8 Replies Latest reply on Jul 20, 2012 9:08 AM by jjakub

cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

jjakub Jul 17, 2012 10:38 AM

how can I configure jaxws:endpoint to use https without using org.ops4j.pax.web.cfg

- on my own configured cxf,

with cxf:endpoint it is sufficient to set address="https://localhost:8443/..."

jaxws:endpoint fails (tries to use default port and http, setting address doesn't help)

windows

fuseservicemix-4.4.1-fuse-06-03

file etc\org.ops4j.pax.web.cfg.stub is with stub suffix (unused)

<jaxws:endpoint implementor="#abcBean" address="https://localhost:8443/cxf/abcChannel"...

I get error

Caused by: java.lang.RuntimeException: Protocol mismatch for port 8443: engine's protocol is http, the url protocol is https

similar service works fine but is exposed with

<cxf:cxfEndpoint

id="fsmChannel" address="https://localhost:8443/cxf/worksOkChannel"...

cxf:cxfEndpointworks fine,

cxf:cxfEndpoint doesn't use default port, is configured with

<httpj:engine-factory bus="cxf">

<httpj:identifiedTLSServerParameters id="secure">

<httpj:tlsServerParameters>

<sec:keyManagers keyPassword="pass1234">

<sec:keyStore type="JKS" password="pass1234"

file="etc/privatestore.jks"/>

</sec:keyManagers>

<sec:trustManagers>

<sec:keyStore type="JKS" password="soapui1234"

file="C:\opt\apache-servicemix-4.4.1-fuse-06-03\etc\moj_ca.jks"/>

</sec:trustManagers>

<sec:clientAuthentication want="true"

required="true" />

</httpj:tlsServerParameters>

</httpj:identifiedTLSServerParameters>

<httpj:engine port="8443" host="localhost" >

<httpj:tlsServerParametersRef id="secure" />

<httpj:threadingParameters minThreads="5"

maxThreads="15" />

<httpj:sessionSupport>true</httpj:sessionSupport>

</httpj:engine>

</httpj:engine-factory>

Thx

1. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

ffang Jul 17, 2012 7:49 PM (in response to jjakub)

Hi,

You also need configure httpj to support the https for jaxws:endpoint, just like you do for
cxf:cxfEndpoint, take a look at to get more details.

http://fusesource.com/docs/framework/2.4/security/front.html

Freeman
Actions
2. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

njiang Jul 17, 2012 10:06 PM (in response to jjakub)

Is the jaxws:endpoint and cxf:cxfEndpoint are in the same spring configuration file?

From the stack trace it looks like the jetty server configuration is not loaded by the jaxws:endpoint. Can you double check it?

Willem
Actions
3. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

jjakub Jul 18, 2012 2:48 AM (in response to njiang)

jaxws:endpoint and cxf:cxfEndpoint are in separate spring configuration files in separate bundles

<httpj:engine-factory bus="cxf"> is in the same file as cxf:cxfEndpoint

jetty server configuration is not loaded
there are below imports in both conf files ( jaxws:endpoint and cxf:cxfEndpoint)
is this loading of jetty server configuration You wrote above?

thx
Actions
4. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

jjakub Jul 18, 2012 3:31 AM (in response to ffang)

I used xmlns:http="http://cxf.apache.org/transports/http/configuration"
schemaLocation="                        http://cxf.apache.org/transports/http/configuration
              http://cxf.apache.org/schemas/configuration/http-conf.xsd"

<http:destination name="somePort.http-destination">

     <http:tlsServerParameters>
         <sec:clientAuthentication want="true" required="true"/>
    </http:tlsServerParameters>

</http:destination>

error:

Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'http:tlsServerParameters'. One of '{"http://cxf.apache.org/transports/http/configuration":server, "http://cxf.apache.org/transports/http/configuration":contextMatchStrategy, "http://cxf.apache.org/transports/http/configuration":fixedParameterOrder}' is expected.

http://cxf.apache.org/docs/schemas-and-namespaces.html -->
http://cxf.apache.org/schemas/configuration/http-conf.xsd
here is no tlsServerParameters

possibly http means some other xsd, but I cannot figure out which,
eg here it is the same as mine: http://cxf.apache.org/docs/jetty-configuration.html

http://fusesource.com/docs/framework/2.4/security/i305901.html doesn't show schema, only
<http:destination id="PortName.http-destination">
<http:tlsServerParameters>
    ...
    <sec:clientAuthentication want="true" required="true"/>
</http:tlsServerParameters>
</http:destination>

thx
Actions
5. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

ffang Jul 18, 2012 4:31 AM (in response to jjakub)

Hi,
The error
Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'http:tlsServerParameters'. One of
indicates that you should use httpj:tlsServerParameters but not http:tlsServerParameters

You should add something like

Freeman
Actions
6. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

jjakub Jul 18, 2012 8:26 AM (in response to ffang)

it seems to me that in
http://cxf.apache.org/schemas/configuration/http-jetty.xsd

there is only one element:
<xs:element name="engine-factory" type="tns:JettyHTTPServerEngineFactoryConfigType">

I have already configured full
<httpj:engine-factory bus="cxf"> ...
with
<httpj:tlsServerParameters>...
<sec:clientAuthentication want="true" required="true" />
...
in other bundle (as shown in my first message),

should <httpj:engine-factory bus="cxf"> be repeated in each spring conf file using jaxws:endpoint?
isn't it sufficient to do it once?
Actions
7. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

ffang Jul 18, 2012 8:50 AM (in response to jjakub)

Hi,

No, each bundle has its own bus so you need configure httpj:engine-factory for each bundle separately.

Freeman
Actions
8. Re: cxf https via jaxws:endpoint without using org.ops4j.pax.web.cfg

jjakub Jul 20, 2012 9:08 AM (in response to ffang)

thx for help, it worked fine
Actions

Go to original post