JAX-RS SSL on Google App Engine
-------------------------------
Key: CXF-3064
URL: https://issues.apache.org/jira/browse/CXF-3064
Project: CXF
Issue Type: Improvement
Components: JAX-RS
Affects Versions: 2.2.11
Reporter: Gary Rudolph
I've been using JAX-RS with CXF with Google App Engine with success as a
service provider as well as client proxies. Unfortunately, when a jaxrs spring
injected client needs https I run into issues as the GAE {{HttpURLConnection}}
is non-standard and doesn't contain the method {{getSSLSocketFactory}}.
I noticed that {{TLSClientParameters}} now contains a {{setSSLSocketFactory}},
but it's not exposed through the spring xsd. Can we please change the
{{<http:tlsClientParameters>}} xsd to support injecting the
{{sslSocketFactory}}? Then I could get it from GAE and do it myself.
The other option is to have {{HttpsURLConnectionFactory.decorateWithTLS}}
attempt to get the {{SSLSocketFactory}} using
{{SSLSocketFactory.getSSLSocketFactory}}.
Note, I'm doing the following in a spring config:
{code:xml}
<http:conduit id="where-twilio-conduit" name="https://api.twilio.com/*";>
<!-- FIXME: This will work if we can figure out a way to set
sslSocketFactory to SSLSocketFactory.getSSLSocketFactory -->
<http:tlsClientParameters
useHttpsURLConnectionDefaultSslSocketFactory="true" disableCNCheck="true"/>
<http:authorization>
<sec:UserName>foo</sec:UserName>
<sec:Password>bar</sec:Password>
</http:authorization>
</http:conduit>
<jaxrs:client id="where-twilio-resource"
address="https://api.twilio.com/2008-08-01";
serviceClass="com.lolay.where.service.support.TwilioResource">
<jaxrs:features>
<cxf:logging/>
</jaxrs:features>
</jaxrs:client>
{code}
Then, I'm receiving the following error:
{noformat}
Oct 13, 2010 4:05:56 PM org.apache.cxf.transport.https.SSLUtils getCiphersuites
INFO: The cipher suites have not been configured, falling back to cipher suite
filters.
Oct 13, 2010 4:05:56 PM org.apache.cxf.transport.https.SSLUtils getCiphersuites
INFO: The cipher suite filters have not been configured, falling back to
default filters.
Oct 13, 2010 4:05:56 PM org.apache.cxf.transport.https.SSLUtils
getCiphersFromList
INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5,
SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA,
TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA,
TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA,
TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA,
TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA,
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5.
Oct 13, 2010 4:05:56 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://support.service.where.lolay.com/}TwilioResource has thrown exception,
unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
at
org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:48)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at
org.apache.cxf.jaxrs.client.ClientProxyImpl.doChainedInvocation(ClientProxyImpl.java:438)
at
org.apache.cxf.jaxrs.client.ClientProxyImpl.invoke(ClientProxyImpl.java:177)
at $Proxy43.sendSmsMessage(Unknown Source)
at
com.lolay.where.service.resources.BaseResourceImpl.sendSms(BaseResourceImpl.java:497)
at
com.lolay.where.service.resources.TokenResourceImpl.passwordReset(TokenResourceImpl.java:333)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
com.google.appengine.tools.development.agent.runtime.Runtime.invoke(Runtime.java:100)
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:173)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:89)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:133)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:82)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at
org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:106)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:111)
at
org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:99)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:428)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:144)
at
org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:148)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPut(AbstractHTTPServlet.java:120)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:716)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at
com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:58)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at
com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at
com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at
com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at
com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Caused by: java.io.IOException: Error while initializing secure socket
at
org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:134)
at
org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:504)
at
org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
... 56 more
Caused by: java.lang.IllegalArgumentException: Error decorating connection
class
com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection
at
org.apache.cxf.transport.https.HttpsURLConnectionFactory.decorateWithTLS(HttpsURLConnectionFactory.java:255)
at
org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:125)
... 58 more
Caused by: java.lang.NoSuchMethodException:
com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.getSSLSocketFactory()
at java.lang.Class.getMethod(Class.java:1605)
at
org.apache.cxf.transport.https.HttpsURLConnectionFactory.decorateWithTLS(HttpsURLConnectionFactory.java:231)
... 59 more
{noformat}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
