Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 62090 invoked from network); 1 Oct 2002 13:52:21 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 1 Oct 2002 13:52:21 -0000 Received: (qmail 14909 invoked by uid 97); 1 Oct 2002 13:52:46 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org Received: (qmail 14893 invoked by uid 97); 1 Oct 2002 13:52:45 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 14881 invoked by uid 98); 1 Oct 2002 13:52:45 -0000 X-Antivirus: nagoya (v4218 created Aug 14 2002) Message-ID: <4DD2850B3AE6D3119C03009027DE776A03B3549F@exchangeprod.hepcoe.com> From: "Cooperstock, Dan" To: 'Tomcat Users List' Subject: Tomcat, JSSE, JAXM SOAP Problem Date: Tue, 1 Oct 2002 09:51:45 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Sorry, I posted this yesterday, but my !?@# MS e-mail client insisted on sending it as HTML, and most of the posting was lost. It seems like a lot of people have asked questions similar to the following on this list, but never gotten a helpful answer. I'll be brave and post my version of it! I am using web services via the JAXM part of the Java XML pack. I have been using it successfully, both from a small scaffolding pure Java app with a main() method, and from within a JSP app running in Tomcat. So far, I have been accessing the web services via http. Now I want to access them via https (i.e. with secure encryption). So, as specified in couple of Java Web Services / SOAP books I bought, I installed JSSE, and added the following code to my app (before I call any web services): System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); I also then changed the URL I was calling the services on to an https URL. (The provider of the services allows calling of them either way, with http or https.) From the pure Java app with the main() method, this worked perfectly. Next, I copied exactly the same code changes (and yes, I've triple checked them!) into my JSP web app. I put the JSSE jar files in the proper Tomcat common/lib directory. I get an exception whose text is Bad URL: unknown protocol: https". Then I tried moving the JSSE jars from the Tomcat common\lib directory to c:\jdk1.3.1\jre\lib\ext, the extension directory. Now, I get the following exception: javax.xml.soap.SOAPException: java.security.PrivilegedActionException <> Any ideas? Is Tomcat somehow changing the technology that the JAXM stuff uses to call the service on the specified URL? How can I get around the PrivilegedActionException? By the way, since I'm not trying to run a secure copy of Tomcat, but rather just trying to access secure (https) web services as a client from within JSP pages running within Tomcat, I don't think anything about keystores or certificates will be relevant. This thought is confirmed by the fact that the plain Java main() program worked. Also, I created a keystore, and got my Tomcat working securely, but it didn't make any difference to this main problem. Another interesting "by the way" is that I have tried exactly the same thing with the Sun ONE Web Server serving as the JSP/Servlet container, rather than Tomcat, and I get exactly the same behaviour! ------------- Dan Cooperstock, Senior Technical Consultant, HEPCOE Credit Union dan.cooperstock@hepcoe.com 416-597-5055 -- To unsubscribe, e-mail: For additional commands, e-mail: