Versions Compared

Old Version 4

changes.mady.by.user Christian Schneider

Saved on

compared with

New Version 5

changes.mady.by.user willem jiang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated the standalone http transport configuration

...

Code Block
xml
xml
<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:sec="http://cxf.apache.org/configuration/security"
  xmlns:http="http://cxf.apache.org/transports/http/configuration"
  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
  xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
  xsi:schemaLocation="
  		   http://cxf.apache.org/configuration/security
  		      http://cxf.apache.org/schemas/configuration/security.xsd
           http://cxf.apache.org/transports/http/configuration
              http://cxf.apache.org/schema/transports/http.xsd
schemas/configuration/http-conf.xsd
           http://cxf.apache.org/transports/http-jetty/configuration
              http://cxf.apache.org/schemas/configuration/http-jetty.xsd
           http://www.springframework.org/schema/beans
              http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">


  <http:destination idname="{http://apache.org/hello_world_soap_http}GreeterImplPort.http-destination">    
  </http:destination>
  <http:sslServer>

  <httpj:engine-factory bus="cxf">
         <sec:Keystore>src/demo/hw_https/resources/celtix.p12</sec:Keystore>
<!-- you just need to specify the TLS Server configuration for the certain port -->
	 <httpj:engine port="9003">
	     <httpj:tlsServerParameters>
	      <sec:KeystoreType>PKCS12</sec:KeystoreType>
keyManagers keyPassword="password">
	      <sec:KeystorePassword>celtixpass</sec:KeystorePassword>
     <sec:keyStore type="JKS" password="password" 
	                file="src/test/java/org/apache/cxf/systest/http/resources/Tarpin.jks"/>
	      <sec:KeyPassword>celtixpass<</sec:KeyPassword>keyManagers>
	      <sec:WantClientAuthentication>true</sec:WantClientAuthentication>trustManagers>
	      <sec:RequireClientAuthentication>true</sec:RequireClientAuthentication>
    <sec:keyStore type="JKS" password="password"
	               <sec:TrustStore>src/demo/hw_httpsfile="src/test/java/org/apache/cxf/systest/http/resources/celtixp12.truststore<Truststore.jks"/>
	      </sec:TrustStore>trustManagers>
	      <sec:CiphersuiteFilters>cipherSuitesFilter>
	        <!-- these filters ensure that a ciphersuite with
	          export-suitable or null encryption is used,
	          but exclude anonymous Diffie-Hellman key change as
	          this is vulnerable to man-in-the-middle attacks -->
	        <sec:include>.*_EXPORT_.*</sec:include>
	        <sec:include>.*_EXPORT1024_.*</sec:include>
	        <sec:include>.*_WITH_DES_.*</sec:include>
	        <sec:include>.*_WITH_NULL_.*</sec:include>
	        <sec:exclude>.*_DH_anon_.*</sec:exclude>
	      </sec:CiphersuiteFilters>
cipherSuitesFilter>
	      <sec:clientAuthentication want="true" required="true"/>
	    </httphttpj:sslServer>tlsServerParameters>
	  </httphttpj:destination>
engine>
   </httpj:engine-factory>
</beans>bean>

Add the static content pages into the jetty server

...