-
1. Re: Camel CMIS SSL support
davsclaus Jan 9, 2015 2:58 AM (in response to narayanan.hari)Its currently not supported in camel-cmis.
I suggest to look at what Apache Chemistry
http://chemistry.apache.org/java/opencmis.html
supports. Then we can see what it takes to add that to the camel-cmis component. for SSL there is camel jsse that would be great to support then
http://camel.apache.org/camel-configuration-utilities.html
Then its a matter of using that to setup a SSLContextParameters that camel-cmis can use.
-
2. Re: Re: Camel CMIS SSL support
narayanan.hari Jan 9, 2015 3:54 PM (in response to davsclaus)Yup. Apache Chemistry exports an AuthenticationProvider interface org.apache.chemistry.opencmis.commons.spi.AuthenticationProvider that includes:
SSLSocketFactory getSSLSocketFactory(); HostnameVerifier getHostnameVerifier();
May be we can subclass org.apache.chemistry.opencmis.client.bindings.spi.StandardAuthenticationProvider to overload these 2 methods with the SSLSocketFactory created from SSLContextParameters.
Currently Camel CMISSessionFacade creates the chemistry Session using SessionFactoryLocator.getSessionFactory().createSession(parameter);
Instead, we could use
createSession(Map<String, String> parameters, ObjectFactory objectFactory, AuthenticationProvider authenticationProvider, Cache cache)
under org.apache.chemistry.opencmis.client.runtime.SessionFactoryImpl class to inject the AuthenticationProvider.
-
3. Re: Re: Camel CMIS SSL support
narayanan.hari Jan 9, 2015 8:18 PM (in response to narayanan.hari)Creating custom AuthenticationProvider creates OSGi classloader issues as the OpenCMIS api does not have visibility to custom class.. it may work on non-OSGi environments.
-
4. Re: Camel CMIS SSL support
davsclaus Jan 12, 2015 4:02 AM (in response to narayanan.hari)Thanks for diving into this to see what can be done.
I have logged a ticket at Apache to add support for SSL
-
5. Re: Re: Camel CMIS SSL support
narayanan.hari Jan 12, 2015 9:02 AM (in response to davsclaus)Thanks very much, Claus. Few concerns:
1. Apache Chemistry exports an AuthenticationProvoider interface, but the interface SessionFactory only exports createSession(parameter) and only the implementation class org.apache.chemistry.opencmis.client.runtime.SessionFactoryImpl supports using AuthenticationProvider.
2. The package org.apache.chemistry.opencmis.client.runtime is not osgi-exported by Chemistry API, so we cannot directly access org.apache.chemistry.opencmis.client.runtime.SessionFactoryImpl in OSGi environments.
3. Chemistry API supports custom AuthenticationProvider using the SessionParameter.AUTHENTICATION_PROVIDER_CLASS parameter , but then it does Class.forName(authProviderClassName).newInstance() to create the instance which is causing ClassNotFoundException since Chemistry API does not have visibility to custom authentication provider in OSGi environment.
It looks like few changes are required at Chemistry side as well. Once again, thanks very much.