EAP: create rest client with elytron client-ssl-context

Posted on

EAP: create rest client with elytron client-ssl-context

I know, how to build a ResteasyClient with own SSL context.


It works fine, e.g from standalone client and/or arquillain tests.
I build the SSL context programmatically, loading truststore etc.

I have a EAR+War (ProjekctA) offering a Rest Service using web.xml:

<login-config> <auth-method>CLIENT-CERT</auth-method> <realm-name>ICSCRest</realm-name> </login-config>

and jboss-web.xml


The EAP is configured with Elytron, offering the security domain (ICSDRest).
Works fine. Access to the Rest service is now secured by the SSL layer.
I also have configured EAP to have a client-ssl-context (see below LDAP).

    <client-ssl-context name="ICLdapSslContext" trust-manager="ICTrustManager"/>

A second EAR+War (ProjectB) should use the Rest service from ProjectA. So ProjectB is a Rest client.

To instanciate the ResteasyClient in ProjectB, I must set the sslContext too (I guess).
I want pick a client-ssl-context from Elytron, if possible.
Is there a way?

Why I want to pick from Elytron?

ProjectA is also dealing with LDAP via ldaps. So ProjectA is a client for LDAP server.
I have configured EAP as a LDAP client like

    <dir-context name="ICLdap" url="<some url>" principal="<query>" ssl-context="ICLdapSslContext">
    <credential-reference clear-text="<some password>"/>

So I hope, I can get is a similar way the sslContext from EAP/Elytron.
The idea is to get from Elytron the SSL context and set like


or create the ReasteasyClient within the context.

Any hints for a EAP beginner.
Thanks in advance.