[jbossws-issues] [JBoss JIRA] Updated: (JBWS-3081) HttpServletRequest.getScheme() returns null in one way webservice method

Tue Jul 6 00:52:46 EDT 2010

     [ https://jira.jboss.org/browse/JBWS-3081?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jim Ma updated JBWS-3081:
-------------------------

    Description: 
Look at if this is an issue in the cxf integration code. 

>From Andrew's post on forum: 

I ran into one other problem which does not break anything immediately but will be an issue for interoperability, specifically with Microsoft. When my services get an incoming request they normally need to hand back an endpoint for a continuation message. If the incoming request arrives via an https scheme URL then the endpoint for the the continuation should be created using an https scheme. So, in the WebMethod implementation I use code as follows to identify the request scheme

    @WebMethod(...)

    public void foo()

    {

        MessageContext ctx = webServiceCtx.getMessageContext();
        HttpServletRequest request = (HttpServletRequest)ctx.get(MessageContext.SERVLET_REQUEST);
        boolean isSecure = "https".equals(request.getScheme());

        . . .

The problem is that when foo is a OneWay method request.getScheme always returns null. Now this does not break anything (it did when I did the equals test the other way round which is why I spotted it :-) but it does mean that I always think the client is contacting the services via a non-secure URL. Now, Microsoft's WSTX always uses https and it will throw up if handed an http endpont for the continuation message. So, I need a reliable way to obtain the request scheme when the message is OneWay. Any ideas? Or do I have to raise a JIRA feature request for this?

  was:
>From Andrew's post on forum: 

I ran into one other problem which does not break anything immediately but will be an issue for interoperability, specifically with Microsoft. When my services get an incoming request they normally need to hand back an endpoint for a continuation message. If the incoming request arrives via an https scheme URL then the endpoint for the the continuation should be created using an https scheme. So, in the WebMethod implementation I use code as follows to identify the request scheme

    @WebMethod(...)

    public void foo()

    {

        MessageContext ctx = webServiceCtx.getMessageContext();
        HttpServletRequest request = (HttpServletRequest)ctx.get(MessageContext.SERVLET_REQUEST);
        boolean isSecure = "https".equals(request.getScheme());

        . . .

The problem is that when foo is a OneWay method request.getScheme always returns null. Now this does not break anything (it did when I did the equals test the other way round which is why I spotted it :-) but it does mean that I always think the client is contacting the services via a non-secure URL. Now, Microsoft's WSTX always uses https and it will throw up if handed an http endpont for the continuation message. So, I need a reliable way to obtain the request scheme when the message is OneWay. Any ideas? Or do I have to raise a JIRA feature request for this?

> HttpServletRequest.getScheme()  returns null in one way webservice method
> -------------------------------------------------------------------------
>
>                 Key: JBWS-3081
>                 URL: https://jira.jboss.org/browse/JBWS-3081
>             Project: JBoss Web Services
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: jbossws-cxf
>            Reporter: Jim Ma
>            Assignee: Jim Ma
>             Fix For: jbossws-cxf-3.4.0
>
>
> Look at if this is an issue in the cxf integration code. 
> From Andrew's post on forum: 
> I ran into one other problem which does not break anything immediately but will be an issue for interoperability, specifically with Microsoft. When my services get an incoming request they normally need to hand back an endpoint for a continuation message. If the incoming request arrives via an https scheme URL then the endpoint for the the continuation should be created using an https scheme. So, in the WebMethod implementation I use code as follows to identify the request scheme
>     @WebMethod(...)
>     public void foo()
>     {
>         MessageContext ctx = webServiceCtx.getMessageContext();
>         HttpServletRequest request = (HttpServletRequest)ctx.get(MessageContext.SERVLET_REQUEST);
>         boolean isSecure = "https".equals(request.getScheme());
>         . . .
> The problem is that when foo is a OneWay method request.getScheme always returns null. Now this does not break anything (it did when I did the equals test the other way round which is why I spotted it :-) but it does mean that I always think the client is contacting the services via a non-secure URL. Now, Microsoft's WSTX always uses https and it will throw up if handed an http endpont for the continuation message. So, I need a reliable way to obtain the request scheme when the message is OneWay. Any ideas? Or do I have to raise a JIRA feature request for this?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira