Mule : Using Https with Axis and Xfire
This page last changed on Nov 23, 2006 by marie.rizzo.
Using Https with Axis and XfireThis short cookbook entry will deal with the configuration of the Https Connector for the use with Axis and Xfire protocols. I will not go into the detail of the creation of key stores, trust stores or certificates but more on how they can be used with the HttpsConnector. You will need to set up the following: - Client and Server Key Stores - Trust Store Why configure an Https Connector when I want to use Axis or Xfire?Actually, the reason is pretty nifty. Remember the endpoint addressing style?... axis:https//localhost:8080 Since axis will work over the https, the Axis connector will default to the Https connector somewhere along the way. By configuring our own HttpsConnector, we are telling Axis to delegate to our connector instead of creating a new one (which it tries to do if no connector exists). Configuration without client authentication:This is the most basic set-up you can have on the HttpsConnector. All you need are: - the Server Key Store - the Trust Store The connector must authenticate the server before connecting. If the server is not authenticated then it doesn't connect, i.e. you will not be allowed access. The configuration below makes use of 5 properties: keyStore - The location of the server keystore used to create a secure server socket storePassword - The password for the server keystore keyPassword - The password used to check integrity and unlock the key store trustStorePassword - The password for the trustStore. trustStore - The location of the trust keystore. <connector name="myHttpsConnector" className="org.mule.providers.http.HttpsConnector"> <properties> <property name="keyStore" value="serverKeystore"/> <property name="storePassword" value="mulepassword" /> <property name="keyPassword" value="mulepassword" /> <property name="trustStorePassword" value="mulepassword" /> <property name="trustStore" value="trustStore"/> </properties> </connector> At this point we can do without the "requireClientAuthentication" property since it will default to false if not set. Configuration with Client AuthenticationIf you need to authenticate the Client, then you must set 3 other properties. clientKeyStore - The location of the client keystore. clientKeyStorePassword - The password for the client keystore. requireClientAuthentication - Whether clients should be authenticated when connecting <connector name="myHttpsConnector" className="org.mule.providers.http.HttpsConnector"> <properties> <property name="keyStore" value="serverKeystore"/> <property name="storePassword" value="mulepassword" /> <property name="keyPassword" value="mulepassword" /> <property name="trustStorePassword" value="mulepassword" /> <property name="trustStore" value="trustStore"/> <property name="clientKeyStore" value="clientKeystore"/> <property name="clientKeyStorePassword" value="mulepassword"/> <property name="requireClientAuthentication" value="true" /> </properties> </connector> That was the difficult part. What remains to do is to is to configure the mule component that requires access through axis/xfire over https with the following addressing style: In Axis: axis:https://localhost:8080 In Xfire: xfire:https://localhost:8080 |
Document generated by Confluence on Nov 27, 2006 10:27 |