[SWS-731] Create a TrustManagerFactoryBean for a simpler config of HttpsUrlConnectionMessageSender Created: 14/Sep/11  Updated: 19/Mar/14  Resolved: 19/Mar/14

Status: Resolved
Project: Spring Web Services
Component/s: Security
Affects Version/s: 2.0.2
Fix Version/s: 2.2.RC1

Type: Improvement Priority: Minor
Reporter: Leif Hanack Assignee: Arjen Poutsma
Resolution: Complete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


The HttpsUrlConnectionMessageSender allow you to set the keyManagers and trustManagers. It would be cool, if Spring Webservice provides s.th. like a KeyManagerFactoryBean and a TrustManagerFactoryBean, so that you can easily secured a webservice connection.

These beans should hide the glue code for creating these managers.

// s.th. like this (only one and no error handling and all that)
public TrustManager[] getTrustManagers() {
  TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  return factory.getTrustManagers();

A config file might look like this:

  <bean id="messageSender" class="org.springframework.ws.transport.http.HttpsUrlConnectionMessageSender">
    <property name="trustManagers" ref="trustManagers"/>

  <bean id="trustManagers" class="org.springframework.ws.soap.security.support.TrustManagerFactoryBean">
    <constructor-arg type="java.security.KeyStore"><ref bean="keyStore"></constructor-arg>
    <!-- next managers .. -->

  <bean id="keyStore" class="org.springframework.ws.soap.security.support.KeyStoreFactoryBean">

Comment by Arjen Poutsma [ 18/Mar/14 ]

A KeyManagersFactoryBean was introduced in 2.1.2.

Comment by Leif Hanack [ 18/Mar/14 ]

Cool, than only a TrustManagerFactoryBean is missing

Comment by Arjen Poutsma [ 19/Mar/14 ]


Comment by Leif Hanack [ 19/Mar/14 ]

Great. Thank you for solving this issue so quick after you found it

Generated at Wed Jul 17 15:13:10 UTC 2019 using JIRA 7.9.2#79002-sha1:3bb15b68ecd99a30eb364c4c1a393359bcad6278.