[英]Wildfly's JAXWS implementation seems to ignore bindingProvider property com.sun.xml.ws.transport.https.client.SSLSocketFactory
My environment is a Maven Project and Wildfly (8.2.1) as Application Server. 我的环境是Maven Project和Wildfly(8.2.1)作为Application Server。 What I need is to connect wihin a incoming REST call to a third party server using SOAP.
我需要的是使用SOAP将传入的REST调用连接到第三方服务器。 I need SSL Client Authentication;
我需要SSL客户端身份验证; therefore, I have my own KeyStore and TrustStore.
因此,我有自己的KeyStore和TrustStore。 I create therefore my own SSLContext and need to let the WebService use this SSLContext.
因此,我创建了自己的SSLContext,并且需要让WebService使用此SSLContext。
There is a problem with Wildfly and it's used implementation of JAXWS (Apache CXF?) - I described it here (but with another aproach to solve the problem; therefore it is not a duplicate post! ): Wildfly有一个问题,它使用了JAXWS(Apache CXF?)的实现 - 我在这里描述了它(但是用另一个方法来解决问题;因此它不是重复的帖子! ):
Wildfly: How to use JAXWS-RI instead of Apache CXF (WebService client only) Wildfly:如何使用JAXWS-RI而不是Apache CXF(仅限WebService客户端)
One of the main problems seems to be that JAXWS used in Wildfly seems to ignore setting the own SSLContext with property com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory
: 其中一个主要问题似乎是Wildfly中使用的JAXWS似乎忽略了使用属性
com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory
设置自己的SSLContext:
MyWS_Service service = new MyWS_Service(null, new QName("http://...", "MyWS"));
MyWS port = service.getMyWSSOAP();
BindingProvider bindingProvider = (BindingProvider) port;
bindingProvider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https://hostname:443/.../...");
// the following setting is ignored!
bindingProvider.getRequestContext().put("com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory", mySslSocketFactory);
// in some posts, we see that we need to eliminate 'internal' in the property. This does not help!
bindingProvider.getRequestContext().put("com.sun.xml.ws.transport.https.client.SSLSocketFactory", mySslSocketFactory);
The proof that it is ignored is that if I use HttpsURLConnection.setDefaultSSLSocketFactory(mySslSocketFactory)
to set the SSLContext, it does work - means the SSL connection is established thanks to the imported root CA to the customized TrustStore setup in the SSLContext. 忽略它的证据是,如果我使用
HttpsURLConnection.setDefaultSSLSocketFactory(mySslSocketFactory)
来设置SSLContext,它确实有效 - 意味着SSL连接已建立,这要归功于导入的根CA到SSLContext中的自定义TrustStore设置。
If we look at other posts (eg How to programmatically set the SSLContext of a JAX-WS client? ) this property should work (even for Wildfly according some comments there). 如果我们查看其他帖子(例如, 如何以编程方式设置JAX-WS客户端的SSLContext? ),这个属性应该可以工作(即使对Wildfly也有一些评论)。 But it does not in my situation.
但它不适合我的情况。 What can be the cause of this?
这可能是什么原因?
The problem is definitifely that Apache CXF ignores 问题是Apache CXF忽略了这个问题
bindingProvider.getRequestContext().put(
"com.sun.xml.[internal.]ws.transport.https.client.SSLSocketFactory", mySslSocketFactory);
in oposite to some comments some where. 在某些评论的相反位置。
So my final solution is to programmatically setup the HTTPConduit
used (rather than set a config in a cxf.xml
file). 所以我的最终解决方案是以编程方式设置所使用的
HTTPConduit
(而不是在cxf.xml
文件中设置配置)。
// Set custom SSLContext.
HTTPConduit conduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();
TLSClientParameters tlsClientParameters = new TLSClientParameters();
tlsClientParameters.setSSLSocketFactory(customSSLContext.getSocketFactory());
conduit.setTlsClientParameters(tlsClientParameters);
I hope that this helps someone having similar issues... 我希望这可以帮助有类似问题的人......
When using the HTTPConduit
solution for Wildfly 10 I had to add jboss-deployment-structure.xml
使用Wildfly 10的
HTTPConduit
解决方案时,我不得不添加jboss-deployment-structure.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-deployment-structure>
<deployment>
<dependencies>
<module name="org.jboss.ws.cxf.jbossws-cxf-client" services="import" />
<module name="org.apache.cxf.impl" export="true">
<imports>
<include path="META-INF" />
<include path="META-INF/cxf" />
<include path="META-INF/services" />
</imports>
</module>
</dependencies>
</deployment>
</jboss-deployment-structure>
My solution to Widfly 8.2.1: 我对Widfly 8.2.1的解决方案:
1) Add the file src/main/resources/META-INF/services/javax.xml.ws.spi.Provider with the line com.sun.xml.ws.spi.ProviderImpl inside 1)使用com.sun.xml.ws.spi.ProviderImpl行添加文件src / main / resources / META-INF / services / javax.xml.ws.spi.Provider
2) Add the maven dependency: 2)添加maven依赖:
<dependency>
<groupId>com.sun.xml.ws</groupId>
<artifactId>jaxws-rt</artifactId>
<version>2.2.8</version>
</dependency>
3) Add the SSLSocketFactory this way: 3)以这种方式添加SSLSocketFactory:
bindingProvider.getRequestContext().put("com.sun.xml.ws.transport.https.client.SSLSocketFactory", mySslSocketFactory);
Apache CXF ignores the JAX-WS properties. Apache CXF忽略JAX-WS属性。 You can specify the TLS Client Parameters programmatically the following way:
您可以通过以下方式以编程方式指定TLS客户端参数:
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setUseHttpsURLConnectionDefaultSslSocketFactory(false);
tlsParams.setSSLSocketFactory(sslSocketFactory);
bindingProvider.getRequestContext().put(TLSClientParameters.class.getName(), tlsParams);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.