Fabric8 CXF端点安全性与TLS ......可能吗?

时间:2014-02-11 13:44:42

标签: cxf apache-karaf fusefabric fabric8

我对我刚刚发现的名为fabric8(http://fabric8.io)的精彩工具有疑问。

当我将CXF SOAP服务部署到系统中时,可以在http:// $ {HOSTNAME}:8181 / cxf中找到它。到目前为止,我们所有的堆栈都被部署到一个tomcat容器中,使用常规8443端口上的TLS加密进行保护(使用或不使用客户端身份验证)。顺便说一句,我们使用WSDL策略来强制执行它。

是否可以使用fabric8设置此TLS加密?卡拉夫?

杰罗姆

P.S:我想添加新标签'fabric8',但我没有足够的分数来做,所以我用'fusefabric'标记。

编辑1:

谢谢@iocanel!

它似乎有效......主要是: - )

事实上,如果我从一个全新的fabric8安装开始,如果我在etc/org.ops4j.pax.web.cfg设置:

org.ops4j.pax.web.config.file=etc/jetty.xml
org.osgi.service.http.port=8181

org.osgi.service.http.secure.enabled=true
org.osgi.service.http.port.secure=8443
org.ops4j.pax.web.ssl.keystore=etc/serverKeystore.jks
org.ops4j.pax.web.ssl.password=mytest
org.ops4j.pax.web.ssl.keypassword=mytest

然后我可以浏览8443端口上的hawtio web界面。但是,只要我使用fabric:create初始化容器,该端口就不再可用。如果我重新启动fabric8,那么日志就会充满:

2014-02-11 17:41:15,945 | WARN  | tp1828719771-631 | AbstractHttpConnection           | ty.server.AbstractHttpConnection  552 | 89 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.14.v20131031 | /git/fabric/info/refs?service=git-upload-pack
java.lang.IllegalStateException: Committed
    at org.eclipse.jetty.server.Response.resetBuffer(Response.java:1154)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.Response.sendError(Response.java:317)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.Response.sendError(Response.java:419)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:137)[84:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0]
    at io.fabric8.maven.impl.MavenSecureHttpContext.authenticate(MavenSecureHttpContext.java:173)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
    at io.fabric8.maven.impl.MavenSecureHttpContext.handleSecurity(MavenSecureHttpContext.java:78)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:68)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:219)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:85)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.Server.handle(Server.java:370)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at java.lang.Thread.run(Thread.java:744)[:1.7.0_51]
2014-02-11 17:41:15,967 | WARN  | tp1828719771-616 | Response                         | rg.eclipse.jetty.server.Response  315 | 89 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.14.v20131031 | Committed before 401 null
2014-02-11 17:41:15,968 | WARN  | tp1828719771-616 | AbstractHttpConnection           | ty.server.AbstractHttpConnection  552 | 89 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.14.v20131031 | /git/fabric/info/refs?service=git-receive-pack
java.lang.IllegalStateException: Committed
    at org.eclipse.jetty.server.Response.resetBuffer(Response.java:1154)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.Response.sendError(Response.java:317)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.Response.sendError(Response.java:419)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:137)[84:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0]
    at io.fabric8.maven.impl.MavenSecureHttpContext.authenticate(MavenSecureHttpContext.java:173)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
    at io.fabric8.maven.impl.MavenSecureHttpContext.handleSecurity(MavenSecureHttpContext.java:78)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:68)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:219)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:85)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.Server.handle(Server.java:370)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
    at java.lang.Thread.run(Thread.java:744)[:1.7.0_51]

你有什么想法吗?

杰罗姆

2 个答案:

答案 0 :(得分:0)

默认配置文件包含org.ops4j.pax.web.properties文件。

通过编辑此文件,您可以按照此处所述配置ssl: https://ops4j1.jira.com/wiki/display/paxweb/SSL+Configuration

答案 1 :(得分:0)

我发布了一个问题:https://github.com/fabric8io/fabric8/issues/696

让我们看看是否有适用的特定配置。