I'm a neewbe with Jboss. I'm currently migrating a java EE 6 application to JBOSS.
I'm struggling with configuration of OUTBOUND https calls where I need to make specific adjustements (choosing a specific alias from the keystore for example, etc.)
Those calls occurs from portions of business logic hosted by JBOSS.
Technically speaking, I'm leveraging the javax.xml.ws.Dispatch interface do dynamically invoke external Web Services.
I'm facing a problem with the hostname verification of the CN of the certificates I.m using. I read on the Apache CXF website that I can adapt the behavior of the runtime
to lessen this kind of validation (and many more other usefull stuff!!!) using a configuration file (cxf.xml).
Altough the documentation says that this file should be used if accessible through the classloader, I haven't figured out a way to make Jboss use it.
I tried to put this file in a module, to add it in the jar where the call is conducted, etc., but it does not seems to have any influence on the behavior of the runtime.
I'm experiencing with JBOSS 7.1.1 final.
Can somebody confim that it is possible to use this file? If so, where should it be deployed to make it available at classes located in /lib/ under themy ear file?.
If not, what are the other possibilities?
Note that this "client invocation" use case differs from the most documented one where those kind of parameters are expressed using jbossws-cxf.xml (or alike) in the endpoint deployment archive...
Included, the cxf.xml content:
<http-conf:conduit name="*.http-conduit" >
<!-- deactivate HTTPS url hostname verification (localhost, etc) -->
<!-- WARNING ! disableCNcheck=true should NOT be used in production -->
|<http-conf:tlsClientParameters disableCNCheck="true" />|