[jbossws-issues] [JBoss JIRA] Created: (JBWS-3081) HttpServletRequest.getScheme() returns null in one way webservice method

Jim Ma (JIRA) jira-events at lists.jboss.org
Tue Jul 6 00:50:46 EDT 2010 

HttpServletRequest.getScheme()  returns null in one way webservice method
-------------------------------------------------------------------------

                 Key: JBWS-3081
                 URL: https://jira.jboss.org/browse/JBWS-3081
             Project: JBoss Web Services
          Issue Type: Bug
      Security Level: Public (Everyone can see)
          Components: jbossws-cxf
            Reporter: Jim Ma
            Assignee: Jim Ma
             Fix For: jbossws-cxf-3.4.0


>From Andrew's post on forum: 

I ran into one other problem which does not break anything immediately but will be an issue for interoperability, specifically with Microsoft. When my services get an incoming request they normally need to hand back an endpoint for a continuation message. If the incoming request arrives via an https scheme URL then the endpoint for the the continuation should be created using an https scheme. So, in the WebMethod implementation I use code as follows to identify the request scheme

    @WebMethod(...)

    public void foo()

    {

        MessageContext ctx = webServiceCtx.getMessageContext();
        HttpServletRequest request = (HttpServletRequest)ctx.get(MessageContext.SERVLET_REQUEST);
        boolean isSecure = "https".equals(request.getScheme());

        . . .

The problem is that when foo is a OneWay method request.getScheme always returns null. Now this does not break anything (it did when I did the equals test the other way round which is why I spotted it :-) but it does mean that I always think the client is contacting the services via a non-secure URL. Now, Microsoft's WSTX always uses https and it will throw up if handed an http endpont for the continuation message. So, I need a reliable way to obtain the request scheme when the message is OneWay. Any ideas? Or do I have to raise a JIRA feature request for this?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jbossws-issues mailing list