cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <willem.ji...@gmail.com>
Subject Re: [JBoss][Spring][Apache CXF] Problems occuring when dynamic creation of client with wsdl in https
Date Wed, 31 Aug 2011 01:04:20 GMT
Maybe you can consider to download the WSDL by using common http client 
and pass the WSDL url into the DynamicClientFactory to workaround this 
kind of issue.

BTW, I doubt that http-conf setting can't affect the WSDL4J which loads 
the WSDL from the server.

On 8/31/11 12:50 AM, Guillaume Jouanjan wrote:
> I've tried with this regex too and it doesn't work :'(
>
> I've looking a lot of post on internet but it seems that i am the only one
> who try to call dynamically web services in https :)
>
> Guillaume
>
> 2011/8/30 Daniel Kulp<dkulp@apache.org>
>
>>
>> The "name" for the http-conduit thing in the config is a full regex.
>> Thus,
>> you should be able to do something like:
>>
>> <http-conf name="https.*">
>> ....
>>
>> to match all the https endpoints.
>>
>> Dan
>>
>>
>> On Tuesday, August 30, 2011 2:33:43 PM Guillaume Jouanjan wrote:
>>> Hi
>>>
>>> I've tried this but i've got the same error.
>>>
>>> org.springframework.web.util.NestedServletException: Request
>>> processing failed; nested exception is
>>> org.apache.cxf.service.factory.ServiceConstructionException: Could not
>>> resolve URL
>>> "
>> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endp
>>> oint?wsdl".
>>>
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkSe
>>> rvlet.java:656)
>>>
>> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.ja
>>> va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>>>        javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>>
>> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.j
>>> ava:96)
>>>
>>> *cause m�re*
>>>
>>> org.apache.cxf.service.factory.ServiceConstructionException: Could not
>>> resolve URL
>>> "
>> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endp
>>> oint?wsdl".
>>>
>> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(DynamicClie
>>> ntFactory.java:569)
>>>
>> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
>>> ientFactory.java:259)
>>>
>> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
>>> ientFactory.java:204)
>>>
>> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
>>> ientFactory.java:197)
>>>
>> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
>>> ientFactory.java:152)
>>>
>> com.airbus.rmm.controller.ManualController.send(ManualController.java:172)
>>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>        sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
>>>        sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
>>>        java.lang.reflect.Method.invoke(Unknown Source)
>>>
>> org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invoke
>>> HandlerMethod(HandlerMethodInvoker.java:176)
>>>
>> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapt
>>> er.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:426)
>>>
>> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapt
>>> er.handle(AnnotationMethodHandlerAdapter.java:414)
>>>
>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServ
>>> let.java:790)
>>>
>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServl
>>> et.java:719)
>>>
>> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkSe
>>> rvlet.java:644)
>>>
>> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.ja
>>> va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>>>        javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>>
>> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.j
>>> ava:96)
>>>
>>> *cause m�re*
>>>
>>> javax.net.ssl.SSLHandshakeException:
>>> java.security.cert.CertificateException: No subject alternative names
>>> present
>>>        com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
>>>        com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
>>>
>>> The "mother cause" seems to be the
>>>
>>> Could not resolve URL
>>> "
>> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endpo
>>> int?wsdl
>>>
>>> but with internet explorer the url is good (after accepting certificates)
>>>
>>> Moreover url of WSDL is calculated dynamically because end user set
>> himself
>>> via HMI the url of Web Service (i.e :
>>> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS) i only add the
>> endpoint
>>> + ? wsdl
>>>
>>> (i don't know if i can made a 'response to all', please say it me if i
>> can't
>>> ;) )
>>>
>>> Guillaume
>>>
>>> 2011/8/30 Freeman Fang<freeman.fang@gmail.com>
>>>
>>>> Hi,
>>>>
>>>> Looks like the error occurs when you try to download remote wsdl, which
>>>> also need authentication.
>>>> However the "{WSDL Namespace}portName" would never work for downloading
>>>> the wsdl as the portName is unknown at that point.
>>>> You need change your http:conduit like
>>>> <http-conf:conduit
>>>> name="https://10.33.30.138:**8443/.*<https://10.33.30.138:8443/.*>
 ">
>>>>
>>>>   the "https" prefix here is important.
>>>>
>>>> You can take a look at [1] to get more details there.
>>>> [1]https://issues.apache.org/**jira/browse/CXF-3421<
>> https://issues.apach
>>>> e.org/jira/browse/CXF-3421>
>>>>
>>>> Freeman
>>>>
>>>> On 2011-8-30, at 下午4:18, Guillaume Jouanjan wrote:
>>>>   Hello ,
>>>>
>>>>> First of all , sorry for my english , i'm a french developer.
>>>>>
>>>>> My goal is to call dynamically web services method using a WSDL (the
>>>>> only information i have + name of methods)
>>>>>
>>>>> I've got a problem with the following code :
>>>>>
>>>>> String urlWsdl = "
>>>>> https://10.33.30.138:8443/**eLBG-Server/WS/LogbookWS.**
>>>>> LogbookWSHttpSoap12Endpoint?**wsdl<
>> https://10.33.30.138:8443/eLBG-Serv
>>>>> er/WS/LogbookWS.LogbookWSHttpSoap12Endpoint?wsdl>  ";
>>>>> JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.
>>>>> newInstance();
>>>>> Client clientWS = factory.createClient(urlWsdl);
>>>>>
>>>>> I've got the following error :
>>>>>
>>>>> 10:04:22,562 ERROR [[rmm-ata]] "Servlet.service()" pour la servlet
>>>>> rmm-ata a
>>>>> g´┐¢n´┐¢r´┐¢ une exception
>>>>> java.security.cert.**CertificateException: No subject alternative
>>>>> names
>>>>> present
>>>>>
>>>>>        at sun.security.util.**HostnameChecker.matchIP(**Unknown
>>>>>        Source)
>>>>>        at sun.security.util.**HostnameChecker.match(Unknown
>>>>>        Source)
>>>>>        at
>>>>>
>>>>> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.**
>>>>> checkIdentity(Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.**
>>>>> checkServerTrusted(Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> com.sun.net.ssl.internal.ssl.**ClientHandshaker.**
>>>>> serverCertificate(Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> com.sun.net.ssl.internal.ssl.**ClientHandshaker.**processMessage(Unkno
>>>>> wn
>>>>> Source)
>>>>>
>>>>>        at
>>>>>        com.sun.net.ssl.internal.ssl.**Handshaker.processLoop(Unk
>>>>>        nown
>>>>>
>>>>> Source)
>>>>>
>>>>>        at
>>>>>        com.sun.net.ssl.internal.ssl.**Handshaker.process_record(
>>>>>        **
>>>>>
>>>>> Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>        com.sun.net.ssl.internal.ssl.**SSLSocketImpl.readRecord(*
>>>>>        *
>>>>>
>>>>> Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.**performInitialHandshake
>>>>> (** Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>        com.sun.net.ssl.internal.ssl.**SSLSocketImpl.startHandsha
>>>>>        ke(**
>>>>>
>>>>> Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>        com.sun.net.ssl.internal.ssl.**SSLSocketImpl.startHandsha
>>>>>        ke(**
>>>>>
>>>>> Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>        sun.net.www.protocol.https.**HttpsClient.afterConnect(**U
>>>>>        nknown
>>>>>
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> sun.net.www.protocol.https.**AbstractDelegateHttpsURLConnec**
>>>>> tion.connect(Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> sun.net.www.protocol.http.**HttpURLConnection.**getInputStream(Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> sun.net.www.protocol.https.**HttpsURLConnectionImpl.**
>>>>> getInputStream(Unknown
>>>>> Source)
>>>>>
>>>>>        at
>>>>>
>>>>> org.apache.cxf.resource.**URIResolver.tryFileSystem(**
>>>>> URIResolver.java:167)
>>>>>
>>>>>        at org.apache.cxf.resource.**URIResolver.<init>(**
>>>>>
>>>>> URIResolver.java:90)
>>>>>
>>>>>        at
>>>>>
>>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**composeUrl(**
>>>>> DynamicClientFactory.java:561)
>>>>>
>>>>>        at
>>>>>
>>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
>>>>> **
>>>>> DynamicClientFactory.java:259)
>>>>>
>>>>>        at
>>>>>
>>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
>>>>> **
>>>>> DynamicClientFactory.java:204)
>>>>>
>>>>>        at
>>>>>
>>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
>>>>> **
>>>>> DynamicClientFactory.java:197)
>>>>>
>>>>>        at
>>>>>
>>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
>>>>> **
>>>>> DynamicClientFactory.java:152)
>>>>>
>>>>>        at
>>>>>
>>>>> com.airbus.rmm.controller.**ManualController.send(**
>>>>> ManualController.java:174)
>>>>>
>>>>> I have specified a http conduit in spring configuration file but it
>>>>> seems that information inside is not managed and the
>>>>> disableCNCheck=false is still
>>>>> active
>>>>>
>>>>> my http-conduit conf :
>>>>>
>>>>> <http:conduit name="*.http-conduit">
>>>>>
>>>>>        <http:tlsClientParameters secureSocketProtocol="TLS"
>>>>>
>>>>> disableCNCheck="true">
>>>>>
>>>>>          <sec:keyManagers keyPassword="password">
>>>>>
>>>>>               <sec:keyStore type="JKS" password="password"
>>>>>
>>>>>                    file="../classes/server.jks"/>
>>>>>
>>>>>          </sec:keyManagers>
>>>>>          <sec:trustManagers>
>>>>>
>>>>>              <sec:keyStore type="JKS" password="password"
>>>>>
>>>>>                   file="../classes/server.jks"/>
>>>>>
>>>>>          </sec:trustManagers>
>>>>>          <sec:cipherSuitesFilter>
>>>>>
>>>>>            <!-- these filters ensure that a ciphersuite with
>>>>>
>>>>>              export-suitable or null encryption is used,
>>>>>              but exclude anonymous Diffie-Hellman key
>>>>>              change as
>>>>>              this is vulnerable to man-in-the-middle
>>>>>              attacks -->
>>>>>
>>>>>            <sec:include>.*_EXPORT_.*</**sec:include>
>>>>>            <sec:include>.*_EXPORT1024_.*<**/sec:include>
>>>>>            <sec:include>.*_WITH_DES_.*</**sec:include>
>>>>>            <sec:include>.*_WITH_NULL_.*</**sec:include>
>>>>>            <sec:exclude>.*_DH_anon_.*</**sec:exclude>
>>>>>
>>>>>          </sec:cipherSuitesFilter>
>>>>>
>>>>>      </http:tlsClientParameters>
>>>>>      <http:authorization>
>>>>>
>>>>>         <sec:UserName>nandana</sec:**UserName>
>>>>>         <sec:Password>password</sec:**Password>
>>>>>
>>>>>      </http:authorization>
>>>>>      <http:client AutoRedirect="true" Connection="Keep-Alive"/>
>>>>>
>>>>>   </http:conduit>
>>>>>
>>>>> Thanks for your help
>>>>>
>>>>> Guillaume
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> * *
>>>>>
>>>>> * *
>>>>>
>>>>> *Guillaume JOUANJAN
>>>>> *
>>>>>
>>>>> *Chef de Projet Technique
>>>>> *
>>>>>
>>>>> *Email:*       gjouanjan@sqli.com   *<gjouanjan@sqli.com>*
>>>>>
>>>>> *Bureau:*   +33 (0)5 62 47 33 66
>>>>>
>>>>> *
>>>>> *
>>>>>
>>>>> *
>>>>> *
>>>>>
>>>>> *
>>>>> *
>>>>>
>>>>> *www.sqli.com*
>>>>>
>>>>> * *
>>>>>
>>>>> *
>>>>> *
>>>>>
>>>>> *SQLI Toulouse*
>>>>>
>>>>> 7 avenue Didier DAURAT
>>>>> BP 70118
>>>>> 31 704 BLAGNAC CEDEX
>>>>>
>>>>> *Standard:* +33 (0)5 62 47 70 70
>>>>> *Fax:*       +33 (0)5 62 47 70 71
>>>>>
>>>>> **
>>>>
>>>> ------------------------------**---------------
>>>> Freeman Fang
>>>>
>>>> FuseSource
>>>> Email:ffang@fusesource.com
>>>> Web: fusesource.com
>>>> Twitter: freemanfang
>>>> Blog: http://freemanfang.blogspot.**com
>>>> <http://freemanfang.blogspot.com>
>> --
>> Daniel Kulp
>> dkulp@apache.org
>> http://dankulp.com/blog
>> Talend - http://www.talend.com
>>
>
>
>


-- 
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog:    http://willemjiang.blogspot.com (English)
          http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang

Mime
View raw message