You can find general information how to secure your Camel CXF Consumer with HTTPS here
A simple Camel CXF Consumer configuration which use the http:conduit configuration to enable SSL and an external properties file for all environment specific configurations could looks like:
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ctx="http://www.springframework.org/schema/context" xmlns:camel="http://camel.apache.org/schema/spring" xmlns:camel-cxf="http://camel.apache.org/schema/cxf" xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:sec="http://cxf.apache.org/configuration/security" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd http://camel.apache.org/schema/osgi http://camel.apache.org/schema/osgi/camel-osgi.xsd http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd "> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-http-jetty.xml" /> <ctx:property-placeholder location="classpath:orderEntry.cfg" /> <camel-cxf:cxfEndpoint id="orderEntryEndpoint" address="${endpointUri}" serviceClass="com.company.product.OrderEntryService" endpointName="ssp:OrderEntry" serviceName="ssp:OrderEntryService" wsdlURL="META-INF/orderEntry/orderEntry.wsdl" xmlns:ssp="http://www.company.com/product/orderEntry/service/1" /> <http:conduit name="{http://www.company.com/product/orderEntry/service/1}OrderEntry.http-conduit"> <http:tlsClientParameters disableCNCheck="true"> <sec:trustManagers> <sec:keyStore type="JKS" password="${trustStore.password}" file="${trustStore.file}"/> </sec:trustManagers> <sec:cipherSuitesFilter> <sec:include>.*_EXPORT_.*</sec:include> <sec:include>.*_EXPORT1024_.*</sec:include> <sec:include>.*_WITH_DES_.*</sec:include> <sec:include>.*_WITH_NULL_.*</sec:include> <sec:exclude>.*_DH_anon_.*</sec:exclude> </sec:cipherSuitesFilter> </http:tlsClientParameters> </http:conduit> <camel:camelContext trace="true"> <camel:routeBuilder ref="orderEntryRoute" /> </camel:camelContext> <bean id="orderEntryRoute" class="com.company.product.OrderEntryRoute" /> </beans>
The environment specific configurations are externalized into a properties file:
endpointUri=https://localhost:8181/OrderEntry trustStore.password=password trustStore.file=etc/myApp.ts
With this configuration, you Camel CXF consumer connects with HTTPS to the web service provider.
If you need to change the protocol to HTTP, maybe for tracing/debugging reasons, change the endpointUri
property in your properties file to e.g. http://localhost:8080/OrderEntry
. That's all! Isn't it easy.
Apache CXF detects that you "only" use HTTP and instantiates a HttpURLConnectionFactoryImpl instead of a HttpsURLConnectionFactory.