Ok thanks for the answer , i've created the JIRA CXF-3781<https://issues.apache.org/jira/browse/CXF-3781>
Regards, Guillaume 2011/8/31 Daniel Kulp <[email protected]> > On Wednesday, August 31, 2011 9:04:20 AM Willem Jiang wrote: > > Maybe you can consider to download the WSDL by using common http client > > and pass the WSDL url into the DynamicClientFactory to workaround this > > kind of issue. > > > > BTW, I doubt that http-conf setting can't affect the WSDL4J which loads > > the WSDL from the server. > > WSDL4J calls out to us to load the WSDL and we do use our own conduits for > downloading them in the case of https. Thus, it should work fine. > > HOWEVER, this is a bug in the DynamicClient. The dynamic client tries to > validate the wsdlLocation (and turn it into a URL) prior to sending it into > the CXF code and THAT part doesn't take into account the conduit settings. > > Can you log a JIRA for this? > > > Dan > > > > On 8/31/11 12:50 AM, Guillaume Jouanjan wrote: > > > I've tried with this regex too and it doesn't work :'( > > > > > > I've looking a lot of post on internet but it seems that i am the only > > > one who try to call dynamically web services in https :) > > > > > > Guillaume > > > > > > 2011/8/30 Daniel Kulp<[email protected]> > > > > > >> The "name" for the http-conduit thing in the config is a full regex. > > >> Thus, > > >> you should be able to do something like: > > >> > > >> <http-conf name="https.*"> > > >> .... > > >> > > >> to match all the https endpoints. > > >> > > >> Dan > > >> > > >> On Tuesday, August 30, 2011 2:33:43 PM Guillaume Jouanjan wrote: > > >>> Hi > > >>> > > >>> I've tried this but i've got the same error. > > >>> > > >>> org.springframework.web.util.NestedServletException: Request > > >>> processing failed; nested exception is > > >>> org.apache.cxf.service.factory.ServiceConstructionException: Could > > >>> not > > >>> resolve URL > > >>> " > > >> > > >> > https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12 > > >> Endp>> > > >>> oint?wsdl". > > >> > > >> org.springframework.web.servlet.FrameworkServlet.processRequest(Framew > > >> orkSe>> > > >>> rvlet.java:656) > > >> > > >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServl > > >> et.ja>> > > >>> va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > > >>> > > >>> javax.servlet.http.HttpServlet.service(HttpServlet.jav > > >>> a:717) > > >> > > >> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFil > > >> ter.j>> > > >>> ava:96) > > >>> > > >>> *cause m�re* > > >>> > > >>> org.apache.cxf.service.factory.ServiceConstructionException: Could > > >>> not > > >>> resolve URL > > >>> " > > >> > > >> > https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12 > > >> Endp>> > > >>> oint?wsdl". > > >> > > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.composeUrl(Dynami > > >> cClie>> > > >>> ntFactory.java:569) > > >> > > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > > >> micCl>> > > >>> ientFactory.java:259) > > >> > > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > > >> micCl>> > > >>> ientFactory.java:204) > > >> > > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > > >> micCl>> > > >>> ientFactory.java:197) > > >> > > >> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(Dyna > > >> micCl>> > > >>> ientFactory.java:152) > > >> > > >> com.airbus.rmm.controller.ManualController.send(ManualController.java: > > >> 172)>> > > >>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > >>> > > >>> sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > > >>> Source) > > >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknow > > >>> n Source) > > >>> java.lang.reflect.Method.invoke(Unknown Source) > > >> > > >> org.springframework.web.bind.annotation.support.HandlerMethodInvoker.i > > >> nvoke>> > > >>> HandlerMethod(HandlerMethodInvoker.java:176) > > >> > > >> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandler > > >> Adapt>> > > >>> er.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:426) > > >> > > >> org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandler > > >> Adapt>> > > >>> er.handle(AnnotationMethodHandlerAdapter.java:414) > > >> > > >> org.springframework.web.servlet.DispatcherServlet.doDispatch(Dispatche > > >> rServ>> > > >>> let.java:790) > > >> > > >> org.springframework.web.servlet.DispatcherServlet.doService(Dispatcher > > >> Servl>> > > >>> et.java:719) > > >> > > >> org.springframework.web.servlet.FrameworkServlet.processRequest(Framew > > >> orkSe>> > > >>> rvlet.java:644) > > >> > > >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServl > > >> et.ja>> > > >>> va:560) javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > > >>> > > >>> javax.servlet.http.HttpServlet.service(HttpServlet.jav > > >>> a:717) > > >> > > >> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFil > > >> ter.j>> > > >>> ava:96) > > >>> > > >>> *cause m�re* > > >>> > > >>> javax.net.ssl.SSLHandshakeException: > > >>> java.security.cert.CertificateException: No subject alternative > > >>> names > > >>> present > > >>> > > >>> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Un > > >>> known Source) > > >>> com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unkn > > >>> own Source)>>> > > >>> The "mother cause" seems to be the > > >>> > > >>> Could not resolve URL > > >>> " > > >> > > >> > https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS.LogbookWSHttpSoap12 > > >> Endpo>> > > >>> int?wsdl > > >>> > > >>> but with internet explorer the url is good (after accepting > > >>> certificates) > > >>> > > >>> Moreover url of WSDL is calculated dynamically because end user set > > >> > > >> himself > > >> > > >>> via HMI the url of Web Service (i.e : > > >>> https://10.33.30.138:8443/eLBG-Server/WS/LogbookWS) i only add the > > >> > > >> endpoint > > >> > > >>> + ? wsdl > > >>> > > >>> (i don't know if i can made a 'response to all', please say it me if > > >>> i > > >> > > >> can't > > >> > > >>> ;) ) > > >>> > > >>> Guillaume > > >>> > > >>> 2011/8/30 Freeman Fang<[email protected]> > > >>> > > >>>> Hi, > > >>>> > > >>>> Looks like the error occurs when you try to download remote wsdl, > > >>>> which also need authentication. > > >>>> However the "{WSDL Namespace}portName" would never work for > > >>>> downloading the wsdl as the portName is unknown at that point. > > >>>> You need change your http:conduit like > > >>>> <http-conf:conduit > > >>>> name="https://10.33.30.138:**8443/.*<https://10.33.30.138:8443/.*> > > >>>> "> > > >>>> > > >>>> the "https" prefix here is important. > > >>>> > > >>>> You can take a look at [1] to get more details there. > > >>>> [1]https://issues.apache.org/**jira/browse/CXF-3421< > > >> > > >> https://issues.apach > > >> > > >>>> e.org/jira/browse/CXF-3421> > > >>>> > > >>>> Freeman > > >>>> > > >>>> On 2011-8-30, at 下午4:18, Guillaume Jouanjan wrote: > > >>>> Hello , > > >>>>> > > >>>>> First of all , sorry for my english , i'm a french developer. > > >>>>> > > >>>>> My goal is to call dynamically web services method using a WSDL > > >>>>> (the > > >>>>> only information i have + name of methods) > > >>>>> > > >>>>> I've got a problem with the following code : > > >>>>> > > >>>>> String urlWsdl = " > > >>>>> https://10.33.30.138:8443/**eLBG-Server/WS/LogbookWS.** > > >>>>> LogbookWSHttpSoap12Endpoint?**wsdl< > > >> > > >> https://10.33.30.138:8443/eLBG-Serv > > >> > > >>>>> er/WS/LogbookWS.LogbookWSHttpSoap12Endpoint?wsdl> "; > > >>>>> JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory. > > >>>>> newInstance(); > > >>>>> Client clientWS = factory.createClient(urlWsdl); > > >>>>> > > >>>>> I've got the following error : > > >>>>> > > >>>>> 10:04:22,562 ERROR [[rmm-ata]] "Servlet.service()" pour la > > >>>>> servlet > > >>>>> rmm-ata a > > >>>>> g´┐¢n´┐¢r´┐¢ une exception > > >>>>> java.security.cert.**CertificateException: No subject > > >>>>> alternative > > >>>>> names > > >>>>> present > > >>>>> > > >>>>> at > > >>>>> sun.security.util.**HostnameChecker.matchIP(**Unk > > >>>>> nown > > >>>>> Source) > > >>>>> at > > >>>>> sun.security.util.**HostnameChecker.match(Unknown > > >>>>> Source) > > >>>>> at > > >>>>> > > >>>>> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.** > > >>>>> checkIdentity(Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> com.sun.net.ssl.internal.ssl.**X509TrustManagerImpl.** > > >>>>> checkServerTrusted(Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> com.sun.net.ssl.internal.ssl.**ClientHandshaker.** > > >>>>> serverCertificate(Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> com.sun.net.ssl.internal.ssl.**ClientHandshaker.**processMessage > > >>>>> (Unkno wn > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> com.sun.net.ssl.internal.ssl.**Handshaker.processL > > >>>>> oop(Unk > > >>>>> nown > > >>>>> > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> com.sun.net.ssl.internal.ssl.**Handshaker.process_ > > >>>>> record( > > >>>>> ** > > >>>>> > > >>>>> Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.readR > > >>>>> ecord(* > > >>>>> * > > >>>>> > > >>>>> Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.**performInitialHan > > >>>>> dshake (** Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.start > > >>>>> Handsha > > >>>>> ke(** > > >>>>> > > >>>>> Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> com.sun.net.ssl.internal.ssl.**SSLSocketImpl.start > > >>>>> Handsha > > >>>>> ke(** > > >>>>> > > >>>>> Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> sun.net.www.protocol.https.**HttpsClient.afterConn > > >>>>> ect(**U > > >>>>> nknown > > >>>>> > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> sun.net.www.protocol.https.**AbstractDelegateHttpsURLConnec** > > >>>>> tion.connect(Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> sun.net.www.protocol.http.**HttpURLConnection.**getInputStream(U > > >>>>> nknown Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> sun.net.www.protocol.https.**HttpsURLConnectionImpl.** > > >>>>> getInputStream(Unknown > > >>>>> Source) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> org.apache.cxf.resource.**URIResolver.tryFileSystem(** > > >>>>> URIResolver.java:167) > > >>>>> > > >>>>> at org.apache.cxf.resource.**URIResolver.<init>(** > > >>>>> > > >>>>> URIResolver.java:90) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**compose > > >>>>> Url(** DynamicClientFactory.java:561) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > > >>>>> lient( ** > > >>>>> DynamicClientFactory.java:259) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > > >>>>> lient( ** > > >>>>> DynamicClientFactory.java:204) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > > >>>>> lient( ** > > >>>>> DynamicClientFactory.java:197) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> org.apache.cxf.endpoint.**dynamic.DynamicClientFactory.**createC > > >>>>> lient( ** > > >>>>> DynamicClientFactory.java:152) > > >>>>> > > >>>>> at > > >>>>> > > >>>>> com.airbus.rmm.controller.**ManualController.send(** > > >>>>> ManualController.java:174) > > >>>>> > > >>>>> I have specified a http conduit in spring configuration file but > > >>>>> it > > >>>>> seems that information inside is not managed and the > > >>>>> disableCNCheck=false is still > > >>>>> active > > >>>>> > > >>>>> my http-conduit conf : > > >>>>> > > >>>>> <http:conduit name="*.http-conduit"> > > >>>>> > > >>>>> <http:tlsClientParameters > > >>>>> secureSocketProtocol="TLS" > > >>>>> > > >>>>> disableCNCheck="true"> > > >>>>> > > >>>>> <sec:keyManagers keyPassword="password"> > > >>>>> > > >>>>> <sec:keyStore type="JKS" > > >>>>> password="password" > > >>>>> > > >>>>> file="../classes/server.jk > > >>>>> s"/> > > >>>>> > > >>>>> </sec:keyManagers> > > >>>>> <sec:trustManagers> > > >>>>> > > >>>>> <sec:keyStore type="JKS" > > >>>>> password="password" > > >>>>> > > >>>>> file="../classes/server.jks" > > >>>>> /> > > >>>>> > > >>>>> </sec:trustManagers> > > >>>>> <sec:cipherSuitesFilter> > > >>>>> > > >>>>> <!-- these filters ensure that a > > >>>>> ciphersuite with > > >>>>> > > >>>>> export-suitable or null encryption is > > >>>>> used, > > >>>>> but exclude anonymous Diffie-Hellman > > >>>>> key > > >>>>> change as > > >>>>> this is vulnerable to > > >>>>> man-in-the-middle > > >>>>> attacks --> > > >>>>> > > >>>>> <sec:include>.*_EXPORT_.*</**sec:include> > > >>>>> <sec:include>.*_EXPORT1024_.*<**/sec:inclu > > >>>>> de> > > >>>>> <sec:include>.*_WITH_DES_.*</**sec:include > > >>>>> > > > >>>>> <sec:include>.*_WITH_NULL_.*</**sec:includ > > >>>>> e> > > >>>>> <sec:exclude>.*_DH_anon_.*</**sec:exclude> > > >>>>> > > >>>>> </sec:cipherSuitesFilter> > > >>>>> > > >>>>> </http:tlsClientParameters> > > >>>>> <http:authorization> > > >>>>> > > >>>>> <sec:UserName>nandana</sec:**UserName> > > >>>>> <sec:Password>password</sec:**Password> > > >>>>> > > >>>>> </http:authorization> > > >>>>> <http:client AutoRedirect="true" > > >>>>> Connection="Keep-Alive"/> > > >>>>> > > >>>>> </http:conduit> > > >>>>> > > >>>>> Thanks for your help > > >>>>> > > >>>>> Guillaume > > >>>>> > > >>>>> > > >>>>> -- > > >>>>> > > >>>>> * * > > >>>>> > > >>>>> * * > > >>>>> > > >>>>> *Guillaume JOUANJAN > > >>>>> * > > >>>>> > > >>>>> *Chef de Projet Technique > > >>>>> * > > >>>>> > > >>>>> *Email:* [email protected] *<[email protected]>* > > >>>>> > > >>>>> *Bureau:* +33 (0)5 62 47 33 66 > > >>>>> > > >>>>> * > > >>>>> * > > >>>>> > > >>>>> * > > >>>>> * > > >>>>> > > >>>>> * > > >>>>> * > > >>>>> > > >>>>> *www.sqli.com* > > >>>>> > > >>>>> * * > > >>>>> > > >>>>> * > > >>>>> * > > >>>>> > > >>>>> *SQLI Toulouse* > > >>>>> > > >>>>> 7 avenue Didier DAURAT > > >>>>> BP 70118 > > >>>>> 31 704 BLAGNAC CEDEX > > >>>>> > > >>>>> *Standard:* +33 (0)5 62 47 70 70 > > >>>>> *Fax:* +33 (0)5 62 47 70 71 > > >>>>> > > >>>>> ** > > >>>> > > >>>> ------------------------------**--------------- > > >>>> Freeman Fang > > >>>> > > >>>> FuseSource > > >>>> Email:[email protected] > > >>>> Web: fusesource.com > > >>>> Twitter: freemanfang > > >>>> Blog: http://freemanfang.blogspot.**com > > >>>> <http://freemanfang.blogspot.com> > > >> > > >> -- > > >> Daniel Kulp > > >> [email protected] > > >> http://dankulp.com/blog > > >> Talend - http://www.talend.com > -- > Daniel Kulp > [email protected] > http://dankulp.com/blog > Talend - http://www.talend.com > -- * * * * *Guillaume JOUANJAN * *Chef de Projet Technique * *Email:* [email protected] * <[email protected]>* *Bureau:* +33 (0)5 62 47 33 66 * * * * * * *www.sqli.com* * * * * *SQLI Toulouse* 7 avenue Didier DAURAT BP 70118 31 704 BLAGNAC CEDEX *Standard:* +33 (0)5 62 47 70 70 *Fax:* +33 (0)5 62 47 70 71 **
