[
https://issues.apache.org/jira/browse/CXF-7782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed CXF-7782.
------------------------------------
> Client session context is null before SSL context initialization
> ----------------------------------------------------------------
>
> Key: CXF-7782
> URL: https://issues.apache.org/jira/browse/CXF-7782
> Project: CXF
> Issue Type: Bug
> Components: Transports
> Affects Versions: 3.2.5
> Environment: bctls-jdk15on-1.59
> Reporter: Oliver Knerr
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Labels: easyfix
> Fix For: 3.2.6, 3.1.17
>
>
> We are going to replace the default (Sun) JSSE provider with the one from
> BouncyCastle and are running into a {{NullPointerException}} when getting the
> {{SSLSessionContext}} from the {{SSLContext}}.
> The problem occurs in
> {{org.apache.cxf.transport.https.SSLUtils.getSSLContext(TLSParameterBase):73}}
> when trying to set the timeout for the SSL session.
> The javadoc of
> {{javax.net.ssl.SSLContext.getClientSessionContext()}}
> states that "[the client session context] may be unavailable in some
> environments, in which case this method returns null. [...]"
> Apparently, this is (in general) not the case for the SunJSSE provider, but
> the BCJSSE provider needs the {{SSLContext}} to be initialized before the
> client session context is available. So after the call of
> {{javax.net.ssl.SSLContext.init(KeyManager[], TrustManager[], SecureRandom)}}
> which happens further below (line 87), the client session context is not null
> any more, but it's too late, obviously.
> For the BCJSSE provider, setting the session timeout musst happen after the
> {{init()}} of the {{SSLContext}}. But a general handling in case of
> {{getClientSessionContext()}}returning null wouldn't hurt either.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
