axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From olschmelt...@airfrance.fr
Subject Réf. : AW: Réf. : AW: Using the same Call with http and https
Date Mon, 30 Aug 2004 14:57:03 GMT




OK, I just looked into more details why this is so.
Actually, calling setTargetEndpointAddress on the Call object does change
the Transport object if the protocol differs from one call to the other,
which implies that the cookie information is lost.
This seems to be an unwanted feature. Find below an excerpt of the Axis
code.
What I understand from the first comment is that it should have been
implemented antoher way.
My problem now is to keep the information : there are some methods like
Call.setTransportForProtocol(...) or Service.registerTransportForURL(...),
but I am not sure which one to use.
Am I really the only one having met this problem ?
Thanks.

Regards,

Olivier

Excerpt from Call class:

    public void setTargetEndpointAddress(java.net.URL address) {
        try {
            if ( address == null ) {
                setTransport(null);
                return ;
            }

            String protocol = address.getProtocol();

            // Handle the case where the protocol is the same but we
            // just want to change the URL - if so just set the URL,
            // creating a new Transport object will drop all session
            // data - and we want that stuff to persist between invoke()s.
            // Technically the session data should be in the message
            // context so that it can be persistent across transports
            // as well, but for now the data is in the Transport object.

////////////////////////////////////////////////////////////////
            if ( this.transport != null ) {
                String oldAddr = this.transport.getUrl();
                if ( oldAddr != null && !oldAddr.equals("") ) {
                    URL     tmpURL   = new URL( oldAddr );
                    String  oldProto = tmpURL.getProtocol();
                    if ( protocol.equals(oldProto) ) {
                        this.transport.setUrl( address.toString() );
                        return ;
                    }
                }
            }

            // Do we already have a transport for this address?
            Transport transport = service.getTransportForURL(address);
            if (transport != null) {
                setTransport(transport);
            }
            else {
            // We don't already have a transport for this address.  Create
one.
                transport = getTransportForProtocol(protocol);
                if (transport == null)
                    throw new AxisFault("Call.setTargetEndpointAddress",
                                 Messages.getMessage("noTransport01",
                                 protocol), null, null);
                transport.setUrl(address.toString());
                setTransport(transport);
                service.registerTransportForURL(address, transport);
            }
        }
        catch( Exception exp ) {
            log.error(Messages.getMessage("exception00"), exp);
            // do what?
            // throw new AxisFault("Call.setTargetEndpointAddress",
            //"Malformed URL Exception: " + e.getMessage(), null, null);
        }
    }





Dorner Thomas <Thomas.Dorner@t-systems.com> le 30/08/2004 10:35:52

Veuillez répondre à axis-user@ws.apache.org

Pour : axis-user@ws.apache.org
cc :

Objet :     AW: Réf. : AW: Using the same Call with http and https


Maybe it is an error - I understand it the same way.
MaintainSession should handle the session management for you!

Thomas

----------------------------------------------------------------------------

---------------
T-Systems International GmbH
Service Line Systems Integration
Competence Center EDM
Deparment EPDM/D
Fasanenweg 5, D 70771 Leinfelden

Tel.:        +49/711 971- 44747
Fax.:       +49/711 972-90330

mailto:Thomas.Dorner@t-systems.com
http://www.t-systems.de


-----Ursprüngliche Nachricht-----
Von: olschmeltzer@airfrance.fr [mailto:olschmeltzer@airfrance.fr]
Gesendet: Montag, 30. August 2004 10:02
An: axis-user@ws.apache.org
Betreff: Réf. : AW: Using the same Call with http and https





Thanks for the answer, even though I am not sure I understand it fully.
Is it not the role of setMaintainSession(true) to do this automatically ?
Moreover, the session is maintained when the calls remain in http ; it is
only when we switch to https that the session "disappears". Why this
difference in behaviour ?
I haven't tried your code, yet, I will send a message when I do.
Thanks again.

Olivier

P.S : sorry for the multiple posts on the subject, I thought the e-mail did
not make it to the list, and I got a strange return message afterwards.





Dorner Thomas <Thomas.Dorner@t-systems.com> le 30/08/2004 09:20:50

Veuillez répondre à axis-user@ws.apache.org

Pour : axis-user@ws.apache.org
cc :

Objet :     AW: Using the same Call with http and https


You can set the session by:


proxy.setProperty("Cookie", jSession);


And you can set and get session by the following methods:


/*************************************************************************
  * This method sets the SessionId for the next call. It use the
  * SimpleSessionHandler for this challenge.
  *
  * @param myService          - Is the Service we use (Locator).
  * @param myId               - SessionID

************************************************************************/
 static public void setSessionId(Service myService, Long myId) {

  AxisEngine engine = myService.getEngine();
  engine.setOption(SimpleSessionHandler.SESSION_ID, myId);

 }



/*************************************************************************
  * This method gets the SessionId from the SimpleSessionHandler.
  *
  * @param myService          - Is the Service we use (Locator).
  *
  * @return sesssionId

************************************************************************/
 static public Long getSessionId(Service myService) throws AxisFault
{

  AxisEngine engine = myService.getEngine();
  return
(Long)engine.getOption(SimpleSessionHandler.SESSION_ID);
 }


Thomas


-----Ursprüngliche Nachricht-----
Von: olschmeltzer@airfrance.fr [mailto:olschmeltzer@airfrance.fr]
Gesendet: Montag, 30. August 2004 09:09
An: axis-user@ws.apache.org
Betreff: Using the same Call with http and https





Hi !

Sorry if this question is basic, I am just an Axis beginner...

We are sending SOAP requests to a server, first in Http and we have to
maintain the session.
At a specific moment in the process, we have to switch to Https. This is
where the problem starts.
The first call in Https does not remember the session information.
If you take a look at the headers, there is not a Cookie header anymore, as
soon as we use Https (see REQUEST 3, below).
Is there something to configure in the Call object to ensure the session
being maintained ?
Thanks very much in advance for any help.
Regards,

Olivier


Here is an excerpt of the code.

Initialising the Call
                  Service s = new Service();
                  proxy = (Call) s.createCall();
                  proxy.setMaintainSession(true);
                  proxy.setTimeout(new Integer((int) timeout));
                  proxy.setOperationName(new QName("urn:xxxx", "process"));
                  proxy.addParameter("message", XMLType.XSD_STRING,
ParameterMode.IN);
                  proxy.setReturnType(XMLType.XSD_STRING);

Sending requests, first in Http (OK), then in Https

                  URL myUrl = null;

                  myUrl = new URL(url);

                        proxy.setTargetEndpointAddress(myUrl);
                        reponseXml = (String) proxy.invoke(new Object[] {
inputXML });

The headers look like this :

REQUEST 1

POST /soap/SOAPRPCRouterServlet HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept-Encoding: gzip
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.1
Host: xxx.com
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: ""
Content-Length: 12436
Connection: close

RESPONSE 1
Response headers : {transfer-encoding= chunked, connection= close, date=
Fri, 27 Aug 2004 15:00:05 GMT, server= Netscape-Enterprise/6.0, vary=
Accept-Encoding, User-Agent, set-cookie=[
jsessionid=BvM2MXMN5ZCk46wOD3oNCLFrLHTzzn3V11YJ34jVbdEUJ6ZE7Rb6!329135075!-1


897918928,

JSESSIONID=BvM2MXMN5ZCk46wOD3oNCLFrLHTzzn3V11YJ34jVbdEUJ6ZE7Rb6!329135075!-1


897918928;
 path=/], ...  content-type= text/xml; charset=utf-8, content-encoding=
gzip}

REQUEST 2 in Http

POST /soap/SOAPRPCRouterServlet HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept-Encoding: gzip
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.1
Host: xxx.com
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: ""
Content-Length: 1293
Connection: close
Cookie:
jsessionid=BvM2MXMN5ZCk46wOD3oNCLFrLHTzzn3V11YJ34jVbdEUJ6ZE7Rb6!329135075!-1


897918928;JSESSIONID=BvM2MXMN5ZCk46wOD3oNCLFrLHTzzn3V11YJ34jVbdEUJ6ZE7Rb6!32


9135075!-1897918928;

RESPONSE 2
Response headers : {transfer-encoding= chunked, connection= close, date=
Fri, 27 Aug 2004 15:00:07 GMT, server= Netscape-Enterprise/6.0, vary=
Accept-Encoding, User-Agent, ..., content-type= text/xml; charset=utf-8,
content-encoding= gzip

REQUEST 3 in Https (No Cookie information any more)

POST /soap/SOAPRPCRouterServlet HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept-Encoding: gzip
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.1
Host: xxxcom
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: ""
Content-Length: 1922
Connection: close

----------------
L'acces immediat aux meilleurs tarifs Air France et au billet electronique
sur http://www.airfrance.com

For immediate access to the best Air France fares and to electronic
tickets, visit our website http://www.airfrance.com

----------------
Les donnees et renseignements contenus dans ce message sont personnels,
confidentiels et secrets. Ce message est adresse a l'individu ou l'entite
dont les coordonnees figurent ci-dessus. Si vous n'etes pas le bon
destinataire, nous vous demandons de ne pas lire, copier, utiliser ou
divulguer cette communication. Nous vous prions de notifier cette erreur a
l'expediteur et d'effacer immediatement cette communication de votre
systeme.
The information contained in this message is privileged, confidential, and
protected from disclosure. This message is intended for the individual or
entity adressed herein. If you are not the intended recipient, please do
not read, copy, use or disclose this communication to others; also please
notify the sender by replying to this message, and then delete it from your
system.










Mime
View raw message