Apache的骆驼CXF HTTPS不工作 [英] apache camel cxf https not working

问题描述

我要发布使用Apache CXF般地一个Web服务。我能够使用HTTP访问的Web服务发布的。不过我想配置使用https相同。但我无法得到它的工作。

下面是Spring上下文的零件和WSDL文件

 ＆LT;骆驼CXF：cxfEndpoint ID =myEndoint
    地址=HTTP：//本地主机：9000 / PostXml /serviceClass =com.XXXXXXXXXX.techquest.ServicesPortType
    的xmlns：SSP =htt​​p://techquest.interswitchng.com/endpointName =SSP：PostXml
    服务名=SSP：PostXml/＆GT;＆LT; HTTP：管道名称=* HTTP的导管＆GT;
    ＆LT; HTTP：tlsClientParameters
        secureSocketProtocol =SSL＆GT;
        ＆LT;秒：keyManagers keyPassword =密码＆GT;
            ＆LT;秒：密钥仓库类型=JKS密码=密码
                文件=A：/apache-sermfino_conf/cherry.jks/＆GT;
        ＆LT; /秒：keyManagers＆GT;
        ＆LT;秒：trustManagers＆GT;
            ＆LT;秒：密钥仓库类型=JKS密码=密码
                文件=A：/apache-ser/truststore.jks/＆GT;
        ＆LT; /秒：trustManagers＆GT;
        ＆LT;秒：cipherSuitesFilter＆GT;
            ＆LT;！ - 这些过滤器确保与出口适合或密码套件
                空加密被使用，但排除匿名Diffie-Hellman密钥变化
                因为这是脆弱的人在这方面的中间人攻击 - ＆GT;
            ＆LT;秒：包括＆GT; * _ _出口* LT /秒：。包括＆GT;
            ＆LT;秒：包括＆GT; * _ _ EXPORT1024 * LT /秒：。包括＆GT;
            ＆LT;秒：包括＆GT; * _ _ WITH_DES * LT /秒：。包括＆GT;
            ＆LT;秒：包括＆GT; * _ _ WITH_AES * LT /秒：。包括＆GT;
            ＆LT;秒：包括＆GT; * _ _ WITH_NULL * LT /秒：。包括＆GT;
            ＆LT;秒：排除＆GT; * _ _ DH_anon * LT /秒：。排除＆GT;
        ＆LT; /秒：cipherSuitesFilter＆GT;
    ＆LT; / HTTP：tlsClientParameters＆GT;
    ＆LT; HTTP：客户AutoRedirect =真正的连接=保持活动/＆GT;
＆LT; / HTTP：导管＆GT;
 

=============================================== ================================

 ＆LT; WSDL：portType的名称=ServicesPortType＆GT;
    ＆LT; WSDL：操作名称=PostXml＆GT;
        ＆LT; WSDL：输入消息=TNS：PostXml/＆GT;
        ＆LT; WSDL：输出消息=TNS：PostXml/＆GT;
    ＆LT; / WSDL：运转＆gt;
＆LT; / WSDL：portType的＆GT;
＆LT; WSDL：绑定名称=ServicesSoap12BindingTYPE =TNS：ServicesPortType＆GT;
    ＆LT; SOAP12：绑定样式=文件
        运输=htt​​p://schemas.xmlsoap.org/soap/http/＆GT;
    ＆LT; WSDL：操作名称=PostXml＆GT;
        ＆LT; SOAP12：操作的soapAction =PostXml的风格=文件/＆GT;
        ＆LT; WSDL：输入＆GT;
            ＆LT; SOAP12：身体使用=文字/＆GT;
        ＆LT; / WSDL：输入＆GT;
        ＆LT; WSDL：输出＆GT;
            ＆LT; SOAP12：身体使用=文字/＆GT;
        ＆LT; / WSDL：输出＆GT;
    ＆LT; / WSDL：运转＆gt;
＆LT; / WSDL：结合＆GT;
＆LT; WSDL：服务名称=ServicesPortTypeService＆GT;
    ＆LT; WSDL：端口绑定=TNS：ServicesSoap12BindingNAME =ServicesSoap12Endpoint＆GT;
        ＆LT; SOAP12：地址位置=HTTP：//本地主机：9000 / PostXml/＆GT;
    ＆LT; / WSDL：端口＆GT;
＆LT; / WSDL：服务＆GT;
 

解决方案

第一种配置是HTTP客户端不是在服务器端。
你可以在这里找到配置示例[1]

[1] http://cxf.apache.org/docs/jetty-configuration.html

I am trying to publish a webservice using apache camel cxf. I am able to access the published webservice using http. However I am trying to configure the same using https. But I am not able to get it to work.

below are parts of spring context and wsdl files

<camel-cxf:cxfEndpoint id="myEndoint"
    address="http://localhost:9000/PostXml/" serviceClass="com.XXXXXXXXXX.techquest.ServicesPortType"
    xmlns:ssp="http://techquest.interswitchng.com/" endpointName="ssp:PostXml"
    serviceName="ssp:PostXml" />

<http:conduit name="*.http-conduit">
    <http:tlsClientParameters
        secureSocketProtocol="SSL">
        <sec:keyManagers keyPassword="password">
            <sec:keyStore type="JKS" password="password"
                file="A:/apache-sermfino_conf/cherry.jks" />
        </sec:keyManagers>
        <sec:trustManagers>
            <sec:keyStore type="JKS" password="password"
                file="A:/apache-ser/truststore.jks" />
        </sec:trustManagers>
        <sec:cipherSuitesFilter>
            <!-- these filters ensure that a ciphersuite with export-suitable or 
                null encryption is used, but exclude anonymous Diffie-Hellman key change 
                as this is vulnerable to man-in-the-middle attacks -->
            <sec:include>.*_EXPORT_.*</sec:include>
            <sec:include>.*_EXPORT1024_.*</sec:include>
            <sec:include>.*_WITH_DES_.*</sec:include>
            <sec:include>.*_WITH_AES_.*</sec:include>
            <sec:include>.*_WITH_NULL_.*</sec:include>
            <sec:exclude>.*_DH_anon_.*</sec:exclude>
        </sec:cipherSuitesFilter>
    </http:tlsClientParameters>
    <http:client AutoRedirect="true" Connection="Keep-Alive" />
</http:conduit>

===============================================================================

<wsdl:portType name="ServicesPortType">
    <wsdl:operation name="PostXml">
        <wsdl:input message="tns:PostXml" />
        <wsdl:output message="tns:PostXml" />
    </wsdl:operation>
</wsdl:portType>            
<wsdl:binding name="ServicesSoap12Binding" type="tns:ServicesPortType">
    <soap12:binding style="document"
        transport="http://schemas.xmlsoap.org/soap/http" />
    <wsdl:operation name="PostXml">
        <soap12:operation soapAction="PostXml" style="document" />
        <wsdl:input>
            <soap12:body use="literal" />
        </wsdl:input>
        <wsdl:output>
            <soap12:body use="literal" />
        </wsdl:output>
    </wsdl:operation>
</wsdl:binding>         
<wsdl:service name="ServicesPortTypeService">
    <wsdl:port binding="tns:ServicesSoap12Binding" name="ServicesSoap12Endpoint">
        <soap12:address location="http://localhost:9000/PostXml" />
    </wsdl:port>
</wsdl:service>

解决方案

The first one configuration is for the http client not for the server side. You can find the configuration example here[1]

[1]http://cxf.apache.org/docs/jetty-configuration.html

这篇关于Apache的骆驼CXF HTTPS不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！