From b94f0eefa25f47579547e39de6a283d05a035af3 Mon Sep 17 00:00:00 2001 From: slaws Date: Fri, 26 Feb 2010 13:42:00 +0000 Subject: Set the JVM trust/key store so the client side is able to pick up the servers public certificate. Not sure this is actually the way to way to do it as need more investigation into client side configuration. git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@916677 13f79535-47bb-0310-9956-ffa450edef68 --- .../security/http/ssl/HTTPSPolicyProvider.java | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'sca-java-2.x/trunk') diff --git a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/security/http/ssl/HTTPSPolicyProvider.java b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/security/http/ssl/HTTPSPolicyProvider.java index 0c10dcf8e7..f983a42dba 100644 --- a/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/security/http/ssl/HTTPSPolicyProvider.java +++ b/sca-java-2.x/trunk/modules/binding-ws-runtime-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/security/http/ssl/HTTPSPolicyProvider.java @@ -19,6 +19,9 @@ package org.apache.tuscany.sca.binding.ws.axis2.policy.security.http.ssl; +import java.security.KeyStore; +import java.util.logging.Logger; + import org.apache.tuscany.sca.binding.ws.axis2.Axis2BaseBindingProvider; import org.apache.tuscany.sca.host.http.SecurityContext; import org.apache.tuscany.sca.policy.PolicySubject; @@ -29,6 +32,7 @@ import org.apache.tuscany.sca.provider.BasePolicyProvider; * @version $Rev$ $Date$ */ public class HTTPSPolicyProvider extends BasePolicyProvider { + private final Logger logger = Logger.getLogger(HTTPSPolicyProvider.class.getName()); public HTTPSPolicyProvider(PolicySubject subject) { super(HTTPSPolicy.class, subject); @@ -39,8 +43,24 @@ public class HTTPSPolicyProvider extends BasePolicyProvider { for (Object policy : findPolicies()) { if (policy instanceof HTTPSPolicy) { + HTTPSPolicy httpsPolicy = (HTTPSPolicy)policy; + securityContext.setSSLEnabled(true); - securityContext.setSSLProperties(((HTTPSPolicy)policy).toProperties()); + securityContext.setSSLProperties(httpsPolicy.toProperties()); + + // TODO - what is the right way to set trust/key store on client side? + + logger.info("HTTPSPolicyProvider: Setting JVM trust store to " + httpsPolicy.getTrustStore()); + System.setProperty("javax.net.ssl.trustStore", httpsPolicy.getTrustStore()); + System.setProperty("javax.net.ssl.trustStorePassword", httpsPolicy.getTrustStorePassword()); + System.setProperty("javax.net.ssl.trustStoreType", httpsPolicy.getTrustStoreType()); + + logger.info("HTTPSPolicyProvider: Setting JVM key store to " + httpsPolicy.getKeyStore()); + System.setProperty("javax.net.ssl.keyStore", httpsPolicy.getKeyStore()); + System.setProperty("javax.net.ssl.keyStorePassword", httpsPolicy.getKeyStorePassword()); + System.setProperty("javax.net.ssl.keyStoreType", httpsPolicy.getKeyStoreType()); + + return; } } } -- cgit v1.2.3