cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Jouanjan <gjouan...@sqli.com>
Subject [JBoss][Spring][Apache CXF] Problems occuring when dynamic creation of client with wsdl in https
Date Tue, 30 Aug 2011 08:18:45 GMT
Hello ,

First of all , sorry for my english , i'm a french developer.

My goal is to call dynamically web services method using a WSDL (the only
information i have + name of methods)

I've got a problem with the following code :

String urlWsdl = "
https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endpoint?wsdl
";
JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.
newInstance();
Client clientWS = factory.createClient(urlWsdl);

I've got the following error :

10:04:22,562 ERROR [[rmm-ata]] "Servlet.service()" pour la servlet rmm-ata a
g´┐¢n´┐¢r´┐¢ une exception
java.security.cert.CertificateException: No subject alternative names
present
        at sun.security.util.HostnameChecker.matchIP(Unknown Source)
        at sun.security.util.HostnameChecker.match(Unknown Source)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkIdentity(Unknown
Source)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
Source)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
        at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
Source)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
        at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown
Source)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source)
        at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown
Source)
        at
org.apache.cxf.resource.URIResolver.tryFileSystem(URIResolver.java:167)
        at org.apache.cxf.resource.URIResolver.<init>(URIResolver.java:90)
        at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(DynamicClientFactory.java:561)
        at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:259)
        at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:204)
        at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:197)
        at
org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:152)
        at
com.airbus.rmm.controller.ManualController.send(ManualController.java:174)

I have specified a http conduit in spring configuration file but it seems
that information inside is not managed and the disableCNCheck=false is still
active

my http-conduit conf :

<http:conduit name="*.http-conduit">

        <http:tlsClientParameters secureSocketProtocol="TLS"
disableCNCheck="true">
          <sec:keyManagers keyPassword="password">
               <sec:keyStore type="JKS" password="password"
                    file="../classes/server.jks"/>
          </sec:keyManagers>
          <sec:trustManagers>
              <sec:keyStore type="JKS" password="password"
                   file="../classes/server.jks"/>
          </sec:trustManagers>
          <sec:cipherSuitesFilter>
            <!-- these filters ensure that a ciphersuite with
              export-suitable or null encryption is used,
              but exclude anonymous Diffie-Hellman key change as
              this is vulnerable to man-in-the-middle attacks -->
            <sec:include>.*_EXPORT_.*</sec:include>
            <sec:include>.*_EXPORT1024_.*</sec:include>
            <sec:include>.*_WITH_DES_.*</sec:include>
            <sec:include>.*_WITH_NULL_.*</sec:include>
            <sec:exclude>.*_DH_anon_.*</sec:exclude>
          </sec:cipherSuitesFilter>
      </http:tlsClientParameters>
      <http:authorization>
         <sec:UserName>nandana</sec:UserName>
         <sec:Password>password</sec:Password>
      </http:authorization>
      <http:client AutoRedirect="true" Connection="Keep-Alive"/>

   </http:conduit>


Thanks for your help

Guillaume


-- 

 * *

* *

*Guillaume JOUANJAN
*

*Chef de Projet Technique
*

*Email:*       gjouanjan@sqli.com   * <gjouanjan@sqli.com>*
*Bureau:*   +33 (0)5 62 47 33 66

*
*

*
*

*
*

*www.sqli.com*

* *

*
*

*SQLI Toulouse*

7 avenue Didier DAURAT
BP 70118
31 704 BLAGNAC CEDEX

*Standard:* +33 (0)5 62 47 70 70
*Fax:*       +33 (0)5 62 47 70 71

**

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message