On Wednesday, August 31, 2011 9:04:20 AM Willem Jiang wrote: > Maybe you can consider to download the WSDL by using common http client > and pass the WSDL url into the DynamicClientFactory to workaround this > kind of issue. > > BTW, I doubt that http-conf setting can't affect the WSDL4J which loads > the WSDL from the server. WSDL4J calls out to us to load the WSDL and we do use our own conduits for downloading them in the case of https. Thus, it should work fine.
HOWEVER, this is a bug in the DynamicClient. The dynamic client tries to validate the wsdlLocation (and turn it into a URL) prior to sending it into the CXF code and THAT part doesn't take into account the conduit settings. Can you log a JIRA for this? Dan > On 8/31/11 12:50 AM, Guillaume Jouanjan wrote: > > I've tried with this regex too and it doesn't work :'( > > > > I've looking a lot of post on internet but it seems that i am the only > > one who try to call dynamically web services in https :) > > > > Guillaume > > > > 2011/8/30 Daniel Kulp<[email protected]> > > > >> The "name" for the http-conduit thing in the config is a full regex. > >> Thus, > >> you should be able to do something like: > >> > >> <http-conf name="https.*"> > >> .... > >> > >> to match all the https endpoints. > >> > >> Dan > >> > >> On Tuesday, August 30, 2011 2:33:43 PM Guillaume Jouanjan wrote: > >>> Hi > >>> > >>> I've tried this but i've got the same error. > >>> > >>> org.springframework.web.util.NestedServletException: Request > >>> processing failed; nested exception is > >>> org.apache.cxf.service.factory.ServiceConstructionException: Could > >>> not > >>> resolve URL > >>> " > >> > >> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12 > >> Endp>> > >>> oint?wsdl". > >> > >> org.springframework.web.servlet.FrameworkServlet.processRequest(Framew > >> orkSe>> > >>> rvlet.java:656) > >> > >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServl > >> et.ja>> > >>> va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > >>> > >>> javax.servlet.http.HttpServlet.service(HttpServlet.jav > >>> a:717) > >> > >> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFil > >> ter.j>> > >>> ava:96) > >>> > >>> *cause m�re* > >>> > >>> org.apache.cxf.service.factory.ServiceConstructionException: Could > >>> not > >>> resolve URL > >>> " > >> > >> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12 > >> Endp>> > >>> oint?wsdl". > >> > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(Dynami > >> cClie>> > >>> ntFactory.java:569) > >> > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > >> micCl>> > >>> ientFactory.java:259) > >> > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > >> micCl>> > >>> ientFactory.java:204) > >> > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > >> micCl>> > >>> ientFactory.java:197) > >> > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > >> micCl>> > >>> ientFactory.java:152) > >> > >> com.airbus.rmm.controller.ManualController.send(ManualController.java: > >> 172)>> > >>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >>> > >>> sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > >>> Source) > >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknow > >>> n Source) > >>> java.lang.reflect.Method.invoke(Unknown Source) > >> > >> org.springframework.web.bind.annotation.support.HandlerMethodInvoker.i > >> nvoke>> > >>> HandlerMethod(HandlerMethodInvoker.java:176) > >> > >> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandler > >> Adapt>> > >>> er.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:426) > >> > >> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandler > >> Adapt>> > >>> er.handle(AnnotationMethodHandlerAdapter.java:414) > >> > >> org.springframework.web.servlet.DispatcherServlet.doDispatch(Dispatche > >> rServ>> > >>> let.java:790) > >> > >> org.springframework.web.servlet.DispatcherServlet.doService(Dispatcher > >> Servl>> > >>> et.java:719) > >> > >> org.springframework.web.servlet.FrameworkServlet.processRequest(Framew > >> orkSe>> > >>> rvlet.java:644) > >> > >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServl > >> et.ja>> > >>> va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > >>> > >>> javax.servlet.http.HttpServlet.service(HttpServlet.jav > >>> a:717) > >> > >> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFil > >> ter.j>> > >>> ava:96) > >>> > >>> *cause m�re* > >>> > >>> javax.net.ssl.SSLHandshakeException: > >>> java.security.cert.CertificateException: No subject alternative > >>> names > >>> present > >>> > >>> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Un > >>> known Source) > >>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unkn > >>> own Source)>>> > >>> The "mother cause" seems to be the > >>> > >>> Could not resolve URL > >>> " > >> > >> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12 > >> Endpo>> > >>> int?wsdl > >>> > >>> but with internet explorer the url is good (after accepting > >>> certificates) > >>> > >>> Moreover url of WSDL is calculated dynamically because end user set > >> > >> himself > >> > >>> via HMI the url of Web Service (i.e : > >>> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS) i only add the > >> > >> endpoint > >> > >>> + ? wsdl > >>> > >>> (i don't know if i can made a 'response to all', please say it me if > >>> i > >> > >> can't > >> > >>> ;) ) > >>> > >>> Guillaume > >>> > >>> 2011/8/30 Freeman Fang<[email protected]> > >>> > >>>> Hi, > >>>> > >>>> Looks like the error occurs when you try to download remote wsdl, > >>>> which also need authentication. > >>>> However the "{WSDL Namespace}portName" would never work for > >>>> downloading the wsdl as the portName is unknown at that point. > >>>> You need change your http:conduit like > >>>> <http-conf:conduit > >>>> name="https://10.33.30.138:**8443/.*<https://10.33.30.138:8443/.*> > >>>> "> > >>>> > >>>> the "https" prefix here is important. > >>>> > >>>> You can take a look at [1] to get more details there. > >>>> [1]https://issues.apache.org/**jira/browse/CXF-3421< > >> > >> https://issues.apach > >> > >>>> e.org/jira/browse/CXF-3421> > >>>> > >>>> Freeman > >>>> > >>>> On 2011-8-30, at 下午4:18, Guillaume Jouanjan wrote: > >>>> Hello , > >>>>> > >>>>> First of all , sorry for my english , i'm a french developer. > >>>>> > >>>>> My goal is to call dynamically web services method using a WSDL > >>>>> (the > >>>>> only information i have + name of methods) > >>>>> > >>>>> I've got a problem with the following code : > >>>>> > >>>>> String urlWsdl = " > >>>>> https://10.33.30.138:8443/**eLBG-Server/WS/LogbookWS.** > >>>>> LogbookWSHttpSoap12Endpoint?**wsdl< > >> > >> https://10.33.30.138:8443/eLBG-Serv > >> > >>>>> er/WS/LogbookWS.LogbookWSHttpSoap12Endpoint?wsdl> "; > >>>>> JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory. > >>>>> newInstance(); > >>>>> Client clientWS = factory.createClient(urlWsdl); > >>>>> > >>>>> I've got the following error : > >>>>> > >>>>> 10:04:22,562 ERROR [[rmm-ata]] "Servlet.service()" pour la > >>>>> servlet > >>>>> rmm-ata a > >>>>> g´┐¢n´┐¢r´┐¢ une exception > >>>>> java.security.cert.**CertificateException: No subject > >>>>> alternative > >>>>> names > >>>>> present > >>>>> > >>>>> at > >>>>> sun.security.util.**HostnameChecker.matchIP(**Unk > >>>>> nown > >>>>> Source) > >>>>> at > >>>>> sun.security.util.**HostnameChecker.match(Unknown > >>>>> Source) > >>>>> at > >>>>> > >>>>> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.** > >>>>> checkIdentity(Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.** > >>>>> checkServerTrusted(Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> com.sun.net.ssl.internal.ssl.**ClientHandshaker.** > >>>>> serverCertificate(Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> com.sun.net.ssl.internal.ssl.**ClientHandshaker.**processMessage > >>>>> (Unkno wn > >>>>> Source) > >>>>> > >>>>> at > >>>>> com.sun.net.ssl.internal.ssl.**Handshaker.processL > >>>>> oop(Unk > >>>>> nown > >>>>> > >>>>> Source) > >>>>> > >>>>> at > >>>>> com.sun.net.ssl.internal.ssl.**Handshaker.process_ > >>>>> record( > >>>>> ** > >>>>> > >>>>> Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.readR > >>>>> ecord(* > >>>>> * > >>>>> > >>>>> Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.**performInitialHan > >>>>> dshake (** Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.start > >>>>> Handsha > >>>>> ke(** > >>>>> > >>>>> Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.start > >>>>> Handsha > >>>>> ke(** > >>>>> > >>>>> Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> sun.net.www.protocol.https.**HttpsClient.afterConn > >>>>> ect(**U > >>>>> nknown > >>>>> > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> sun.net.www.protocol.https.**AbstractDelegateHttpsURLConnec** > >>>>> tion.connect(Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> sun.net.www.protocol.http.**HttpURLConnection.**getInputStream(U > >>>>> nknown Source) > >>>>> > >>>>> at > >>>>> > >>>>> sun.net.www.protocol.https.**HttpsURLConnectionImpl.** > >>>>> getInputStream(Unknown > >>>>> Source) > >>>>> > >>>>> at > >>>>> > >>>>> org.apache.cxf.resource.**URIResolver.tryFileSystem(** > >>>>> URIResolver.java:167) > >>>>> > >>>>> at org.apache.cxf.resource.**URIResolver.<init>(** > >>>>> > >>>>> URIResolver.java:90) > >>>>> > >>>>> at > >>>>> > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**compose > >>>>> Url(** DynamicClientFactory.java:561) > >>>>> > >>>>> at > >>>>> > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > >>>>> lient( ** > >>>>> DynamicClientFactory.java:259) > >>>>> > >>>>> at > >>>>> > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > >>>>> lient( ** > >>>>> DynamicClientFactory.java:204) > >>>>> > >>>>> at > >>>>> > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > >>>>> lient( ** > >>>>> DynamicClientFactory.java:197) > >>>>> > >>>>> at > >>>>> > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > >>>>> lient( ** > >>>>> DynamicClientFactory.java:152) > >>>>> > >>>>> at > >>>>> > >>>>> com.airbus.rmm.controller.**ManualController.send(** > >>>>> ManualController.java:174) > >>>>> > >>>>> I have specified a http conduit in spring configuration file but > >>>>> it > >>>>> seems that information inside is not managed and the > >>>>> disableCNCheck=false is still > >>>>> active > >>>>> > >>>>> my http-conduit conf : > >>>>> > >>>>> <http:conduit name="*.http-conduit"> > >>>>> > >>>>> <http:tlsClientParameters > >>>>> secureSocketProtocol="TLS" > >>>>> > >>>>> disableCNCheck="true"> > >>>>> > >>>>> <sec:keyManagers keyPassword="password"> > >>>>> > >>>>> <sec:keyStore type="JKS" > >>>>> password="password" > >>>>> > >>>>> file="../classes/server.jk > >>>>> s"/> > >>>>> > >>>>> </sec:keyManagers> > >>>>> <sec:trustManagers> > >>>>> > >>>>> <sec:keyStore type="JKS" > >>>>> password="password" > >>>>> > >>>>> file="../classes/server.jks" > >>>>> /> > >>>>> > >>>>> </sec:trustManagers> > >>>>> <sec:cipherSuitesFilter> > >>>>> > >>>>> <!-- these filters ensure that a > >>>>> ciphersuite with > >>>>> > >>>>> export-suitable or null encryption is > >>>>> used, > >>>>> but exclude anonymous Diffie-Hellman > >>>>> key > >>>>> change as > >>>>> this is vulnerable to > >>>>> man-in-the-middle > >>>>> attacks --> > >>>>> > >>>>> <sec:include>.*_EXPORT_.*</**sec:include> > >>>>> <sec:include>.*_EXPORT1024_.*<**/sec:inclu > >>>>> de> > >>>>> <sec:include>.*_WITH_DES_.*</**sec:include > >>>>> > > >>>>> <sec:include>.*_WITH_NULL_.*</**sec:includ > >>>>> e> > >>>>> <sec:exclude>.*_DH_anon_.*</**sec:exclude> > >>>>> > >>>>> </sec:cipherSuitesFilter> > >>>>> > >>>>> </http:tlsClientParameters> > >>>>> <http:authorization> > >>>>> > >>>>> <sec:UserName>nandana</sec:**UserName> > >>>>> <sec:Password>password</sec:**Password> > >>>>> > >>>>> </http:authorization> > >>>>> <http:client AutoRedirect="true" > >>>>> Connection="Keep-Alive"/> > >>>>> > >>>>> </http:conduit> > >>>>> > >>>>> Thanks for your help > >>>>> > >>>>> Guillaume > >>>>> > >>>>> > >>>>> -- > >>>>> > >>>>> * * > >>>>> > >>>>> * * > >>>>> > >>>>> *Guillaume JOUANJAN > >>>>> * > >>>>> > >>>>> *Chef de Projet Technique > >>>>> * > >>>>> > >>>>> *Email:* [email protected] *<[email protected]>* > >>>>> > >>>>> *Bureau:* +33 (0)5 62 47 33 66 > >>>>> > >>>>> * > >>>>> * > >>>>> > >>>>> * > >>>>> * > >>>>> > >>>>> * > >>>>> * > >>>>> > >>>>> *www.sqli.com* > >>>>> > >>>>> * * > >>>>> > >>>>> * > >>>>> * > >>>>> > >>>>> *SQLI Toulouse* > >>>>> > >>>>> 7 avenue Didier DAURAT > >>>>> BP 70118 > >>>>> 31 704 BLAGNAC CEDEX > >>>>> > >>>>> *Standard:* +33 (0)5 62 47 70 70 > >>>>> *Fax:* +33 (0)5 62 47 70 71 > >>>>> > >>>>> ** > >>>> > >>>> ------------------------------**--------------- > >>>> Freeman Fang > >>>> > >>>> FuseSource > >>>> Email:[email protected] > >>>> Web: fusesource.com > >>>> Twitter: freemanfang > >>>> Blog: http://freemanfang.blogspot.**com > >>>> <http://freemanfang.blogspot.com> > >> > >> -- > >> Daniel Kulp > >> [email protected] > >> http://dankulp.com/blog > >> Talend - http://www.talend.com -- Daniel Kulp [email protected] http://dankulp.com/blog Talend - http://www.talend.com
