[CXF-2863] When 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'trustManagers' configuration is not truly ignored - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.2.9
Fix Version/s: 2.2.10
Component/s: Transports
Labels:
None
Environment:

Spring Framework 3.x

Estimated Complexity:
Novice

Description

According to documentation when 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'jsseProvider', 'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter' configuration parameters are ignored.

But, invalid 'trustManagers' (missing truststore file for example) leads to error.

While this parameter has been added to easily disable SSL verification while being on testing/development phases.
As far as, a valid 'truststore' file need to be provided, the main objective (easy setup) is not reach.

Expected behavior: when 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'jsseProvider', 'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter' configuration parameters are completely ignored (invalid or incomplete configuration).

I suggest to fix it in 'TLSClientParametersConfig' by quickly return out of the function 'createTLSClientParametersFromType' when "params.isUseHttpsURLConnectionDefaultSslSocketFactory()" is true.

Attachments

Activity

People

Assignee:: Daniel Kulp

Reporter:: jdu

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 25/Jun/10 12:13

Updated:: 11/Oct/10 14:52

Resolved:: 12/Aug/10 18:10