THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
The CipherSuites Filter is used to either include or exclude particular CipherSuites. An inclusion filter must be specified or else no ciphersuites will be included, the exclusion filter is optional. Please note that care must be taken when using ciphersuite filters, are they operate on all of the supported ciphersuites (as opposed to the default JVM ciphersuites that are used if no filter is specified). It is recommended instead to either select a specific CipherSuite (see above) or else just rely on the default JVM ciphersuites by not specifying any cipherSuite or cipherSuiteFilter configuration.
If no exclusion filter is specified, the default ciphersuites that are excluded are as follows. Note that if the user explicitly allows any of these in the inclusion filter, then they are not excluded by default. For example, if you want to allow "NULL" ciphersuites by adding an inclusion filter of ".*NULL.*" then this is removed from the default exclusion filters.
| Default excluded CipherSuite Filter | Since CXF version | |||
|---|---|---|---|---|
| .*NULL.* | CXF 3.2.7 | |||
| .*anon.* | CXF 3.2.7 | |||
| .* | DESEXPORT.* | CXF 3.2.7 | ||
| .* | EXPORTDES.* | CXF 3.2.7 | .*3DES.*(note: includes 3DES) | CXF 3.3.0 |
| .*MD5 | CXF 3.3.0 | |||
| .*CBC.* | CXF 3.3.0 | |||
| .*RC4.* | CXF 3.3.0 |
...