8 Replies Latest reply on Aug 3, 2016 8:21 AM by beenalud

    Making a WebService available via https

    inspector
    inspector Mar 19, 2015 10:40 AM

      Hi everybody,

       

      I've got a webservice which by the .wsdl should be available via https.

       

      I can make the service available via http but I haven't figured out how to do in via https. When I read the doc right, I will have to do something like this:

      <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:jaxws="http://cxf.apache.org/blueprint/jaxws"
           xmlns:cxf="http://cxf.apache.org/blueprint/core"
           xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
           xmlns:sec="http://cxf.apache.org/configuration/security"
           xmlns:beans="http://www.springframework.org/schema/beans"
           xsi:schemaLocation="
      http://cxf.apache.org/blueprint/core http://cxf.apache.org/schemas/blueprint/core.xsd
      http://cxf.apache.org/blueprint/jaxws http://cxf.apache.org/schemas/blueprint/jaxws.xsd
      http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
      ">
   <cxf:bus>
        <cxf:features>
            <httpj:identifiedTLSServerParameters id="secure">
                <httpj:tlsServerParameters>
                    <sec:keyManagers keyPassword="changeit">
                        <sec:keyStore type="JKS" password="changeit"
                                      file="/home/me/keystore.jks"/>
                    </sec:keyManagers>
                </httpj:tlsServerParameters>
            </httpj:identifiedTLSServerParameters>


            <httpj:engine port="9001">
                <httpj:tlsServerParametersRef id="secure" />
                <httpj:threadingParameters minThreads="5"
                                           maxThreads="15" />
                <httpj:connector>
                    <beans:bean class="org.eclipse.jetty.server.bio.SocketConnector">
                        <beans:property name = "port" value="9001" />
                    </beans:bean>
                </httpj:connector>
                <httpj:handlers>
                    <beans:bean class="org.eclipse.jetty.server.handler.DefaultHandler"/>
                </httpj:handlers>
                <httpj:sessionSupport>true</httpj:sessionSupport>
            </httpj:engine>

            <jaxws:endpoint implementor="com.acme.MyService"
                            address="https://localhost:9001/services/MyService"/>
        </cxf:features>
    </cxf:bus>


</blueprint>

       

      When I deploy this bundle via osgi:install it will go active but the blueprint state will stay on GracePeriod forever (I have tried waiting longer than the default grace period of 5mins bunt not longer than 10mins). I'm kind of confused because I'm kind of fresh with both FUSE and OSGI.

       

      Any hints on what I probably missed?

       

      Regards!

        • 1. Re: Making a WebService available via https
          bharadwaj
          bharadwaj Mar 19, 2015 11:22 PM (in response to inspector)

          SSL Support (HTTPS)

          Using the JSSE Configuration Utility

          As of Camel 2.8, the Jetty component supports SSL/TLS configuration through the Camel JSSE Configuration Utility.  This utility greatly decreases the amount of component specific code you need to write and is configurable at the endpoint and component levels.  The following examples demonstrate how to use the utility with the Jetty component.

           

          <camel:sslContextParameters

                id="sslContextParameters">

              <camel:keyManagers

                  keyPassword="keyPassword">

                <camel:keyStore

                    resource="/users/home/server/keystore.jks"

                    password="keystorePassword"/>

              </camel:keyManagers>

            </camel:sslContextParameters>...

          ...

            <to uri="jetty:https://127.0.0.1/mail/?sslContextParametersRef=sslContextParameters"/>

          Configuring Jetty Directly

          Jetty provides SSL support out of the box. To enable Jetty to run in SSL mode, simply format the URI with the https:// prefix---for example:

           

          <from uri="jetty:https://0.0.0.0/myapp/myservice/"/>

           

          1 of 1 people found this helpful
            • Actions
          • 2. Re: Making a WebService available via https
            inspector
            inspector Mar 20, 2015 8:34 AM (in response to bharadwaj)

            Thanks for your reply.

             

            As far as I understood you, you suggest to set up a camel route that consumes from the exposed endpoint and routes the messages to cxf?

              • Actions
            • 3. Re: Making a WebService available via https
              bharadwaj
              bharadwaj Mar 20, 2015 9:45 AM (in response to inspector)

              no, instead of cxf use Jetty component to expose/ produce https service as :

               

              <to uri="jetty:https://127.0.0.1/mail/?sslContextParametersRef =sslContextParameters"/>

                • Actions
              • 4. Re: Making a WebService available via https
                inspector
                inspector Mar 25, 2015 5:09 AM (in response to bharadwaj)

                Sorry for my late reply, I'm working on mutliple projects at the moment.

                 

                Ok, but how do I bring the soap message into my (java) web service implementation? I thought I'd need cxf for that.

                  • Actions
                • 5. Re: Making a WebService available via https
                  bharadwaj
                  bharadwaj Mar 25, 2015 5:47 AM (in response to inspector)

                  There is a problem in ur code :

                  jaxws endpoint should be placed out of cxf:bus. and i would suggest u to use cxf:endpoint instead of jaxws

                   

                   

                  <cxf:cxfEndpoint id="serviceEndpoint" address="https://localhost:9001/services/MyService"

                      serviceClass="com.acme.MyService">

                      <cxf:outInterceptors>

                          <ref bean="loggingOutInterceptor"/>

                      </cxf:outInterceptors>

                      <cxf:properties>

                          <entry key="dataFormat" value="PAYLOAD"/>

                      </cxf:properties>

                  </cxf:cxfEndpoint>

                    • Actions
                  • 6. Re: Making a WebService available via https
                    inspector
                    inspector Mar 25, 2015 6:25 AM (in response to bharadwaj)

                    Thanks for your input . Even though I did have it outside of the cxf:bus initially I have not tried it with a cxf:endpoint. Can't do that today but I will definitely try it out.

                      • Actions
                    • 7. Re: Making a WebService available via https
                      inspector
                      inspector Apr 8, 2015 10:12 AM (in response to inspector)

                      Hey thanks by the way. You helped me a lot.

                       

                      What I finally did was set up the jaxws:endpoint via http and build an https proxy with jetty in front of it (with ssl configured as you posted above):


                      <from uri="jetty:https://0.0.0.0:8443/services/MyService?sslContextParametersRef=sslContextParameters&matchOnUriPrefix=true"/>
<to uri="jetty:http://127.0.0.1:8081/services/MyService?bridgeEndpoint=true&throwExceptionOnFailure=false"/>
                        • Actions
                      • 8. Re: Making a WebService available via https
                        beenalud
                        beenalud Aug 3, 2016 8:21 AM (in response to inspector)

                        Please post your complete code . I am getting error while implementing webservice via https.

                        Please help !!!!

                          • Actions