I have created a web service client in Java that was successfully calling a
web service using JAXB and a client proxy and using MTOM to send binary
data.
The service now requires SSL. After updating my client code to provide an
SSL connection, I can make calls successfully that don't require a binary
attachment, but the one that does require binary attachment blocks, waiting
for a response from the server. A response is never received from the
service. Eventually my client times out.
So, to summarize: I can make a request using SSL without MTOM. I can make a
request using MTOM without SSL. When I make a request using both SSL and
MTOM, the service seems to 'hang', the client blocks on the read, and the
client eventually times out.
Additional Information:
-- I can make the same service request but without providing the attachment
and it succeeds. (I get an error code indicating missing attachment back
from the server as expected.) I got debug output from this call (using
-Djavax.net.debug=all) and the call that blocks. The handshake seems to be
the same for both. The call that blocks stops just at the point where the
other call receives the actual SOAP response from the server. So, the
server seems to be blocked when unmarshalling, decrypting, or processing the
actual incoming SOAP request, not during the handshake.
-- There is a dev machine that has this service running without SSL. If I
call a development service that does not have SSL, the request using MTOM
does NOT block. My client does get a response.
-- There is test code that the service owners have that can successfully
call the request using SSL and MTOM, but they are using javax.xml.ws.Service
and configuring SSL using the system properties "javax.net.ssl.keyStore",
etc. (I can't use this, because within the same JVM, we are using more than
one key store to connect with different web services.)
-- The server side is not showing any errors or exceptions in the log. I
have been unable to get any help from the owners of the service to look into
where it is 'hung' on the server side.
The code to create the web service proxy is as follows:
private MyService getService() throws Exception {
SSLHelper.initializeConduitForSSL(new File("d:/keystore.jks"),
"jks", "changeit");
final JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(MyService.class);
factory.setAddress("https://"; + endPoint); // endpoint not shown in
this code
service = (MyService)factory.create();
final Client client = ClientProxy.getClient(service);
final HTTPConduit http = (HTTPConduit)client.getConduit();
http.setTlsClientParameters(SSLHelper.getTlsParams());
final Map<String, Object> ctxt =
((BindingProvider)publishingService).getRequestContext();
// Enable HTTP chunking mode, otherwise HttpURLConnection buffers
ctxt.put(JAXWSProperties.HTTP_CLIENT_STREAMING_CHUNK_SIZE, 8192);
return service;
}
To make a request, I call methods on the returned service object.
SSLHelper is my own class that handles the certificate setup. I believe
that part is not the issue, so I won't include that setup code here. (Since
I can make other requests with the same SSL configuration, and since the
handshake seems to succeed, I'm assuming this isn't the issue.)
For the MTOM call, the method takes an argument that is an instance of a
request class that has a field (with appropriate setter) specified as such:
@XmlElement(required = true)
@XmlMimeType("application/octet-stream")
private DataHandler dataHandler;
To initialize this class, I do the following:
File file = new File("c:\\somefile.jpg"); //
final DataSource dataSource = new FileDataSource(file);
request.setDataHandler(new DataHandler(dataSource));
DataHandler and FileDataSource are in javax.activation package.
I am using CXF 2.5.
I tried without the chunking and it made no difference.
--
View this message in context:
http://cxf.547215.n5.nabble.com/MTOM-SSL-Java-Server-hangs-when-calling-web-service-using-MTOM-and-SSL-via-Java-tp5712738.html
Sent from the cxf-user mailing list archive at Nabble.com.
