cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Jouanjan <gjouan...@sqli.com>
Subject Re: [JBoss][Spring][Apache CXF] Problems occuring when dynamic creation of client with wsdl in https
Date Tue, 30 Aug 2011 16:50:57 GMT
I've tried with this regex too and it doesn't work :'(

I've looking a lot of post on internet but it seems that i am the only one
who try to call dynamically web services in https :)

Guillaume

2011/8/30 Daniel Kulp <dkulp@apache.org>

>
> The "name" for the http-conduit thing in the config is a full regex.
> Thus,
> you should be able to do something like:
>
> <http-conf name="https.*">
> ....
>
> to match all the https endpoints.
>
> Dan
>
>
> On Tuesday, August 30, 2011 2:33:43 PM Guillaume Jouanjan wrote:
> > Hi
> >
> > I've tried this but i've got the same error.
> >
> > org.springframework.web.util.NestedServletException: Request
> > processing failed; nested exception is
> > org.apache.cxf.service.factory.ServiceConstructionException: Could not
> > resolve URL
> > "
> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endp
> > oint?wsdl".
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkSe
> > rvlet.java:656)
> >
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.ja
> > va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
> >       javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> >
> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.j
> > ava:96)
> >
> > *cause m�re*
> >
> > org.apache.cxf.service.factory.ServiceConstructionException: Could not
> > resolve URL
> > "
> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endp
> > oint?wsdl".
> >
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(DynamicClie
> > ntFactory.java:569)
> >
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
> > ientFactory.java:259)
> >
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
> > ientFactory.java:204)
> >
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
> > ientFactory.java:197)
> >
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicCl
> > ientFactory.java:152)
> >
> com.airbus.rmm.controller.ManualController.send(ManualController.java:172)
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >       sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> >       sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> >       java.lang.reflect.Method.invoke(Unknown Source)
> >
> org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invoke
> > HandlerMethod(HandlerMethodInvoker.java:176)
> >
> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapt
> > er.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:426)
> >
> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapt
> > er.handle(AnnotationMethodHandlerAdapter.java:414)
> >
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServ
> > let.java:790)
> >
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServl
> > et.java:719)
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkSe
> > rvlet.java:644)
> >
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.ja
> > va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
> >       javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> >
> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.j
> > ava:96)
> >
> > *cause m�re*
> >
> > javax.net.ssl.SSLHandshakeException:
> > java.security.cert.CertificateException: No subject alternative names
> > present
> >       com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
> >       com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
> >
> > The "mother cause" seems to be the
> >
> > Could not resolve URL
> > "
> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12Endpo
> > int?wsdl
> >
> > but with internet explorer the url is good (after accepting certificates)
> >
> > Moreover url of WSDL is calculated dynamically because end user set
> himself
> > via HMI the url of Web Service (i.e :
> > https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS) i only add the
> endpoint
> > + ? wsdl
> >
> > (i don't know if i can made a 'response to all', please say it me if i
> can't
> > ;) )
> >
> > Guillaume
> >
> > 2011/8/30 Freeman Fang <freeman.fang@gmail.com>
> >
> > > Hi,
> > >
> > > Looks like the error occurs when you try to download remote wsdl, which
> > > also need authentication.
> > > However the "{WSDL Namespace}portName" would never work for downloading
> > > the wsdl as the portName is unknown at that point.
> > > You need change your http:conduit like
> > > <http-conf:conduit
> > > name="https://10.33.30.138:**8443/.*<https://10.33.30.138:8443/.*> ">
> > >
> > >  the "https" prefix here is important.
> > >
> > > You can take a look at [1] to get more details there.
> > > [1]https://issues.apache.org/**jira/browse/CXF-3421<
> https://issues.apach
> > > e.org/jira/browse/CXF-3421>
> > >
> > > Freeman
> > >
> > > On 2011-8-30, at 下午4:18, Guillaume Jouanjan wrote:
> > >  Hello ,
> > >
> > >> First of all , sorry for my english , i'm a french developer.
> > >>
> > >> My goal is to call dynamically web services method using a WSDL (the
> > >> only information i have + name of methods)
> > >>
> > >> I've got a problem with the following code :
> > >>
> > >> String urlWsdl = "
> > >> https://10.33.30.138:8443/**eLBG-Server/WS/LogbookWS.**
> > >> LogbookWSHttpSoap12Endpoint?**wsdl<
> https://10.33.30.138:8443/eLBG-Serv
> > >> er/WS/LogbookWS.LogbookWSHttpSoap12Endpoint?wsdl> ";
> > >> JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.
> > >> newInstance();
> > >> Client clientWS = factory.createClient(urlWsdl);
> > >>
> > >> I've got the following error :
> > >>
> > >> 10:04:22,562 ERROR [[rmm-ata]] "Servlet.service()" pour la servlet
> > >> rmm-ata a
> > >> g´┐¢n´┐¢r´┐¢ une exception
> > >> java.security.cert.**CertificateException: No subject alternative
> > >> names
> > >> present
> > >>
> > >>       at sun.security.util.**HostnameChecker.matchIP(**Unknown
> > >>       Source)
> > >>       at sun.security.util.**HostnameChecker.match(Unknown
> > >>       Source)
> > >>       at
> > >>
> > >> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.**
> > >> checkIdentity(Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.**
> > >> checkServerTrusted(Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> com.sun.net.ssl.internal.ssl.**ClientHandshaker.**
> > >> serverCertificate(Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> com.sun.net.ssl.internal.ssl.**ClientHandshaker.**processMessage(Unkno
> > >> wn
> > >> Source)
> > >>
> > >>       at
> > >>       com.sun.net.ssl.internal.ssl.**Handshaker.processLoop(Unk
> > >>       nown
> > >>
> > >> Source)
> > >>
> > >>       at
> > >>       com.sun.net.ssl.internal.ssl.**Handshaker.process_record(
> > >>       **
> > >>
> > >> Unknown
> > >> Source)
> > >>
> > >>       at
> > >>       com.sun.net.ssl.internal.ssl.**SSLSocketImpl.readRecord(*
> > >>       *
> > >>
> > >> Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.**performInitialHandshake
> > >> (** Unknown
> > >> Source)
> > >>
> > >>       at
> > >>       com.sun.net.ssl.internal.ssl.**SSLSocketImpl.startHandsha
> > >>       ke(**
> > >>
> > >> Unknown
> > >> Source)
> > >>
> > >>       at
> > >>       com.sun.net.ssl.internal.ssl.**SSLSocketImpl.startHandsha
> > >>       ke(**
> > >>
> > >> Unknown
> > >> Source)
> > >>
> > >>       at
> > >>       sun.net.www.protocol.https.**HttpsClient.afterConnect(**U
> > >>       nknown
> > >>
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> sun.net.www.protocol.https.**AbstractDelegateHttpsURLConnec**
> > >> tion.connect(Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> sun.net.www.protocol.http.**HttpURLConnection.**getInputStream(Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> sun.net.www.protocol.https.**HttpsURLConnectionImpl.**
> > >> getInputStream(Unknown
> > >> Source)
> > >>
> > >>       at
> > >>
> > >> org.apache.cxf.resource.**URIResolver.tryFileSystem(**
> > >> URIResolver.java:167)
> > >>
> > >>       at org.apache.cxf.resource.**URIResolver.<init>(**
> > >>
> > >> URIResolver.java:90)
> > >>
> > >>       at
> > >>
> > >> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**composeUrl(**
> > >> DynamicClientFactory.java:561)
> > >>
> > >>       at
> > >>
> > >> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
> > >> **
> > >> DynamicClientFactory.java:259)
> > >>
> > >>       at
> > >>
> > >> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
> > >> **
> > >> DynamicClientFactory.java:204)
> > >>
> > >>       at
> > >>
> > >> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
> > >> **
> > >> DynamicClientFactory.java:197)
> > >>
> > >>       at
> > >>
> > >> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createClient(
> > >> **
> > >> DynamicClientFactory.java:152)
> > >>
> > >>       at
> > >>
> > >> com.airbus.rmm.controller.**ManualController.send(**
> > >> ManualController.java:174)
> > >>
> > >> I have specified a http conduit in spring configuration file but it
> > >> seems that information inside is not managed and the
> > >> disableCNCheck=false is still
> > >> active
> > >>
> > >> my http-conduit conf :
> > >>
> > >> <http:conduit name="*.http-conduit">
> > >>
> > >>       <http:tlsClientParameters secureSocketProtocol="TLS"
> > >>
> > >> disableCNCheck="true">
> > >>
> > >>         <sec:keyManagers keyPassword="password">
> > >>
> > >>              <sec:keyStore type="JKS" password="password"
> > >>
> > >>                   file="../classes/server.jks"/>
> > >>
> > >>         </sec:keyManagers>
> > >>         <sec:trustManagers>
> > >>
> > >>             <sec:keyStore type="JKS" password="password"
> > >>
> > >>                  file="../classes/server.jks"/>
> > >>
> > >>         </sec:trustManagers>
> > >>         <sec:cipherSuitesFilter>
> > >>
> > >>           <!-- these filters ensure that a ciphersuite with
> > >>
> > >>             export-suitable or null encryption is used,
> > >>             but exclude anonymous Diffie-Hellman key
> > >>             change as
> > >>             this is vulnerable to man-in-the-middle
> > >>             attacks -->
> > >>
> > >>           <sec:include>.*_EXPORT_.*</**sec:include>
> > >>           <sec:include>.*_EXPORT1024_.*<**/sec:include>
> > >>           <sec:include>.*_WITH_DES_.*</**sec:include>
> > >>           <sec:include>.*_WITH_NULL_.*</**sec:include>
> > >>           <sec:exclude>.*_DH_anon_.*</**sec:exclude>
> > >>
> > >>         </sec:cipherSuitesFilter>
> > >>
> > >>     </http:tlsClientParameters>
> > >>     <http:authorization>
> > >>
> > >>        <sec:UserName>nandana</sec:**UserName>
> > >>        <sec:Password>password</sec:**Password>
> > >>
> > >>     </http:authorization>
> > >>     <http:client AutoRedirect="true" Connection="Keep-Alive"/>
> > >>
> > >>  </http:conduit>
> > >>
> > >> Thanks for your help
> > >>
> > >> Guillaume
> > >>
> > >>
> > >> --
> > >>
> > >> * *
> > >>
> > >> * *
> > >>
> > >> *Guillaume JOUANJAN
> > >> *
> > >>
> > >> *Chef de Projet Technique
> > >> *
> > >>
> > >> *Email:*       gjouanjan@sqli.com   * <gjouanjan@sqli.com>*
> > >>
> > >> *Bureau:*   +33 (0)5 62 47 33 66
> > >>
> > >> *
> > >> *
> > >>
> > >> *
> > >> *
> > >>
> > >> *
> > >> *
> > >>
> > >> *www.sqli.com*
> > >>
> > >> * *
> > >>
> > >> *
> > >> *
> > >>
> > >> *SQLI Toulouse*
> > >>
> > >> 7 avenue Didier DAURAT
> > >> BP 70118
> > >> 31 704 BLAGNAC CEDEX
> > >>
> > >> *Standard:* +33 (0)5 62 47 70 70
> > >> *Fax:*       +33 (0)5 62 47 70 71
> > >>
> > >> **
> > >
> > > ------------------------------**---------------
> > > Freeman Fang
> > >
> > > FuseSource
> > > Email:ffang@fusesource.com
> > > Web: fusesource.com
> > > Twitter: freemanfang
> > > Blog: http://freemanfang.blogspot.**com
> > > <http://freemanfang.blogspot.com>
> --
> Daniel Kulp
> dkulp@apache.org
> http://dankulp.com/blog
> Talend - http://www.talend.com
>



-- 

 * *

* *

*Guillaume JOUANJAN
*

*Chef de Projet Technique
*

*Email:*       gjouanjan@sqli.com   * <gjouanjan@sqli.com>*
*Bureau:*   +33 (0)5 62 47 33 66

*
*

*
*

*
*

*www.sqli.com*

* *

*
*

*SQLI Toulouse*

7 avenue Didier DAURAT
BP 70118
31 704 BLAGNAC CEDEX

*Standard:* +33 (0)5 62 47 70 70
*Fax:*       +33 (0)5 62 47 70 71

**

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message