axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nathan Hook (JIRA)" <j...@apache.org>
Subject [jira] Created: (AXIS2-3278) Allow Customizable WSDL generation error messages
Date Tue, 16 Oct 2007 15:21:50 GMT
Allow Customizable WSDL generation error messages
-------------------------------------------------

                 Key: AXIS2-3278
                 URL: https://issues.apache.org/jira/browse/AXIS2-3278
             Project: Axis 2.0 (Axis2)
          Issue Type: New Feature
    Affects Versions: 1.3
         Environment: Axis2 (1.3)
            Reporter: Nathan Hook
            Priority: Minor


When setting the value useOriginalwsdl to true in a services.xml and not providing a wsdl
file in your directory the following message occurs:

Unable to generate WSDL 1.1 for this serviceIf you wish Axis2 to automatically generate the
WSDL 1.1, then please +set  useOriginalwsdl as false in your services.xml

However, it would be better if a customizable error message (including a blank message) could
be returned or even better allow the behavior to return different http error codes like 404
where the wsdl is effectively hidden without giving a clue that it exists.

A work around for this is to create a filter that will check to see if someone is try to access
the wsdl file directly and then return a 404 or what ever type of message they chose.

Here is an example filter class:

import java.io.*;
import java.util.*;

import javax.servlet.*;
import javax.servlet.http.*;

public class WebServiceSecurityFilter implements Filter
{
	private static org.apache.log4j.Logger log = org.apache.log4j.Logger.getLogger(WebServiceSecurityFilter.class);
	
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException
	{
		HttpServletRequest httpRequest = (HttpServletRequest)request;
		
		if(!httpRequest.getQueryString().contains("wsdl"))
		{
			filterChain.doFilter(request, response);
		}
		else
		{
			log.debug("WebServiceSecurityFilter - Unauthorized WSDL Access Attempt");
			log.debug("    remote ip: " + address);
			
			HttpServletResponse httpResponse = (HttpServletResponse)response;
			httpResponse.setStatus(HttpServletResponse.SC_NOT_FOUND);
			
			RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/error_pages/404.html");
			dispatcher.forward(request, response);
		}
	}
	
	public void init(FilterConfig config)
	{
		
	}
	
	public void destroy()
	{
		
	}
}

Thank you for your time.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org


Mime
View raw message