Hi, I'm new to CXF (2.6.1 with openjdk7), and I have a problem when dealing with SOAP 1.2 webservices with the DynamicClient.
First a little context. I'm programming a web vulnerability scanner. So during
web crawling, I get some WSDL definitions that I do not know anything about.
My goal with CXF is to:
- enumerate endpoints and operations with in/out parameters
- build SOAP HTTP requests (but not send the requests, I will do that with
other tools such as sqlmap, xml injection testers...)
So all is done programmatically, I have absolutely no precompiled classes that
would have been generated with wsdl2java or something, I do not know the
service name, etc..., since I do not know anything about the webservice priori
to lauching my scanner ! This is important, because if I correclty understand
CXF, not knowing anything about the service forbids me to use many CXF ways to
do.
My first approach was to only use the WSDL parser. This was working for both
SOAP 1.1 and SOAP 1.2 descriptions:
// Create the CXF bus
Bus bus = BusFactory.getThreadDefaultBus();
// grab the WSDL extension
WSDLManager wsdlManager = bus.getExtension(WSDLManager.class);
// Parse the WSDL
Definition def = wsdlManager.getDefinition(wsdlURL);
WSDLServiceBuilder builder = new WSDLServiceBuilder(bus);
List<ServiceInfo> services = builder.buildServices(def);
Then iterate over the ServiceInfo list to discover endpoints, namespaces, SOAP
version and operations. With this approach, I have to manually build my SOAP
requests (HTTP header and SOAP XML), dealing with the 2 SOAP version... This
is working, but this means manually dealing with all SOAP specificity to
ensure maximum compatibility (I do not know what the SOAP server is : axis,
.net, php nuSOAP...)
The second approach is to use CXF to generate the SOAP request instead of
building it manually. So I switched to using a (JaxWS)DynamicClient to build
classes on the fly. With this, I can still enumerate the ServiceInfo, and I
can invoke services, and use an interceptor to get the SOAP request content:
// Create the CXF bus
Bus bus = BusFactory.getThreadDefaultBus();
JaxWsDynamicClientFactory cf = JaxWsDynamicClientFactory.newInstance(bus);
Client wsClient = cf.createClient(wsdlURL);
List<ServiceInfo> services =
wsClient.getEndpoint().getService().getServiceInfos();
Then I simply use the wsClient.invoke(BOI, params...) method, using an
interceptor coupled with the SAAJOutInterceptor to gather the SOAP request and
the associated HTTP headers and abort before it's sent to the network.
This is working fine and I'm happy with this for SOAP 1.1 services.
But when I test this against a SOAP 1.2 WSDL such as the one attached (wich
describes 2 SOAP 1.2 endpoints), the JaxWsDynamicClientFactory throw me an
exception: "Only document-style SOAP 1.1 http are supported for auto-selection
of endpoint; none were found. !!"
So I cannot build the SOAP requests, and moreover I cannot even iterate over
the ServiceInfos, whereas I was able to do it using the with my first approach
with the WSDLManager/WSDLServiceBuilder.
The question is:
- Is there a way to build a DynamicClient for such SOAP 1.2 WSDL ?
- Or is there an other way to do this (always 100% programmatically and
dynamically, since I do not know anything about the service before executing
my crawler !)
Thank you very much for any help !!
--
Guillaume Castagnino
[email protected]
soap12-test.wsdl
Description: XML document
