I don't think its something you can necessarily determine at the Servlet /
ServletContext. Since multiple pathes / Context can be routed to a single
servlet instance, it makes sense that you ask the request
(http://docs.oracle.com/javaee/6/api/javax/servlet/ServletRequest.html#isSecure())
________________________________________
From: Glen Mazza [gma...@talend.com]
Sent: Friday, January 20, 2012 9:15 AM
To: users@cxf.apache.org
Subject: Re: Https policy with spring
I don't know how accurate that is, that's why I was recommending asking
the Tomcat User's list. For what XiLai is asking for, 98% accurate
might not be good enough.
Glen
On 01/20/2012 12:02 PM, Sergey Beryozkin wrote:
> On 20/01/12 16:35, Glen Mazza wrote:
>> I'm not sure here--if I understand you correctly, a more generic version
>> of the question you're asking is "How can a servlet determine whether it
>> is being run over https:// or not?" This might be a question better
>> asked on the Tomcat user's list. If it is not possible for a servlet to
>> be able to determine that in a formal, rigorous manner (i.e., perhaps
>> servlets are sandboxed by the servlet container so they can't know
>> whether they're running over https), then at the web service provider
>> level I don't see how it can make that determination either.
>>
>
> Would checking the request URI and seeing if it starts with 'https' do ?
>
> Sergey
>
>> Glen
>>
>> On 01/19/2012 08:35 PM, XiLai Dai wrote:
>>> Thanks Colm and Glen!
>>>
>>> but maybe my question was not clear, what we want to do was checking
>>> if the Endpoint secured by policy after adding https policy to
>>> the<jaxws:endpoint>.
>>>
>>> the java codes used for checking looks like:
>>>
>>> private boolean isSecuredByPolicy(Server server) {
>>> boolean isSecured = false;
>>>
>>> EndpointInfo ei = server.getEndpoint().getEndpointInfo();
>>>
>>> PolicyEngine pe = bus.getExtension(PolicyEngine.class);
>>> if (null == pe) {
>>> LOG.finest("No Policy engine found");
>>> return isSecured;
>>> }
>>>
>>> Destination destination = server.getDestination();
>>> EndpointPolicy ep = pe.getServerEndpointPolicy(ei, destination);
>>> Collection<Assertion> assertions = ep.getChosenAlternative();
>>> for (Assertion a : assertions) {
>>> if (a instanceof TransportBinding) {
>>> TransportBinding tb = (TransportBinding)a;
>>> TransportToken tt = tb.getTransportToken();
>>> Token t = tt.getTransportToken();
>>> if (t instanceof HttpsToken) {
>>> isSecured = true;
>>> break;
>>> }
>>> }
>>> }
>>>
>>> Policy policy = ep.getPolicy();
>>> List<PolicyComponent> pcList = policy.getPolicyComponents();
>>> for (PolicyComponent a : pcList) {
>>> if (a instanceof TransportBinding) {
>>> TransportBinding tb = (TransportBinding)a;
>>> TransportToken tt = tb.getTransportToken();
>>> Token t = tt.getTransportToken();
>>> if (t instanceof HttpsToken) {
>>> isSecured = true;
>>> break;
>>> }
>>> }
>>> }
>>>
>>> return isSecured;
>>> }
>>>
>>> but the return value always false :(
>>>
>>> Thanks!
>>> Xilai
>>> ________________________________________
>>>
>>> Information on setting up Tomcat for SSL is here:
>>> http://www.jroller.com/gmazza/entry/ssl_for_web_services
>>>
>>> HTH,
>>> Glen
>>>
>>> On 01/19/2012 05:42 AM, Colm O hEigeartaigh wrote:
>>>> Hi,
>>>>
>>>>> It can be published with no error, but from the debugging there is
>>>>> no any Assertion found, so the Https transport didn't take effect.
>>>> The policy looks ok - how are you setting up the TLS endpoint though?
>>>> Adding a TransportBinding policy does not set up TLS, it's up to the
>>>> container to do that, or else you can add a "httpj:engine-factory"
>>>> configuration if using Jetty.
>>>>
>>>> Colm.
>>>>
>>>> On Thu, Jan 19, 2012 at 4:00 AM, XiLai Dai<xl...@talend.com> wrote:
>>>>> Hello,
>>>>>
>>>>> We have a jaxws:endpoint defined like this:
>>>>> <jaxws:endpoint xmlns:tns="http://my.org/examples/";
>>>>> id="greeter_Https"
>>>>> implementor="demo.service.Greeter_HttpsImpl"
>>>>> serviceName="tns:Greeter_HttpsService"
>>>>> address="/Greeter_HttpsService">
>>>>> <jaxws:features>
>>>>> <p:policies>
>>>>> <wsp:Policy>
>>>>> <wsp:ExactlyOne>
>>>>> <wsp:All>
>>>>> <sp:TransportBinding
>>>>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>>>>> <wsp:Policy>
>>>>> <sp:TransportToken>
>>>>> <wsp:Policy>
>>>>> <sp:HttpsToken RequireClientCertificate="false"/>
>>>>> </wsp:Policy>
>>>>> </sp:TransportToken>
>>>>> </wsp:Policy>
>>>>> </sp:TransportBinding>
>>>>> </wsp:All>
>>>>> </wsp:ExactlyOne>
>>>>> </wsp:Policy>
>>>>> </p:policies>
>>>>> </jaxws:features>
>>>>> </jaxws:endpoint>
>>>>>
>>>>> It can be published with no error, but from the debugging there is
>>>>> no any Assertion found, so the Https transport didn't take effect.
>>>>> Can someone take a look what's wrong with the definition of policy?
>>>>> Thanks in advance.
>>>>>
>>>>> Regards.
>>>>> Xilai
>>>>
>>>
>>> --
>>> Glen Mazza
>>> Talend Community Coders - coders.talend.com
>>> blog: www.jroller.com/gmazza
>>>
>>
>>
>
>
--
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza
