tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cooperstock, Dan" <dan.cooperst...@hepcoe.com>
Subject Tomcat, JSSE, JAXM SOAP Problem
Date Tue, 01 Oct 2002 13:51:45 GMT
Sorry, I posted this yesterday, but my !?@# MS e-mail client insisted on
sending it as HTML, and most of the posting was lost.

It seems like a lot of people have asked questions similar to the following
on this list, but never gotten a helpful answer. I'll be brave and post my
version of it!

I am using web services via the JAXM part of the Java XML pack. I have been
using it successfully, both from a small scaffolding pure Java app with a
main() method, and from within a JSP app running in Tomcat.

So far, I have been accessing the web services via http. Now I want to
access them via https (i.e. with secure encryption). So, as specified in
couple of Java Web Services / SOAP books I bought, I installed JSSE, and
added the following code to my app (before I call any web services):
       
System.setProperty("java.protocol.handler.pkgs", 
   "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

I also then changed the URL I was calling the services on to an https URL.
(The provider of the services allows calling of them either way, with http
or https.) From the pure Java app with the main() method, this worked
perfectly.

Next, I copied exactly the same code changes (and yes, I've triple checked
them!) into my JSP web app. I put the JSSE jar files in the proper Tomcat
common/lib directory. I get an exception whose text is Bad URL: unknown
protocol: https".

Then I tried moving the JSSE jars from the Tomcat common\lib directory to
c:\jdk1.3.1\jre\lib\ext, the extension directory. Now, I get the following
exception:

javax.xml.soap.SOAPException: java.security.PrivilegedActionException
<<javax.xml.soap.SOAPException: Message send failed>>

Any ideas? Is Tomcat somehow changing the technology that the JAXM stuff
uses to call the service on the specified URL? How can I get around the
PrivilegedActionException?

By the way, since I'm not trying to run a secure copy of Tomcat, but rather
just trying to access secure (https) web services as a client from within
JSP pages running within Tomcat, I don't think anything about keystores or
certificates will be relevant. This thought is confirmed by the fact that
the plain Java main() program worked. Also, I created a keystore, and got my
Tomcat working securely, but it didn't make any difference to this main
problem.

Another interesting "by the way" is that I have tried exactly the same thing
with the Sun ONE Web Server serving as the JSP/Servlet container, rather
than Tomcat, and I get exactly the same behaviour!
-------------
Dan Cooperstock, Senior Technical Consultant, HEPCOE Credit Union
dan.cooperstock@hepcoe.com  416-597-5055


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message