axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kishanthan Thangarajah (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AXIS2-3278) Allow Customizable WSDL generation error messages
Date Wed, 02 May 2012 19:08:51 GMT

     [ https://issues.apache.org/jira/browse/AXIS2-3278?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kishanthan Thangarajah updated AXIS2-3278:
------------------------------------------

    Attachment: AXIS2-3278.patch

Looking at this further, i think if we return a 404 status, then the user will loose the clue
of setting the useOriginalWsdl to "ture" from the previous error message.

So the best option is to leave the current error message as it is or we can return a 404 error
code and log the current error message in the console. 

Kishanthan.
                
> Allow Customizable WSDL generation error messages
> -------------------------------------------------
>
>                 Key: AXIS2-3278
>                 URL: https://issues.apache.org/jira/browse/AXIS2-3278
>             Project: Axis2
>          Issue Type: New Feature
>          Components: wsdl
>    Affects Versions: 1.3
>         Environment: Axis2 (1.3)
>            Reporter: Nathan Hook
>            Assignee: Deepal Jayasinghe
>            Priority: Minor
>         Attachments: AXIS2-3278.patch
>
>
> When setting the value useOriginalwsdl to true in a services.xml and not providing a
wsdl file in your directory the following message occurs:
> Unable to generate WSDL 1.1 for this serviceIf you wish Axis2 to automatically generate
the WSDL 1.1, then please +set  useOriginalwsdl as false in your services.xml
> However, it would be better if a customizable error message (including a blank message)
could be returned or even better allow the behavior to return different http error codes like
404 where the wsdl is effectively hidden without giving a clue that it exists.
> A work around for this is to create a filter that will check to see if someone is try
to access the wsdl file directly and then return a 404 or what ever type of message they chose.
> Here is an example filter class:
> import java.io.*;
> import java.util.*;
> import javax.servlet.*;
> import javax.servlet.http.*;
> public class WebServiceSecurityFilter implements Filter
> {
> 	private static org.apache.log4j.Logger log = org.apache.log4j.Logger.getLogger(WebServiceSecurityFilter.class);
> 	
> 	public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException
> 	{
> 		HttpServletRequest httpRequest = (HttpServletRequest)request;
> 		
> 		if(!httpRequest.getQueryString().contains("wsdl"))
> 		{
> 			filterChain.doFilter(request, response);
> 		}
> 		else
> 		{
> 			log.debug("WebServiceSecurityFilter - Unauthorized WSDL Access Attempt");
> 			log.debug("    remote ip: " + address);
> 			
> 			HttpServletResponse httpResponse = (HttpServletResponse)response;
> 			httpResponse.setStatus(HttpServletResponse.SC_NOT_FOUND);
> 			
> 			RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/error_pages/404.html");
> 			dispatcher.forward(request, response);
> 		}
> 	}
> 	
> 	public void init(FilterConfig config)
> 	{
> 		
> 	}
> 	
> 	public void destroy()
> 	{
> 		
> 	}
> }
> Thank you for your time.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message