Author: buildbot
Date: Tue Apr 30 10:56:52 2019
New Revision: 1044345
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/docs.pageCache
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.
Modified:
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
==============================================================================
---
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
(original)
+++
websites/production/cxf/content/docs/client-http-transport-including-ssl-support.html
Tue Apr 30 10:56:52 2019
@@ -100,15 +100,7 @@ Apache CXF -- Client HTTP Transport (inc
<div id="wrapper-menu-page-bottom">
<div id="menu-page">
<!-- NavigationBar -->
-<div id="navigation"><ul class="alternate"><li><a shape="rect"
href="overview.html">Overview</a></li><li><a shape="rect"
href="how-tos.html">How-Tos</a></li><li><a shape="rect"
href="frontends.html">Frontends</a></li><li><a shape="rect"
href="databindings.html">DataBindings</a></li><li><a shape="rect"
href="transports.html">Transports</a></li><li><a shape="rect"
href="configuration.html">Configuration</a></li><li><a shape="rect"
href="debugging-and-logging.html">Debugging and Logging</a></li><li><a
shape="rect" href="tools.html">Tools</a></li><li><a shape="rect"
href="restful-services.html">RESTful Services</a></li><li><a shape="rect"
href="wsdl-bindings.html">WSDL Bindings</a></li><li><a shape="rect"
href="service-routing.html">Service Routing</a></li><li><a shape="rect"
href="dynamic-languages.html">Dynamic Languages</a></li><li><a shape="rect"
href="ws-support.html">WS-* Support</a></li><li><a shape="rect"
href="advanced-integration.html">Advanced Integration</a></li><li><a shape
="rect" href="deployment.html">Deployment</a></li><li><a shape="rect"
href="schemas-and-namespaces.html">Use of Schemas and
Namespaces</a></li></ul><hr><ul
class="alternate"><li><p>Search</p></li></ul><form
enctype="application/x-www-form-urlencoded" method="get" id="cse-search-box"
action="http://www.google.com/cse";>
- <div>
- <input type="hidden" name="cx" value="002890367768291051730:o99qiwa09y4">
- <input type="hidden" name="ie" value="UTF-8">
- <input type="text" name="q" size="21">
- <input type="submit" name="sa" value="Search">
- </div>
-</form>
-<script type="text/javascript"
src="http://www.google.com/cse/brand?form=cse-search-box&lang=en";></script><hr><ul
class="alternate"><li><a shape="rect"
href="http://cxf.apache.org/javadoc/latest/";>API 3.2.x (Javadoc)</a></li><li><a
shape="rect" href="http://cxf.apache.org/javadoc/latest-3.1.x/";>API 3.1.x
(Javadoc)</a></li><li><a shape="rect" href="http://cxf.apache.org/";>CXF
Website</a></li></ul><p> </p><p><a shape="rect" class="external-link"
href="http://www.apache.org/events/current-event.html";><span
class="confluence-embedded-file-wrapper"><img class="confluence-embedded-image
confluence-external-resource"
src="http://www.apache.org/events/current-event-125x125.png";
data-image-src="http://www.apache.org/events/current-event-125x125.png";></span></a></p></div>
+<div id="navigation"><ul class="alternate"><li><a shape="rect"
href="overview.html">Overview</a></li><li><a shape="rect"
href="how-tos.html">How-Tos</a></li><li><a shape="rect"
href="frontends.html">Frontends</a></li><li><a shape="rect"
href="databindings.html">DataBindings</a></li><li><a shape="rect"
href="transports.html">Transports</a></li><li><a shape="rect"
href="configuration.html">Configuration</a></li><li><a shape="rect"
href="debugging-and-logging.html">Debugging and Logging</a></li><li><a
shape="rect" href="tools.html">Tools</a></li><li><a shape="rect"
href="restful-services.html">RESTful Services</a></li><li><a shape="rect"
href="wsdl-bindings.html">WSDL Bindings</a></li><li><a shape="rect"
href="service-routing.html">Service Routing</a></li><li><a shape="rect"
href="dynamic-languages.html">Dynamic Languages</a></li><li><a shape="rect"
href="ws-support.html">WS-* Support</a></li><li><a shape="rect"
href="advanced-integration.html">Advanced Integration</a></li><li><a shape
="rect" href="deployment.html">Deployment</a></li><li><a shape="rect"
href="schemas-and-namespaces.html">Use of Schemas and
Namespaces</a></li></ul><hr><ul
class="alternate"><li><p>Search</p></li></ul><div class="aui-message
aui-message-error"><p class="title"><strong>Error rendering macro
'html'</strong></p><p>Your Confluence administrator has disallowed the use of
Javascript in the HTML macro. This setting can be changed using HTML for
Confluence Configuration. Please see your administrator for
details.</p></div><hr><ul class="alternate"><li><a shape="rect"
href="http://cxf.apache.org/javadoc/latest/";>API 3.2.x (Javadoc)</a></li><li><a
shape="rect" href="http://cxf.apache.org/javadoc/latest-3.1.x/";>API 3.1.x
(Javadoc)</a></li><li><a shape="rect" href="http://cxf.apache.org/";>CXF
Website</a></li></ul><p> </p><p><a shape="rect" class="external-link"
href="http://www.apache.org/events/current-event.html";><span
class="confluence-embedded-file-wrapper"><img class="confluence-em
bedded-image confluence-external-resource"
src="http://www.apache.org/events/current-event-125x125.png";
data-image-src="http://www.apache.org/events/current-event-125x125.png";></span></a></p></div>
<!-- NavigationBar -->
</div>
</div>
@@ -119,11 +111,11 @@ Apache CXF -- Client HTTP Transport (inc
<!-- Content -->
<div class="wiki-content">
<div id="ConfluenceContent"><p><style type="text/css">/*<![CDATA[*/
-div.rbtoc1555584970183 {padding: 0px;}
-div.rbtoc1555584970183 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1555584970183 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1556621773882 {padding: 0px;}
+div.rbtoc1556621773882 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1556621773882 li {margin-left: 0px;padding-left: 0px;}
-/*]]>*/</style></p><div class="toc-macro rbtoc1555584970183">
+/*]]>*/</style></p><div class="toc-macro rbtoc1556621773882">
<ul class="toc-indentation"><li><a shape="rect"
href="#ClientHTTPTransport(includingSSLsupport)-Authentication">Authentication</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#ClientHTTPTransport(includingSSLsupport)-BasicAuthentication">Basic
Authentication</a></li><li><a shape="rect"
href="#ClientHTTPTransport(includingSSLsupport)-DigestAuthentication">Digest
Authentication</a></li><li><a shape="rect"
href="#ClientHTTPTransport(includingSSLsupport)-Supplyingdynamicauthorization">Supplying
dynamic authorization</a></li><li><a shape="rect"
href="#ClientHTTPTransport(includingSSLsupport)-SpnegoAuthentication(Kerberos)">Spnego
Authentication (Kerberos)</a>
<ul class="toc-indentation"><li><a shape="rect"
href="#ClientHTTPTransport(includingSSLsupport)-CredentialDelegation">Credential
Delegation</a></li></ul>
@@ -185,7 +177,7 @@ div.rbtoc1555584970183 li {margin-left:
</conduit>
...
</pre>
-</div></div><h2
id="ClientHTTPTransport(includingSSLsupport)-NTLMAuthentication">NTLM
Authentication</h2><p>CXF doesn't support NTLM authentication "out of the box"
on Java 5, but with some additional libraries and configuration, the standard
HttpURLConnection objects that we use can do the NTLM authentication. On Java
6, NTLM authentication is built into the Java runtime and you don't need to do
anything special.</p><p>On Java 5, you need a library that will augment the
HttpURLConnection to do it. See: <a shape="rect" class="external-link"
href="http://jcifs.samba.org/src/docs/httpclient.html";
rel="nofollow">http://jcifs.samba.org/src/docs/httpclient.html</a> Note: jcifs
is LGPL licensed, not Apache licensed.</p><p>Next, you need to configure jcifs
to use the correct domains, wins servers, etc... Notice that the<br
clear="none">bit which sets the username/password to use for NTLM is commented
out. If credentials are<br clear="none">missing jcifs will use the underlying
NT credentia
ls.</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
+</div></div><h2
id="ClientHTTPTransport(includingSSLsupport)-NTLMAuthentication">NTLM
Authentication</h2><p>CXF doesn't support NTLM authentication "out of the box"
on Java 5, but with some additional libraries and configuration, the standard
HttpURLConnection objects that we use can do the NTLM authentication. On Java
6, NTLM authentication is built into the Java runtime and you don't need to do
anything special.</p><p>On Java 5, you need a library that will augment the
HttpURLConnection to do it. See: <a shape="rect" class="external-link"
rel="nofollow"
href="http://jcifs.samba.org/src/docs/httpclient.html";>http://jcifs.samba.org/src/docs/httpclient.html</a>
Note: jcifs is LGPL licensed, not Apache licensed.</p><p>Next, you need to
configure jcifs to use the correct domains, wins servers, etc... Notice that
the<br clear="none">bit which sets the username/password to use for NTLM is
commented out. If credentials are<br clear="none">missing jcifs will use the
underlying NT credentia
ls.</p><div class="code panel pdl" style="border-width: 1px;"><div
class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default">//Set the jcifs
properties
jcifs.Config.setProperty("jcifs.smb.client.domain", "ben.com");
jcifs.Config.setProperty("jcifs.netbios.wins", "xxx.xxx.xxx.xxx");
@@ -218,7 +210,7 @@ http.setClient(httpClientPolicy);
</conduit></pre>
</div></div><p>This works over HTTPS and HTTPS, but note for the latter it is
necessary to set the following system property (see <a shape="rect"
class="external-link"
href="https://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html";
rel="nofollow">here</a> for more information "Disable Basic authentication for
HTTPS tunneling"):</p><div class="code panel pdl" style="border-width:
1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme:
Default">-Djdk.http.auth.tunneling.disabledSchemes=</pre>
-</div></div><p><br clear="none"></p><h1
id="ClientHTTPTransport(includingSSLsupport)-ConfiguringSSLSupport">Configuring
SSL Support</h1><p>When using an "https" URL, CXF will, by default, use the
certs and keystores that are part of the JDK. For many HTTPs applications, that
is enough and no configuration is necessary. However, when using custom client
certificates or self signed server certificates or similar, you may need to
specifically configure in the keystores and trust managers and such to
establish the SSL connection.</p><p>To configure your client to use SSL, you'll
need to add an <http:conduit> definition to your XML configuration file.
See the <a shape="rect" href="configuration.html">Configuration</a> guide to
learn how to supply your own XML configuration file to CXF. If you are already
using Spring, this can be added to your existing beans definitions.</p><p>A <a
shape="rect" class="external-link"
href="https://github.com/apache/cxf/tree/master/distribution/src/m
ain/release/samples/wsdl_first_https/" rel="nofollow">wsdl_first_https</a>
sample can be found in the CXF distribution with more detail. </p><p>Here is a
sample of what your conduit definition might look like:</p><div class="code
panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+</div></div><p><br clear="none"></p><h1
id="ClientHTTPTransport(includingSSLsupport)-ConfiguringSSLSupport">Configuring
SSL Support</h1><p>When using an "https" URL, CXF will, by default, use the
certs and keystores that are part of the JDK. For many HTTPs applications, that
is enough and no configuration is necessary. However, when using custom client
certificates or self signed server certificates or similar, you may need to
specifically configure in the keystores and trust managers and such to
establish the SSL connection.</p><p>To configure your client to use SSL, you'll
need to add an <http:conduit> definition to your XML configuration file.
See the <a shape="rect" href="configuration.html">Configuration</a> guide to
learn how to supply your own XML configuration file to CXF. If you are already
using Spring, this can be added to your existing beans definitions.</p><p>A <a
shape="rect" class="external-link"
href="https://github.com/apache/cxf/tree/master/distribution/src/m
ain/release/samples/wsdl_first_https/" rel="nofollow">wsdl_first_https</a>
sample can be found in the CXF distribution with more detail.</p><p>Here is a
sample of what your conduit definition might look like:</p><div class="code
panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default"><beans
xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:sec="http://cxf.apache.org/configuration/security";
@@ -299,7 +291,7 @@ http.setClient(httpClientPolicy);
</http-conf:conduit>
...
</pre>
-</div></div><p>The <code>http-conf:conduit</code> element has a number of
child elements that specify configuration information. They are described
below. See also Sun's <a shape="rect" class="external-link"
href="http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html";
rel="nofollow">JSSE Guide</a> for more information on configuring SSL.</p><div
class="table-wrap"><table class="wrapped confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Element</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:client</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the HTTP connection properties
such as timeouts, keep-alive requests, content types, etc.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:authorization</code></p></td><td
colspan="1" rowspan="1" class="confluenceT
d"><p>Specifies the the parameters for configuring the basic authentication
method that the endpoint uses preemptively.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>http-conf:proxyAuthorization</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the parameters for
configuring basic authentication against outgoing HTTP proxy
servers.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:tlsClientParameters</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the parameters used
to configure SSL/TLS.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:authSupplier</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the bean reference or
class name of the object that supplies the authentication information used by
the endpoint both preemptively or in response to a 401 HTTP
challenge.</p></td></tr><tr><td colspan="1" rows
pan="1"
class="confluenceTd"><p><code>http-conf:trustDecider</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the bean reference or
class name of the object that checks the HTTP(S) URLConnection object in order
to establish trust for a connection with an HTTPS service provider before any
information is transmitted.</p></td></tr></tbody></table></div><h3
id="ClientHTTPTransport(includingSSLsupport)-Theclientelement">The
<code>client</code> element</h3><p>The <code>http-conf:client</code> element is
used to configure the non-security properties of a client's HTTP connection.
Its attributes, described below, specify the connection's properties.</p><div
class="table-wrap"><table class="wrapped confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Attribute</p></th><th
colspan="1" rowspan="1"
class="confluenceTh"><p>Description</p></th></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>ConnectionTimeout</code></p></td>
<td colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the amount of
time, in milliseconds, that the client will attempt to establish a connection
before it times out. The default is 30000 (30 seconds). <br clear="none"
class="atl-forced-newline">0 specifies that the client will continue to attempt
to open a connection indefinitely.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ReceiveTimeout</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the amount of time, in
milliseconds, that the client will wait for a response before it times out. The
default is 60000. <br clear="none" class="atl-forced-newline">0 specifies that
the client will wait indefinitely.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>AutoRedirect</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies if the client will automatically
follow a server issued redirection. The default is false.</p></td></tr><t
r><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>MaxRetransmits</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the maximum number of times a
client will retransmit a request to satisfy a redirect. The default is -1 which
specifies that unlimited retransmissions are allowed.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>AllowChunking</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies whether the client will send
requests using chunking. The default is true which specifies that the client
will use chunking when sending requests. <br clear="none"
class="atl-forced-newline">Chunking cannot be used used if either of the
following are true:</p><ul><li><code>http-conf:basicAuthSupplier</code> is
configured to provide credentials
preemptively.</li><li><code>AutoRedirect</code> is set to true. <br
clear="none" class="atl-forced-newline">In both cases the value of
<code>AllowChunking</code> is igno
red and chunking is disallowed. <br clear="none"
class="atl-forced-newline">See note about chunking
below.</li></ul></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ChunkingThreshold</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the threshold at which CXF will
switch from non-chunking to chunking. By default, messages less than 4K are
buffered and sent non-chunked. Once this threshold is reached, the message is
chunked.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Accept</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Specifies what media types the client is prepared to
handle. The value is used as the value of the HTTP <code>Accept</code>
property. The value of the attribute is specified using as multipurpose
internet mail extensions (MIME) types. See note about chunking
below.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>AcceptLanguage</code></p></td
><td colspan="1" rowspan="1" class="confluenceTd"><p>Specifies what language
>(for example, American English) the client prefers for the purposes of
>receiving a response. The value is used as the value of the HTTP
>AcceptLanguage property. <br clear="none" class="atl-forced-newline">Language
>tags are regulated by the International Organization for Standards (ISO) and
>are typically formed by combining a language code, determined by the ISO-639
>standard, and country code, determined by the ISO-3166 standard, separated by
>a hyphen. For example, en-US represents American
>English.</p></td></tr><tr><td colspan="1" rowspan="1"
>class="confluenceTd"><p><code>AcceptEncoding</code></p></td><td colspan="1"
>rowspan="1" class="confluenceTd"><p>Specifies what content encodings the
>client is prepared to handle. Content encoding labels are regulated by the
>Internet Assigned Numbers Authority (IANA). The value is used as the value of
>the HTTP <code>AcceptEncoding</code> property.</p></td></tr><tr><td c
olspan="1" rowspan="1"
class="confluenceTd"><p><code>ContentType</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the media type of the data being
sent in the body of a message. Media types are specified using multipurpose
internet mail extensions (MIME) types. The value is used as the value of the
HTTP <code>ContentType</code> property. The default is <code>text/xml</code>.
<br clear="none" class="atl-forced-newline"><strong>Tip:</strong> For web
services, this should be set to <code>text/xml</code>. If the client is sending
HTML form data to a CGI script, this should be set to
application/x-www-form-urlencoded. If the HTTP POST request is bound to a fixed
payload format (as opposed to SOAP), the content type is typically set to
application/octet-stream.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Host</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Specifies the Internet host and port number of the resou
rce on which the request is being invoked. The value is used as the value of
the HTTP <code>Host</code> property. <br clear="none"
class="atl-forced-newline"><strong>Tip:</strong> This attribute is typically
not required. It is only required by certain DNS scenarios or application
designs. For example, it indicates what host the client prefers for clusters
(that is, for virtual servers mapping to the same Internet protocol (IP)
address).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Connection</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies whether a particular connection
is to be kept open or closed after each request/response dialog. There are two
valid values:</p><ul><li><code>Keep-Alive</code>(default) specifies that the
client wants to keep its connection open after the initial request/response
sequence. If the server honors it, the connection is kept open until the
consumer closes it.</li><li><code>close</code> specifie
s that the connection to the server is closed after each request/response
sequence.</li></ul></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CacheControl</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies directives about the behavior
that must be adhered to by caches involved in the chain comprising a request
from a client to a server.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Cookie</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Specifies a static cookie to be sent with all
requests.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>BrowserType</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies information about the browser
from which the request originates. In the HTTP specification from the World
Wide Web consortium (W3C) this is also known as the <em>user-agent</em>. Some
servers optimize based upon the client that is sending
the request.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Referer</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the URL of the resource that
directed the consumer to make requests on a particular service. The value is
used as the value of the HTTP Referer property. <br clear="none"
class="atl-forced-newline"><strong>Note:</strong> This HTTP property is used
when a request is the result of a browser user clicking on a hyperlink rather
than typing a URL. This can allow the server to optimize processing based upon
previous task flow, and to generate lists of back-links to resources for the
purposes of logging, optimized caching, tracing of obsolete or mistyped links,
and so on. However, it is typically not used in web services applications. <br
clear="none" class="atl-forced-newline"><strong>Important:</strong> If the
AutoRedirect attribute is set to true and the request is redirected, any value
specified in the Refererattrib
ute is overridden. The value of the HTTP Referer property will be set to the
URL of the service who redirected the consumer's original
request.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>DecoupledEndpoint</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the URL of a decoupled endpoint
for the receipt of responses over a separate server->client connection. <br
clear="none" class="atl-forced-newline"><strong>Warning:</strong> You must
configure both the client and server to use WS-Addressing for the decoupled
endpoint to work.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ProxyServer</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the URL of the proxy server
through which requests are routed.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ProxyServerPort</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the port
number of the proxy server through which requests are
routed.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd">NonProxyHosts</td><td colspan="1" rowspan="1"
class="confluenceTd">Specifies a list of hosts that should be directly routed.
This value is a list of patterns separated by '|', where each pattern may start
or end with a '*' for wildcard matching.</td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>ProxyServerType</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the type of proxy
server used to route requests. Valid values
are:</p><ul><li>HTTP(default)</li><li>SOCKS</li></ul></td></tr></tbody></table></div><h4
id="ClientHTTPTransport(includingSSLsupport)-ExampleusingtheClientElement">Example
using the <code>Client</code> Element</h4><p>The example below shows a the
configuration for an HTTP client that wants to keep its connection to the
server open between requests, will only retransmit requests once per invoca
tion, and cannot use chunking streams.</p><div class="code panel pdl"
style="border-width: 1px;"><div class="codeHeader panelHeader pdl"
style="border-bottom-width: 1px;"><b>HTTP Consumer Endpoint
Configuration</b></div><div class="codeContent panelContent pdl">
+</div></div><p>The <code>http-conf:conduit</code> element has a number of
child elements that specify configuration information. They are described
below. See also Sun's <a shape="rect" class="external-link"
href="http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html";
rel="nofollow">JSSE Guide</a> for more information on configuring SSL.</p><div
class="table-wrap"><table class="wrapped confluenceTable"><tbody><tr><th
colspan="1" rowspan="1" class="confluenceTh"><p>Element</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:client</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the HTTP connection properties
such as timeouts, keep-alive requests, content types, etc.</p></td></tr><tr><td
colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:authorization</code></p></td><td
colspan="1" rowspan="1" class="confluenceT
d"><p>Specifies the the parameters for configuring the basic authentication
method that the endpoint uses preemptively.</p></td></tr><tr><td colspan="1"
rowspan="1"
class="confluenceTd"><p><code>http-conf:proxyAuthorization</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the parameters for
configuring basic authentication against outgoing HTTP proxy
servers.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:tlsClientParameters</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the parameters used
to configure SSL/TLS.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>http-conf:authSupplier</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the bean reference or
class name of the object that supplies the authentication information used by
the endpoint both preemptively or in response to a 401 HTTP
challenge.</p></td></tr><tr><td colspan="1" rows
pan="1"
class="confluenceTd"><p><code>http-conf:trustDecider</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the bean reference or
class name of the object that checks the HTTP(S) URLConnection object in order
to establish trust for a connection with an HTTPS service provider before any
information is transmitted.</p></td></tr></tbody></table></div><h3
id="ClientHTTPTransport(includingSSLsupport)-Theclientelement">The
<code>client</code> element</h3><p>The <code>http-conf:client</code> element is
used to configure the non-security properties of a client's HTTP connection.
Its attributes, described below, specify the connection's properties.</p><div
class="table-wrap"><table class="wrapped confluenceTable"><colgroup
span="1"><col span="1"><col span="1"></colgroup><tbody><tr><th colspan="1"
rowspan="1" class="confluenceTh"><p>Attribute</p></th><th colspan="1"
rowspan="1" class="confluenceTh"><p>Description</p></th></tr><tr><td
colspan="1" rowspan="1" class
="confluenceTd"><p><code>ConnectionTimeout</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the amount of time, in
milliseconds, that the client will attempt to establish a connection before it
times out. The default is 30000 (30 seconds). <br clear="none"
class="atl-forced-newline">0 specifies that the client will continue to attempt
to open a connection indefinitely.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ReceiveTimeout</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the amount of time, in
milliseconds, that the client will wait for a response before it times out. The
default is 60000. <br clear="none" class="atl-forced-newline">0 specifies that
the client will wait indefinitely.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>AutoRedirect</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies if the client will automatically
follow a server
issued redirection. The default is false.</p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>MaxRetransmits</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the maximum number of
times a client will retransmit a request to satisfy a redirect. The default is
-1 which specifies that unlimited retransmissions are
allowed.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>AllowChunking</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies whether the client will send
requests using chunking. The default is true which specifies that the client
will use chunking when sending requests. <br clear="none"
class="atl-forced-newline">Chunking cannot be used if either of the following
are true:</p><ul><li><code>http-conf:basicAuthSupplier</code> is configured to
provide credentials preemptively.</li><li><code>AutoRedirect</code> is set to
true. <br clear="none" class="atl-forced-newline">In both
cases the value of <code>AllowChunking</code> is ignored and chunking is
disallowed. <br clear="none" class="atl-forced-newline">See note about chunking
below.</li></ul></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ChunkingThreshold</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the threshold at which CXF will
switch from non-chunking to chunking. By default, messages less than 4K are
buffered and sent non-chunked. Once this threshold is reached, the message is
chunked.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Accept</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Specifies what media types the client is prepared to
handle. The value is used as the value of the HTTP <code>Accept</code>
property. The value of the attribute is specified using as multipurpose
internet mail extensions (MIME) types. See note about chunking
below.</p></td></tr><tr><td colspan="1" rowspan="1" class=
"confluenceTd"><p><code>AcceptLanguage</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies what language (for example,
American English) the client prefers for the purposes of receiving a response.
The value is used as the value of the HTTP AcceptLanguage property. <br
clear="none" class="atl-forced-newline">Language tags are regulated by the
International Organization for Standards (ISO) and are typically formed by
combining a language code, determined by the ISO-639 standard, and country
code, determined by the ISO-3166 standard, separated by a hyphen. For example,
en-US represents American English.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>AcceptEncoding</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies what content encodings the client
is prepared to handle. Content encoding labels are regulated by the Internet
Assigned Numbers Authority (IANA). The value is used as the value of the HTTP
<code>A
cceptEncoding</code> property.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ContentType</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the media type of the data being
sent in the body of a message. Media types are specified using multipurpose
internet mail extensions (MIME) types. The value is used as the value of the
HTTP <code>ContentType</code> property. The default is <code>text/xml</code>.
<br clear="none" class="atl-forced-newline"><strong>Tip:</strong> For web
services, this should be set to <code>text/xml</code>. If the client is sending
HTML form data to a CGI script, this should be set to
application/x-www-form-urlencoded. If the HTTP POST request is bound to a fixed
payload format (as opposed to SOAP), the content type is typically set to
application/octet-stream.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Host</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Spe
cifies the Internet host and port number of the resource on which the request
is being invoked. The value is used as the value of the HTTP <code>Host</code>
property. <br clear="none" class="atl-forced-newline"><strong>Tip:</strong>
This attribute is typically not required. It is only required by certain DNS
scenarios or application designs. For example, it indicates what host the
client prefers for clusters (that is, for virtual servers mapping to the same
Internet protocol (IP) address).</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Connection</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies whether a particular connection
is to be kept open or closed after each request/response dialog. There are two
valid values:</p><ul><li><code>Keep-Alive</code>(default) specifies that the
client wants to keep its connection open after the initial request/response
sequence. If the server honors it, the connection is kept open until the co
nsumer closes it.</li><li><code>close</code> specifies that the connection to
the server is closed after each request/response
sequence.</li></ul></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>CacheControl</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies directives about the behavior
that must be adhered to by caches involved in the chain comprising a request
from a client to a server.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Cookie</code></p></td><td colspan="1" rowspan="1"
class="confluenceTd"><p>Specifies a static cookie to be sent with all
requests.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>BrowserType</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies information about the browser
from which the request originates. In the HTTP specification from the World
Wide Web consortium (W3C) this is also known as the <em>user-agent</em>. Some se
rvers optimize based upon the client that is sending the
request.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>Referer</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the URL of the resource that
directed the consumer to make requests on a particular service. The value is
used as the value of the HTTP Referer property. <br clear="none"
class="atl-forced-newline"><strong>Note:</strong> This HTTP property is used
when a request is the result of a browser user clicking on a hyperlink rather
than typing a URL. This can allow the server to optimize processing based upon
previous task flow, and to generate lists of back-links to resources for the
purposes of logging, optimized caching, tracing of obsolete or mistyped links,
and so on. However, it is typically not used in web services applications. <br
clear="none" class="atl-forced-newline"><strong>Important:</strong> If the
AutoRedirect attribute is set to true and the request is
redirected, any value specified in the Refererattribute is overridden. The
value of the HTTP Referer property will be set to the URL of the service who
redirected the consumer's original request.</p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>DecoupledEndpoint</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the URL of a
decoupled endpoint for the receipt of responses over a separate
server->client connection. <br clear="none"
class="atl-forced-newline"><strong>Warning:</strong> You must configure both
the client and server to use WS-Addressing for the decoupled endpoint to
work.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ProxyServer</code></p></td><td colspan="1"
rowspan="1" class="confluenceTd"><p>Specifies the URL of the proxy server
through which requests are routed.</p></td></tr><tr><td colspan="1" rowspan="1"
class="confluenceTd"><p><code>ProxyServerPort</code></p></td><td colspan="1" r
owspan="1" class="confluenceTd"><p>Specifies the port number of the proxy
server through which requests are routed.</p></td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd">NonProxyHosts</td><td colspan="1" rowspan="1"
class="confluenceTd">Specifies a list of hosts that should be directly routed.
This value is a list of patterns separated by '|', where each pattern may start
or end with a '*' for wildcard matching.</td></tr><tr><td colspan="1"
rowspan="1" class="confluenceTd"><p><code>ProxyServerType</code></p></td><td
colspan="1" rowspan="1" class="confluenceTd"><p>Specifies the type of proxy
server used to route requests. Valid values
are:</p><ul><li>HTTP(default)</li><li>SOCKS</li></ul></td></tr></tbody></table></div><h4
id="ClientHTTPTransport(includingSSLsupport)-ExampleusingtheClientElement">Example
using the <code>Client</code> Element</h4><p>The example below shows a the
configuration for an HTTP client that wants to keep its connection to the
server open between re
quests, will only retransmit requests once per invocation, and cannot use
chunking streams.</p><div class="code panel pdl" style="border-width:
1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width:
1px;"><b>HTTP Consumer Endpoint Configuration</b></div><div class="codeContent
panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default"><beans
xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration";
![http://www.apache.org/events/current-event-125x125.png"](http://www.apache.org/events/current-event-125x125.png"){kind=link}