/gist:5895736
Created Jun 30, 2013
| <beans xmlns="http://www.springframework.org/schema/beans" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:sec="http://cxf.apache.org/configuration/security" | |
| xmlns:http="http://cxf.apache.org/transports/http/configuration" | |
| xmlns:jaxws="http://java.sun.com/xml/ns/jaxws" | |
| xsi:schemaLocation=" | |
| http://cxf.apache.org/configuration/security | |
| http://cxf.apache.org/schemas/configuration/security.xsd | |
| http://cxf.apache.org/transports/http/configuration | |
| http://cxf.apache.org/schemas/configuration/http-conf.xsd | |
| http://www.springframework.org/schema/beans | |
| http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"> | |
| <http:conduit name="*.http-conduit"> | |
| <http:tlsClientParameters> | |
| <sec:keyManagers keyPassword="personalKeyPassword"> | |
| <sec:keyStore type="JKS" password="storePassword" | |
| file="/Users/java/personalKeyStore.jks" | |
| /> | |
| </sec:keyManagers> | |
| <sec:trustManagers> | |
| <sec:keyStore type="JKS" password="changeit" | |
| file="/Users/java/jre/bin/cacerts"/> | |
| </sec:trustManagers> | |
| <sec:cipherSuitesFilter> | |
| <!-- these filters ensure that a ciphersuite with | |
| export-suitable or null encryption is used, | |
| but exclude anonymous Diffie-Hellman key change as | |
| this is vulnerable to man-in-the-middle attacks --> | |
| <sec:include>.*_EXPORT_.*</sec:include> | |
| <sec:include>.*_EXPORT1024_.*</sec:include> | |
| <sec:include>.*_WITH_DES_.*</sec:include> | |
| <sec:include>.*_WITH_AES_.*</sec:include> | |
| <sec:include>.*_WITH_NULL_.*</sec:include> | |
| <sec:exclude>.*_DH_anon_.*</sec:exclude> | |
| </sec:cipherSuitesFilter> | |
| </http:tlsClientParameters> | |
| <http:client AutoRedirect="true" Connection="Keep-Alive"/> | |
| </http:conduit> | |
| </beans> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment