tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cooperstock, Dan" <dan.cooperst...@hepcoe.com>
Subject Tomcat, JSSE, JAXM SOAP Problem
Date Mon, 30 Sep 2002 21:06:42 GMT
It seems like a lot of people have asked questions similar to the following
on this list, but never gotten a helpful answer. I'll be brave and post my
version of it!

> I am using web services via the JAXM part of the Java XML pack. I have
> been using it successfully, both from a small scaffolding pure Java app
> with a main() method, and from within a JSP app running in Tomcat.
> 
> So far, I have been accessing the web services via http. Now I want to
> access them via https (i.e. with secure encryption). So, as specified in a
> couple of Java Web Services / SOAP books I bought, I installed JSSE, and
> added the following code to my app (before I call any web services):
>        
> System.setProperty("java.protocol.handler.pkgs",
> "com.sun.net.ssl.internal.www.protocol");
> Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
> 
> I also then changed the URL I was calling the services on to an https URL.
> (The provider of the services allows calling of them either way, with http
> or https.) From the pure Java app with the main() method, this worked
> perfectly.
> 
> Next, I copied exactly the same code changes (and yes, I've triple checked
> them!) into my JSP web app. I put the JSSE jar files in the proper Tomcat
> common/lib directory. I get an exception whose text is "Bad URL: unknown
> protocol: https".
> 
> Then I tried moving the JSSE jars from the Tomcat common\lib directory to
> c:\jdk1.3.1\jre\lib\ext, the extension directory. Now, I get the following
> exception:
> 
> javax.xml.soap.SOAPException: java.security.PrivilegedActionException
> <<javax.xml.soap.SOAPException: Message send failed>>
> 
> Any ideas? Is Tomcat somehow changing the technology that the JAXM stuff
> uses to call the service on the specified URL? How can I get around the
> PrivilegedActionException?
> 
> By the way, since I'm not trying to run a secure copy of Tomcat, but
> rather just trying to access secure (https) web services as a client from
> within JSP pages running within Tomcat, I don't think anything about
> keystores or certificates will be relevant. This thought is confirmed by
> the fact that the plain Java main() program worked. Also, I created a
> keystore, and got my Tomcat working securely, but it didn't make any
> difference to this main problem.
> 
Another interesting "by the way" is that I have tried exactly the same thing
with the Sun ONE Web Server serving as the JSP/Servlet container, rather
than Tomcat, and I get exactly the same behaviour!

Dan Cooperstock, Senior Technical Consultant, HEPCOE Credit Union
dan.cooperstock@hepcoe.com  416-597-5055

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message