Oliver Knerr created CXF-7782:
---------------------------------
Summary: Client session context is null before SSL context
initialization
Key: CXF-7782
URL: https://issues.apache.org/jira/browse/CXF-7782
Project: CXF
Issue Type: Bug
Components: Transports
Affects Versions: 3.2.5
Environment: bctls-jdk15on-1.59
Reporter: Oliver Knerr
We are going to replace the default (Sun) JSSE provider with the one from
BouncyCastle and are running into a {{NullPointerException}} when getting the
{{SSLSessionContext}} from the {{SSLContext}}.
The problem occurs in
{{org.apache.cxf.transport.https.SSLUtils.getSSLContext(TLSParameterBase):73}}
when trying to set the timeout for the SSL session.
The javadoc of
{{javax.net.ssl.SSLContext.getClientSessionContext()}}
states that "[the client session context] may be unavailable in some
environments, in which case this method returns null. [...]"
Apparently, this is (in general) not the case for the SunJSSE provider, but the
BCJSSE provider needs the {{SSLContext}} to be initialized before the client
session context is available. So after the call of
{{javax.net.ssl.SSLContext.init(KeyManager[], TrustManager[], SecureRandom)}}
which happens further below (line 87), the client session context is not null
any more, but it's too late, obviously.
For the BCJSSE provider, setting the session timeout musst happen after the
{{init()}} of the {{SSLContext}}. But a general handling in case of
{{getClientSessionContext()}}returning null wouldn't hurt either.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
