(), e);
}
}
}
-
3. Re: blueprint conversion problems
Yeah, it could work if you just have only one normal CXF bus, as you are using the BusFactory.getDefaultBus().
If you there are more than one CXF application, you may consider to create a new Bus and pass it into camel-cxf endpoint by using the bus option like this[1]
http://willemjiang.blogspot.com/2010/02/configure-camel-cxf-endpoint-advance.html
Willem