LibraryToggle FramesPrintFeedback

A WS endpoint can be configured by creating the endpoint in Spring and then configuring SSL/TLS properties on its Jetty container. The configuration can be somewhat confusing, however, for the following reason: the Jetty container (which is configured by a httpj:engine-factory element in Spring) does not explicitly reference the WS endpoints it contains and the WS endpoints do not explicitly reference the Jetty container either. The connection between the Jetty container and its contained endpoints is established implicitly, in that they are both configured to use the same IP port, as illustrated by Figure 7.2.

The connection between the Web service endpoint and the httpj:engine-factory element is established as follows:

  1. The Spring container loads and parses the file containing the httpj:engine-factory element.

  2. When the httpj:engine-factory bean is created, a corresponding entry is created in the registry, storing a reference to the bean. The httpj:engine-factory bean is also used to initialize a Jetty container that listens on the specified IP port.

  3. When the WS endpoint is created, it scans the registry to see if it can find a httpj:engine-factory bean with the same IP port as the IP port in the endpoint's address URL.

  4. If one of the beans matches the endpoint's IP port, the WS endpoint installs itself into the corresponding Jetty container. If the Jetty container has SSL/TLS enabled, the WS endpoint shares those security settings.

The certificates used in this demonstration are taken from a sample in the Fuse Service Framework 2.4.2-fuse-00-08 product. If you download and install the standalone version of Fuse Service Framework, you will find the sample certificates in the CXFInstallDir/samples/wsdl_first_https/certs directory.

Copy the cherry.jks, wibble.jks, and truststore.jks keystores from the CXFInstallDir/samples/wsdl_first_https/certs directory to the CamelInstallDir/examples/camel-example-cxf-proxy/src/main/resources/certs directory (you must first create the certs sub-directory).

Comments powered by Disqus