Return-Path: Delivered-To: apmail-ws-axis-user-archive@www.apache.org Received: (qmail 33520 invoked from network); 27 May 2005 15:43:12 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 27 May 2005 15:43:12 -0000 Received: (qmail 9611 invoked by uid 500); 27 May 2005 15:42:57 -0000 Delivered-To: apmail-ws-axis-user-archive@ws.apache.org Received: (qmail 9598 invoked by uid 500); 27 May 2005 15:42:57 -0000 Mailing-List: contact axis-user-help@ws.apache.org; run by ezmlm Precedence: bulk Reply-To: axis-user@ws.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list axis-user@ws.apache.org Received: (qmail 9572 invoked by uid 99); 27 May 2005 15:42:56 -0000 X-ASF-Spam-Status: No, hits=1.4 required=10.0 tests=DNS_FROM_RFC_ABUSE,HTML_20_30,HTML_MESSAGE,INFO_TLD,RCVD_BY_IP,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: domain of cbfaucher@gmail.com designates 64.233.170.195 as permitted sender) Received: from rproxy.gmail.com (HELO rproxy.gmail.com) (64.233.170.195) by apache.org (qpsmtpd/0.28) with ESMTP; Fri, 27 May 2005 08:42:54 -0700 Received: by rproxy.gmail.com with SMTP id f1so739175rne for ; Fri, 27 May 2005 08:42:36 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; b=SSE8UXagTEt8FY4aN33d8oWAysdL8v8vGV4vSJBjBn8ZwLBnAQXgf9lW5GAX+kG6Js/T7IHnoqK4cX0YqucahEFfb4453Ge3fnnwFrJgAlEN3aaiGGM1gmLaUjyS1fM7aeZGmxWBJl1wkS1TXLiJMZ6QFXmjWaj84IIDGYMOz8c= Received: by 10.38.90.71 with SMTP id n71mr3793087rnb; Fri, 27 May 2005 08:42:36 -0700 (PDT) Received: by 10.38.10.34 with HTTP; Fri, 27 May 2005 08:42:36 -0700 (PDT) Message-ID: Date: Fri, 27 May 2005 11:42:36 -0400 From: Christian faucher Reply-To: Christian faucher To: axis-user@ws.apache.org Subject: Re: Axis, HTTPS with Web Start In-Reply-To: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1425_4798545.1117208556489" References: X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_Part_1425_4798545.1117208556489 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Yes I does. All my client's jars (including Axis jars and friends) are signed with a= =20 dummy certificate, generated through *keytool*. Security is also "" in my JNLP deployment descriptor. The server (hidden behing the HTTPS URL) has a server certificate and does= =20 NOT require a client certificate.=20 Christian Faucher On 5/27/05, Oleg Lebedev wrote:=20 >=20 > Is your client trying to access the web service on the domain it was=20 > downloaded from via WebStart? > I remember having problems with cross-domain access. I ended up signing= =20 > all the jars in order to get it to work. >=20 > -----Original Message----- > *From:* Christian faucher [mailto:cbfaucher@gmail.com]=20 > *Sent:* Friday, May 27, 2005 9:02 AM > *To:* axis-user@ws.apache.org > *Subject:* Axis, HTTPS with Web Start >=20 > Greetings, >=20 > I have a situation where I am not sure if it belongs to this mailing or= =20 > Web Start's. >=20 > I have a Axis client, being deployed thru Web Start on client machines. I= t=20 > can also be run standalone (java 'main').=20 >=20 > I run JDK 1.4.2 with Axis 1.2 RC2 (yeah, I know I have to upgrade to 1.2.= ..).=20 > AppServer is SunOne 7. >=20 > The client connects to an Axis server thru HTTPS (which is not the server= =20 > from where it was downloaded). I have the JNLP security set to=20 > 'all-permissions' which means (in theory) that I have the same rights tha= n a=20 > standalone application.=20 >=20 > When I run the client as STANDALONE, works perfectly: I connect to the=20 > Axis Server with HTTPS, get my response back, etc. >=20 > When I start the very same client thru WebStart, the HTTPS connections=20 > fail, but the unsecure HTTP do work. For HTTPS, it fails during the SSL= =20 > handshake for the server (see stack trace below).=20 >=20 > Any clue on this? >=20 > Here is the exception I get on the client side. No sign on my request=20 > whatsoever on the server side, which makes me belief I dont even get out = of=20 > my client app... >=20 > *ansport.http.HTTPSender.getSocket(HTTPSender.java:131) >=20 > at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.jav= a > :370) >=20 > at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:88)= =20 >=20 > at org.apache.axis.strategies.InvocationStrategy.visit( > InvocationStrategy.java:32) >=20 > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) >=20 > at org.apache.axis.SimpleChain.invoke(SimpleChain.java :83) >=20 > at org.apache.axis.client.AxisClient.invoke(AxisClient.java:147) >=20 > at org.apache.axis.client.Call.invokeEngine(Call.java:2719) >=20 > at org.apache.axis.client.Call.invoke(Call.java:2702) >=20 > at org.apache.axis.client.Call.invoke (Call.java:2378) >=20 > at org.apache.axis.client.Call.invoke(Call.java:2301) >=20 > at org.apache.axis.client.Call.invoke(Call.java:1758) >=20 > at com.axacanada.b2b.common.util.AxisInvocationHandler.invoke( > AxisInvocationHandler.java :98) >=20 > at $Proxy0.makeNewBusiness(Unknown Source) >=20 > at com.axacanada.b2b.cq.client.AbstractRequestSenderThread.run( > AbstractRequestSenderThread.java:74) >=20 > at com.axacanada.b2b.cq.client.RequestSenderThread.run ( > RequestSenderThread.java:70) >=20 >=20 >=20 > {http://xml.apache.org/axis/}hostname:WS-1235 >=20 >=20 >=20 > javax.net.ssl.SSLException: Unrecognized SSL message, plaintext=20 > connection? >=20 > at org.apache.axis.AxisFault.makeFault(AxisFault.java:101) >=20 > at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:97) >=20 > at org.apache.axis.strategies.InvocationStrategy.visit ( > InvocationStrategy.java:32) >=20 > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) >=20 > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) >=20 > at org.apache.axis.client.AxisClient.invoke(AxisClient.java :147) >=20 > at org.apache.axis.client.Call.invokeEngine(Call.java:2719) >=20 > at org.apache.axis.client.Call.invoke(Call.java:2702) >=20 > at org.apache.axis.client.Call.invoke(Call.java:2378) >=20 > at org.apache.axis.client.Call.invoke (Call.java:2301) >=20 > at org.apache.axis.client.Call.invoke(Call.java:1758) >=20 > at com.axacanada.b2b.common.util.AxisInvocationHandler.invoke( > AxisInvocationHandler.java:98) >=20 > at $Proxy0.makeNewBusiness(Unknown Source)=20 >=20 > at com.axacanada.b2b.cq.client.AbstractRequestSenderThread.run( > AbstractRequestSenderThread.java:74) >=20 > at com.axacanada.b2b.cq.client.RequestSenderThread.run( > RequestSenderThread.java:70) >=20 > Caused by: javax.net.ssl.SSLException : Unrecognized SSL message,=20 > plaintext connection? >=20 > at com.sun.net.ssl.internal.ssl.InputRecord.b(Unknown Source) >=20 > at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) >=20 > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a (Unknown Source) >=20 > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source) >=20 > at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown=20 > Source) >=20 > at org.apache.axis.components.net.JSSESocketFactory.create ( > JSSESocketFactory.java:186) >=20 > at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java > :131) >=20 > at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.jav= a > :370) >=20 > at org.apache.axis.transport.http.HTTPSender.invoke (HTTPSender.java:88) >=20 > ... 13 more >=20 > 2005-05-27 10:06:03,165 [SOAP Request Sender] ERROR=20 > AbstractRequestSenderThread - AxisFault: ; nested exception is:=20 > javax.net.ssl.SSLException: Unrecognized SSL message, plaintext=20 > connection?=20 > Fault Actor : null > Fault Code : { > http://schemas.xmlsoap.org/soap/envelope/}Server.userException > Fault Role : null > Fault String: javax.net.ssl.SSLException : Unrecognized SSL message,=20 > plaintext connection?* >=20 > --=20 > This message has been scanned for viruses and=20 > dangerous content by *MailScanner* , and is= =20 > believed to be clean.=20 > If you have questions about this email,=20 > Please contact the IT Help Desk.=20 >=20 > ------=_Part_1425_4798545.1117208556489 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline
Yes I does.
 
All my client's jars (including Axis jars and friends) are signed with= a dummy certificate, generated through keytool.
 
Security is also "<all-permissions>" in my JNLP deploy= ment descriptor.
 
The server (hidden behing the HTTPS URL) has a server certificate and = does NOT require a client certificate. 
 
Christian Faucher

 
On 5/27/05, = Oleg Lebedev <oleglebed= ev@waterford.org> wrote:
Is your clie= nt trying to access the web service on the domain it was downloaded fr= om via WebStart?
I remember&n= bsp;having problems with cross-domain access. I ended up signing all the ja= rs in order to get it to work.
-----Original Message-----
From: Christian faucher [mailto= : cbfaucher@gmail.com]
Sent: Friday, May 27, 2005 9:02 AM
<= b>To: axis-user@ws.apache.o= rg
Subject: Axis, HTTPS with Web Start

Greeting= s,

I have a situation where I am not sure if it belongs to this mail= ing or Web Start's.

I have a Axis client, being deployed thru Web St= art on client machines.  It can also be run standalone (java 'mai= n').=20

I run JDK 1.4.2 with Axis 1.2 RC2 (yeah, I know I have to upgrade t= o 1.2...).  AppServer is SunOne 7.

The client connects to = an Axis server thru HTTPS (which is not the server from where it was downlo= aded).  I have the JNLP security set to 'all-permissions' which m= eans (in theory) that I have the same rights than a standalone application.= =20

When I run the client as STANDALONE, works perfectly:  I = connect to the Axis Server with HTTPS, get my response back, etc.

Wh= en I start the very same client thru WebStart, the HTTPS connections fail, = but the unsecure HTTP do work.  For HTTPS, it fails during the SS= L handshake for the server (see stack trace below).=20

Any clue on this?

Here is the exception I get on the client = side.  No sign on my request whatsoever on the server side, which= makes me belief I dont even get out of my client app...

ansport.http.HTTPSender.getSocket(HTTPSender.java:131)

at org.ap= ache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:370)
<= br>at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:88)= =20

at org.apache.axis.strategies.InvocationStrategy.visit(InvocationSt= rategy.java:32)

at org.apache.axis.SimpleChain.doVisiting(SimpleChai= n.java:118)

at org.apache.axis.SimpleChain.invoke(SimpleChain.java :83)

at org.apache.axis.client.AxisClient.invoke(AxisClient.java:14= 7)

at org.apache.axis.client.Call.invokeEngine(Call.java:2719)
at org.apache.axis.client.Call.invoke(Call.java:2702)

at org.apach= e.axis.client.Call.invoke (Call.java:2378)

at org.apache.axis.client.Call.invoke(Call.java:23= 01)

at org.apache.axis.client.Call.invoke(Call.java:1758)

at = com.axacanada.b2b.common.util.AxisInvocationHandler.invoke(AxisInvocationHa= ndler.java :98)

at $Proxy0.makeNewBusiness(Unknown Source)

at com.axaca= nada.b2b.cq.client.AbstractRequestSenderThread.run(AbstractRequestSenderThr= ead.java:74)

at com.axacanada.b2b.cq.client.RequestSenderThread.run (RequestSenderThread.java:70)



{http://xml.apache.org/axis/}hostname:WS-1235=



javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

at = org.apache.axis.AxisFault.makeFault(AxisFault.java:101)

at org.apach= e.axis.transport.http.HTTPSender.invoke (HTTPSender.java:97)

at org.apache.axis.strategies.InvocationStrateg= y.visit (InvocationStrategy.java:32)

at org.apache.axis.SimpleChain.= doVisiting(SimpleChain.java:118)

at org.apache.axis.SimpleChain.invo= ke (SimpleChain.java:83)

at org.apache.axis.client.AxisClient.invoke(Ax= isClient.java :147)

at org.apache.axis.client.Call.invokeEngine(Call= .java:2719)

at org.apache.axis.client.Call.invoke(Call.java:2702)

at org.apache.axis.client.Call.invoke(Call.java:2378)

at org= .apache.axis.client.Call.invoke (Call.java:2301)

at org.apache.axis.= client.Call.invoke(Call.java:1758)

at com.axacanada.b2b.common.util.= AxisInvocationHandler.invoke (AxisInvocationHandler.java:98)

at $Proxy0.makeNewBusiness(Unknown S= ource)

at com.axacanada.b2b.cq.client.AbstractRequestSenderThread.r= un(AbstractRequestSenderThread.java:74)

at com.axacanada.b2b.cq.clie= nt.RequestSenderThread.run (RequestSenderThread.java:70)

Caused by: javax.net.ssl.SSLException = : Unrecognized SSL message, plaintext connection?

at com.sun.net.ssl= .internal.ssl.InputRecord.b(Unknown Source)

at com.sun.net.ssl.inter= nal.ssl.InputRecord.read (Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a (Un= known Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknow= n Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandsha= ke (Unknown Source)

at org.apache.axis.components.net.JSSESocketFactory= .create (JSSESocketFactory.java:186)

at org.apache.axis.transport.ht= tp.HTTPSender.getSocket(HTTPSender.java:131)

at org.apache.axis.tran= sport.http.HTTPSender.writeToSocket (HTTPSender.java:370)

at org.apache.axis.transport.http.HTTPSender.i= nvoke (HTTPSender.java:88)

... 13 more

2005-05-27 10:06:03,16= 5 [SOAP Request Sender] ERROR AbstractRequestSenderThread - AxisFault: ; ne= sted exception is:=20
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connect= ion?
Fault Actor : null
Fault Code  : { http://schemas.xmlsoap.org/soap/envelope/}Server.userException
Fault= Role  : null
Fault String: javax.net.ssl.SSLException : Unrec= ognized SSL message, plaintext connection?

= --
This message has been scanned for viruses and
dangerous content by MailScanner, and is
bel= ieved to be clean.=20
If you have questions about this email,
Please contact the IT Help = Desk.

------=_Part_1425_4798545.1117208556489--