Versions Compared

Old Version 6

changes.mady.by.user Glen Mazza

Saved on

compared with

New Version 7

changes.mady.by.user Colm O hEigeartaigh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
<beans xmlns="http://www.springframework.org/schema/beans"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:sec="http://cxf.apache.org/configuration/security"
  xmlns:http="http://cxf.apache.org/transports/http/configuration"
  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
  xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
  xsi:schemaLocation="
  		   http://cxf.apache.org/configuration/security
  		      http://cxf.apache.org/schemas/configuration/security.xsd
           http://cxf.apache.org/transports/http/configuration
              http://cxf.apache.org/schemas/configuration/http-conf.xsd
           http://cxf.apache.org/transports/http-jetty/configuration
              http://cxf.apache.org/schemas/configuration/http-jetty.xsd
           http://www.springframework.org/schema/beans
              http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">


  <http:destination name="{http://apache.org/hello_world}GreeterImplPort.http-destination">    
  </http:destination>
  
  <httpj:engine-factory bus="cxf">
         <!-- you just need to specify the TLS Server configuration for the certain port -->
	 <httpj:engine port="9003">
	     <httpj:tlsServerParameters>
	      <sec:keyManagers keyPassword="password">
	           <sec:keyStore type="JKS" password="password" 
	                file="src/test/java/org/apache/cxf/systest/http/resources/Tarpin.jks"/>
	      </sec:keyManagers>
	      <sec:trustManagers>
	          <sec:keyStore type="JKS" password="password"
	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
	      </sec:trustManagers>
	      <sec:cipherSuitesFilter>
	        <!-- these filters ensure that a ciphersuite with
	          export-suitable or null encryption is used,
	          but exclude anonymous Diffie-Hellman key change as
	          this is vulnerable to man-in-the-middle attacks -->
	        <sec:include>.*_EXPORT_.*</sec:include>
	        <sec:include>.*_EXPORT1024_.*</sec:include>
	        <sec:include>.*_WITH_DES_.*</sec:include>
                <sec:include>.*_WITH_AES_.*</sec:include>
	        <sec:include>.*_WITH_NULL_.*</sec:include>
	        <sec:exclude>.*_DH_anon_.*</sec:exclude>
	      </sec:cipherSuitesFilter>
	      <sec:clientAuthentication want="true" required="true"/>
	    </httpj:tlsServerParameters>
	  </httpj:engine>
   </httpj:engine-factory>
</bean>

...