How to proxy secure web services (HTTPS SSL/TLS) using Mule's <pattern:web-service-proxy> -

-

we have cxf web services running locally accessed across https tls/ssl. we'd expose these services externally using mule's <pattern:web-service-proxy>. our question is, can <pattern:web-service-proxy> configured use https?

we have proxied these services across http using <pattern:web-service-proxy>. however, when change web-service-proxy's inboundaddress , outboundaddress attributes (below) http urls https urls error: "the required object/property "tls-key-store" null".

this works:

<pattern:web-service-proxy name="unsecure_ws_proxy"     inboundaddress="http://localhost:80/services/service_common_name"     outboundaddress="http://localhost:8080/app_name/proxied_service_name"  />

this not work (produces "the required object/property "tls-key-store" null "):

<pattern:web-service-proxy name="secure_ws_proxy"     inboundaddress="https://localhost:443/services/service_common_name"     outboundaddress="https://localhost:8443/app_name/proxied_service_name"  />

we've defined <tls:context name="tls_context"> , assume if can <pattern:web-service-proxy> use proxy should work.

is assumption correct, , if how tell <pattern:web-service-proxy> use tls_context we've defined? if wrong in our assumption, simplest approach in mule define pass-thru proxy cxf soap webservices use https protocol?

edit:

we're using mule v.3.6.0.

and in interest of completeness, our tls_context (which don't yet know how associate pattern:web-service-proxy, if that's answer):

<tls:context name="tls_context" doc:name="tls context">     <tls:trust-store path="${ssl.truststore.path}" password="${ssl.truststore.password}"/>     <tls:key-store path="${ssl.keystore.path}" password="${ssl.keystore.password}" keypassword="${ssl.keystore.password}"/> </tls:context>

answer:

here's complete solution, based on david's accepted response. tls_context not needed. thank david:

<?xml version="1.0" encoding="utf-8"?> <mule      xmlns="http://www.mulesoft.org/schema/mule/core"      xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"     xmlns:http="http://www.mulesoft.org/schema/mule/http"      xmlns:script="http://www.mulesoft.org/schema/mule/scripting"     xmlns:spring="http://www.springframework.org/schema/beans"      xmlns:pattern="http://www.mulesoft.org/schema/mule/pattern"     xmlns:https="http://www.mulesoft.org/schema/mule/https"     xsi:schemalocation="        http://www.mulesoft.org/schema/mule/core         http://www.mulesoft.org/schema/mule/core/current/mule.xsd        http://www.mulesoft.org/schema/mule/http         http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd        http://www.mulesoft.org/schema/mule/pattern         http://www.mulesoft.org/schema/mule/pattern/current/mule-pattern.xsd        http://www.mulesoft.org/schema/mule/scripting         http://www.mulesoft.org/schema/mule/scripting/current/mule-scripting.xsd        http://www.springframework.org/schema/beans         http://www.springframework.org/schema/beans/spring-beans-current.xsd        http://www.mulesoft.org/schema/mule/https         http://www.mulesoft.org/schema/mule/https/3.0/mule-https.xsd">      <https:connector name="httpsconnector">         <!-- not needed          <https:tls-client              path="${ssl.client.keystore.path}"              storepassword="${ssl.client.keystore.password}"/>              -->            <https:tls-key-store              path="${ssl.server.keystore.path}"              keypassword="${ssl.server.keystore.password}"              storepassword="${ssl.server.keystore.password}"/>         <https:tls-server              path="${ssl.server.truststore.path}"              storepassword="${ssl.server.truststore.password}"/>     </https:connector>      <!-- pattern-based configuration introduced in mule v.3.2 decrease "the amount of          noise in configuration files". configuration patterns are, design, not           powerful mule flows or services. have instead been designed ease of use.          (http://www.mulesoft.org/documentation-3.2/display/32x/understanding+configuration+patterns+using+mule) -->      <!-- mule pattern proxies -->     <!-- http -->     <pattern:web-service-proxy name="http_ws_proxy"         inboundaddress="http://localhost:80/services/service_common_name"         outboundaddress="http://localhost:8080/app_name/proxied_service_name"      />     <!-- https -->     <pattern:web-service-proxy name="https_ws_proxy"         inboundaddress="https://localhost:443/services/service_common_name"         outboundaddress="https://localhost:8443/app_name/proxied_service_name"      />  </mule>

you need configure https connector relevant jks configuration.

example:

<https:connector name="httpsconnector">   <https:tls-key-store path="keystore.jks" keypassword="<your password>"          storepassword="<your password>"/> </https:connector>

reference: http://www.mulesoft.org/documentation/display/current/https+transport+reference


Comments

Post a Comment

Popular posts from this blog

google chrome - Developer tools - How to inspect the elements which are added momentarily (by JQuery)? -

-
i looking @ how website designed using inspector in chrome. can use firefox developer tools or firefox web developer add-on or chrome web developer extension. so website has slide-show , using jquery it. looking @ markup , css in inspector, i see 2 things constantly changing slides change: one opacity css property understandable, i'd see changing values, changes fast see read anything. second- a div added in div slides change momentarily , moment when appears short notice except div . so question is there way stop slideshow can temporarily rid of blinking sort of effect (by speedy adding , removal , changing of elements , values)? where can inspect div element gets added such short moment , , gets removed? , can see changes in value of opacity takes place? is there way stop slideshow can temporarily rid of blinking sort of effect (by speedy adding , removal , changing of elements , values)? if opacity animated css transition or animation,
Read more

angularjs - Showing an empty as first option in select tag -

-
my app showing empty select field first entry. have read other solution given , tried still not working. my controller code is: .controller('usercreatecontroller', function(user,profile,auth) { alert("hello"); var vm = this; vm.type = 'create'; profile.all() //this service fetch profiles shown in select field .success(function(data){ vm.profile = data; }); vm.userdata.profile = vm.profile[0]; //here have set default value select field and html page is: <label class="col-sm-2 control-label">profile</label> <div class="col-sm-8"> <select ng-model="user.userdata.profile" ng-options="person._id person.profilename person in user.profile"> </select> </div> hierarchy of vm.profile { "_id": 46, "profile": objectid("5516498e95b84548156db754"), "isactive": true, "password": "$2
Read more

php - Cloud9 cloud IDE and CakePHP -

-
i attempting cakephp running on cloud9, cloud based ide. unaware, cloud collaboration ide intermixes services such bitbucket. site gives sudo rights, , installed cakephp using these instructions: https://www.digitalocean.com/community/tutorials/how-to-install-cakephp-on-an-ubuntu-12-04-vps when attempt run database exported machine cakephp installed, error message "url rewriting not configured on server." attempted solve issue using official guide cakephp: http://book.cakephp.org/2.0/en/installation/url-rewriting.html but no cigar, same error message. has gotten cakephp working, or aware of cloud ide free/low cost cloud9 support cakephp? here's how got working now: sudo apt-get update sudo apt-get install php5-intl curl -ss https://getcomposer.org/installer | php -- --filename=composer ./composer create-project --prefer-dist cakephp/app this creates project in /app default. move workspace docroot: mv app/* ./ mv app/.* ./ rm -rf app then de
Read more