Actually, we may not be able to support SSL with embedded Jetty anyway--look at this thread, as well as a J2SE 6.0 based alternative solution:
http://www.nabble.com/Help-needed-for-SSL-and-Basic-authentication-tt17761832.html HTH, Glen Glen Mazza wrote: > > While I hope others can help you with your problem, if you want to use > SSL, I suspect you'd be better off with a standalone container[1] > anyway--WAR file, web.xml, all that good stuff--this way at least you know > what you're coding on top of. I just haven't researched SSL over embedded > Jetty containers. > > Glen > > [1] http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic > > > Arul Dhesiaseelan wrote: >> >> Can someone look into this pls? >> >> I am close to making this work. But, figuring out what could be wrong is >> still a puzzle to me. >> >> Thank you, >> Arul >> >> Arul Dhesiaseelan wrote: >>> Hello, >>> >>> I did some debugging using CXF 2.1.1 sources. I see the problem in >>> line 201 in JettyHTTPServerEngineFactory.createJettyHTTPServerEngine() >>> where it makes a call to ref.finalizeConfig(). >>> >>> In JettyHTTPServerEngine.finalizeConfig(), it calls method >>> retrieveListenerFactory(). In this method the "tlsServerParameters" is >>> null so the protocol is defaulted to "http" and finally throws the >>> exception. >>> >>> This tells me that I am not correctly setting the TLSServerParameters >>> to the JettyHTTPServerEngine in my code in the correct order. Or, I am >>> not creating the JettyHTTPServerEngine instance properly. >>> >>> Does some one help me if I am missing something here? >>> >>> Appreciate your help. >>> >>> -Arul >>> >>> Arul Dhesiaseelan wrote: >>>> Hello, >>>> >>>> I was trying to use CXF APIs to configure SSL on the service. But, I >>>> am getting an illegal state exception: Port 9001 is configured with >>>> wrong protocol "http" for "https://localhost:9001/hello"; >>>> >>>> JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean(); >>>> sf.setServiceClass(HelloWorld.class); >>>> sf.getServiceFactory().setWrapped(true); >>>> >>>> QName name = new QName("http://test.com";, "ws", ""); >>>> sf.setServiceName(name); >>>> sf.setAddress("https://localhost:9001/hello";); >>>> >>>> HelloWorld helloService = new HelloWorldImpl(); >>>> >>>> sf.getServiceFactory().setInvoker(new BeanInvoker(helloService)); >>>> //org.apache.cxf.endpoint.Server server = sf.create(); >>>> >>>> JettyHTTPServerEngineFactory factory = >>>> sf.getBus().getExtension(JettyHTTPServerEngineFactory.class); >>>> >>>> TLSServerParameters tlsParams = new TLSServerParameters(); >>>> JettyHTTPServerEngine engine = null; >>>> try { >>>> engine = factory.createJettyHTTPServerEngine(9001, "https"); >>>> KeyStore keyStore = KeyStore.getInstance("JKS"); >>>> String trustpass = "password"; >>>> File truststore = new >>>> File("C:\\apache-cxf-2.1.1\\samples\\wsdl_first_https\\certs\\cherry.jks"); >>>> >>>> >>>> keyStore.load(new FileInputStream(truststore), >>>> trustpass.toCharArray()); >>>> KeyManagerFactory keyFactory = >>>> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); >>>> keyFactory.init(keyStore, trustpass.toCharArray()); >>>> KeyManager[] km = keyFactory.getKeyManagers(); >>>> tlsParams.setKeyManagers(km); >>>> >>>> truststore = new >>>> File("C:\\apache-cxf-2.1.1\\samples\\wsdl_first_https\\certs\\truststore.jks"); >>>> >>>> >>>> keyStore.load(new FileInputStream(truststore), >>>> trustpass.toCharArray()); >>>> TrustManagerFactory trustFactory = >>>> TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); >>>> >>>> >>>> trustFactory.init(keyStore); >>>> TrustManager[] tm = trustFactory.getTrustManagers(); >>>> tlsParams.setTrustManagers(tm); >>>> FiltersType filter = new FiltersType(); >>>> filter.getInclude().add(".*_EXPORT_.*"); >>>> filter.getInclude().add(".*_EXPORT1024_.*"); >>>> filter.getInclude().add(".*_WITH_DES_.*"); >>>> filter.getInclude().add(".*_WITH_NULL_.*"); >>>> filter.getExclude().add(".*_DH_anon_.*"); >>>> tlsParams.setCipherSuitesFilter(filter); >>>> ClientAuthentication ca = new ClientAuthentication(); >>>> ca.setRequired(true); >>>> ca.setWant(true); >>>> tlsParams.setClientAuthentication(ca); >>>> tlsParams.setSecureSocketProtocol("SSL"); >>>> if (engine != null) { >>>> engine.setTlsServerParameters(tlsParams); >>>> } >>>> } catch (KeyStoreException kse) { >>>> } catch (NoSuchAlgorithmException nsa) { >>>> } catch (FileNotFoundException fnfe) { >>>> } catch (UnrecoverableKeyException uke) { >>>> } catch (CertificateException ce) { >>>> } catch (GeneralSecurityException gse) { >>>> } catch (IOException ioe) { >>>> } >>>> >>>> List<JettyHTTPServerEngine> engines = new >>>> ArrayList<JettyHTTPServerEngine>(); >>>> if (engine != null) >>>> engines.add(engine); >>>> factory.setEnginesList(engines); >>>> org.apache.cxf.endpoint.Server server = sf.create(); >>>> ((JettyHTTPServerEngine) ((JettyHTTPDestination) >>>> server.getDestination()).getEngine()).setJettyHTTPServerEngineFactory(factory); >>>> >>>> >>>> >>>> String endpoint = >>>> server.getEndpoint().getEndpointInfo().getAddress(); >>>> System.out.println("Server started at " + endpoint); >>>> >>>> >>>> But when I start the service, I get the below error: >>>> >>>> Jul 21, 2008 9:15:10 AM >>>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean >>>> buildServiceFromClass >>>> INFO: Creating Service {http://test.com}ws from class >>>> com.test.cxf.HelloWorld >>>> Exception in thread "main" java.lang.IllegalStateException: Port 9001 >>>> is configured with wrong protocol "http" for >>>> "https://localhost:9001/hello"; >>>> at >>>> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.retrieveEngine(JettyHTTPDestination.java:115) >>>> >>>> >>>> at >>>> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.finalizeConfig(JettyHTTPDestination.java:134) >>>> >>>> >>>> at >>>> org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.createDestination(JettyHTTPTransportFactory.java:123) >>>> >>>> >>>> at >>>> org.apache.cxf.transport.http_jetty.JettyHTTPTransportFactory.getDestination(JettyHTTPTransportFactory.java:103) >>>> >>>> >>>> at >>>> org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:90) >>>> at org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:69) >>>> at >>>> org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:115) >>>> >>>> >>>> at >>>> org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.java:164) >>>> >>>> >>>> at com.test.cxf.Server.main(Server.java:104) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >>>> >>>> >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >>>> >>>> >>>> at java.lang.reflect.Method.invoke(Method.java:585) >>>> at >>>> com.intellij.rt.execution.application.AppMain.main(AppMain.java:90) >>>> >>>> >>>> Any thoughts on this issue? >>>> >>>> Thank you, >>>> -Arul >>>> >>>> >>>> ______________________________ >>> >> >> >> > > -- View this message in context: http://www.nabble.com/CXF-ssl-sample-using-CXF-APIs-tp18570914p18592620.html Sent from the cxf-user mailing list archive at Nabble.com.
