axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emil Hornung <emil.horn...@comarch.pl>
Subject Re: Problem using Axis2 and SSLv3.
Date Fri, 19 Aug 2011 12:42:26 GMT
Hi,

Some time ago, a colleague of mine solved the problem, so I would like 
to share it with others.
His solution is based upon EasySSLProtocolSocketFactory class. We've 
taken the source code of the class and adopt it to use only SSLv3 
protocol. To turn on this factory, you have to register it by:

ProtocolSocketFactory ssl3ProtocolSocketFactory = new 
SSL3ProtocolSocketFactory();
Protocol protocol = new Protocol("https", ssl3ProtocolSocketFactory, 9443);
Protocol.registerProtocol("https", protocol);

The source code of SSL3ProtocolSocketFactory is attached to the mail.
We don't know how exactly our class works, but it does :) - so I hope 
that mail will help others with this problem.

Best regards

Emil Hornung

W dniu 2011-08-05 16:16, Emil Hornung pisze:
> Hi,
>
> I have a problem using Axis2 and SSLv3. We've created a standalone web 
> service client (J2SE) which communicates with our web service via 
> https. Everything was fine until (for security reasons) security 
> department introduced SSL in version 3 instead of version 2.
> Now when I try to connect with the web service, I'm getting an error:
> org.apache.axis2.AxisFault: Remote host closed connection during 
> handshake
>     at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>     at 
> org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:98)
>     at 
> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
>     at 
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
>     at 
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
>     at 
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
>     at 
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
>     at 
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>     at 
> org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:621)
>     at 
> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:193)
>     at 
> org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>     at 
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
>     at 
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)
>     at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)
>     at 
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
>     at 
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>     at 
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>     at 
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
>     at 
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
>     at 
> gov.epuap.eil.saml.auth.SAMLProxy.sendSOAPMessage(SAMLProxy.java:367)
>     at gov.epuap.eil.saml.auth.SAMLProxy.authorize(SAMLProxy.java:409)
>     at gov.epuap.eil.Start.main(Start.java:49)
> Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed 
> connection during handshake
>     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown 
> Source)
>     at 
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown 
> Source)
>     at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown 
> Source)
>     at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
>     at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
>     at java.io.BufferedOutputStream.write(Unknown Source)
>     at java.io.FilterOutputStream.write(Unknown Source)
>     at 
> org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:89)
>     ... 20 more
> Caused by: java.io.EOFException: SSL peer shut down incorrectly
>     at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
>     ... 28 more
>
> As far as I know from debug info, it looks like the client is trying 
> to connect to the web service using TLSv1 and also using SSLv2 
> (without trying using SSLv3).
> I've tried forcing Axis2 to use SSLv3 by setting environment variable 
> at the very beginning of the client program: 
> System.setProperty("https.protocols", "SSLv3"). Unfortunately, it 
> doesn't work. It looks like Axis2 doesn't use this variable.
> Does anyone know how to force Axis2 to use SSLv3?
> Thanks in advance.
>
> Best regards
>
> Emil Hornung
>


-- 
Emil Hornung
Programista
tel. +48 22 564-24-64


Mime
View raw message