[JBossWS] - SSL & Authorization
by FabBoco
Hi guys,
I really need some directions from you.
I have a test ws:
| @Stateless
| @WebService(name = "wstest", serviceName = "wstest")
| @WebContext(contextRoot = "/ma", transportGuarantee="NONE", secureWSDLAccess = false)
| @Remote(WsTest.class)
| @RemoteBinding
| @SOAPBinding(style = SOAPBinding.Style.DOCUMENT)
| public class WsTestBean implements WsTest
| {
| Logger log = Logger.getLogger(WsTestBean.class);
|
| @WebMethod
| public String echo(String message)
| {
| return message;
| }
| }
|
deployed into Jboss 4.2.0
Using wsconsume I prepared the proxy and my client is able to call the ws:
| public class WsTestClient
| {
|
| public static void main(String[] args)
| {
| System.out.println("WsTest Client Start");
|
|
| Wstest_Service ws = new Wstest_Service();
|
| Wstest wsTest = ws.getWstestPort();
|
| System.out.println("Echo message: "+wsTest.echo("Ciao Ciao sono Fabrizio"));
|
| System.out.println("WsTest Client End");
| }
|
| }
|
What I have to do now (for a real application !) is:
1) use SSL
2) enforce authentication (only authorized user can call the ws)
I have changed the servers as follows:
|
| @WebContext(contextRoot = "/ma", transportGuarantee="CONFIDENTIAL", secureWSDLAccess = false)
|
|
and than the SSL should be ok. The ServiceEndpointAddress switch from http://.....?wsdl to https://.....?wsdl
Then I have tried to regenerate the proxy using wsconsume and I get the following error:
| failed to parse document at "https://fabocoxp2:8443/ma/WsTestBean?wsdl": javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
| at org.jboss.com.sun.tools.ws.processor.modeler.wsdl.WSDLModeler.buildModel(WSDLModeler.java:215)
| at org.jboss.com.sun.tools.ws.processor.config.ModelInfo.buildModel(ModelInfo.java:88)
| at org.jboss.com.sun.tools.ws.processor.Processor.runModeler(Processor.java:82)
| at org.jboss.com.sun.tools.ws.wscompile.CompileTool.run(CompileTool.java:543)
| at org.jboss.com.sun.tools.ws.util.ToolBase.run(ToolBase.java:57)
| at org.jboss.ws.tools.jaxws.impl.WSContractConsumerImpl$1.run(WSContractConsumerImpl.java:163)
| at org.jboss.ws.tools.jaxws.impl.WSContractConsumerImpl.consume(WSContractConsumerImpl.java:166)
| at org.jboss.ws.tools.jaxws.command.wsconsume.importServices(wsconsume.java:193)
| at org.jboss.ws.tools.jaxws.command.wsconsume.main(wsconsume.java:76)
| Caused by: failed to parse document at "https://fabocoxp2:8443/ma/WsTestBean?wsdl": javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
| at org.jboss.com.sun.tools.ws.wsdl.parser.WSDLParser.buildDocumentFromWSDL(WSDLParser.java:318)
| at org.jboss.com.sun.tools.ws.wsdl.parser.WSDLParser.parseDefinitions(WSDLParser.java:222)
| at org.jboss.com.sun.tools.ws.wsdl.parser.WSDLParser.parse(WSDLParser.java:213)
| at org.jboss.com.sun.tools.ws.processor.modeler.wsdl.WSDLModeler.buildModel(WSDLModeler.java:166)
| ... 8 more
| Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
| at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
| at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
| at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
| at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
| at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
| at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
| at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057)
| at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041)
| at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402)
| at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
| at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:938)
| at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
| at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
| at org.apache.xerces.impl.XMLVersionDetector.determineDocVersion(Unknown Source)
| at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
| at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
| at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
| at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
| at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
| at org.jboss.com.sun.tools.ws.wsdl.parser.WSDLParser.buildDocumentFromWSDL(WSDLParser.java:276)
| ... 11 more
| Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
| at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
| at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
| at sun.security.validator.Validator.validate(Validator.java:203)
| at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
| at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
| at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
| ... 30 more
| Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
| at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
| at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
| at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
| ... 35 more
| error: failed to parse document at "https://fabocoxp2:8443/ma/WsTestBean?wsdl": javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
|
I think that I have to put a certificate somewhere !
Reading documentation I realized that I have to configure:
boss-wsse-server.xml
and
jboss-wsse-client.xml
but I can't find a step-by-step procedure.
What about authorization ?
Thank you in advance for any help.
Regards
Fabrizio
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4069518#4069518
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4069518
17Â years, 2Â months
[JBoss Portal] - Problems with making changes on login page to apply
by rekrevs
I´m trying to do some modifycation to the JBoss loginpage and have some problems.
I have located the files fore the loginpage in "/jboss261/server/default/deploy/jboss-portal.sar/portal-server.war"
At first I tested to change the the path to one of the pictures in index.jsp, witch resulted in that the picture wasn´t visible on the loginpage. This is what I expected, no suprises.
But when I tried to get the picture back I had some problems. I changed back the path to the picture so it were correct. And re-deployed the index.jsp file on the sever, reloaded the loginpage in Explorer but the picture still isen´t visible.
I have had similar problems with other changes on the server. You change somthing on the server, it works fine, but when you want to change it back nothing happends.
Do you have to do something else besides re-deploy the login.jsp file to get the changes i had made to apply (make the picture visible again)?
/Sverker
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4069517#4069517
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4069517
17Â years, 2Â months
[Beginners Corner] - Problems modifying the jboss portal login page\Problems to c
by rekrevs
I´m trying to do some modifycation to the JBoss loginpage and have some problems.
I have located the files fore the loginpage in "/jboss261/server/default/deploy/jboss-portal.sar/portal-server.war"
At first I tested to change the the path to one of the pictures in index.jsp, witch resulted in that the picture wasn´t visible on the loginpage. This is what I expected, no suprises.
But when I tried to get the picture back I had some problems. I changed back the path to the picture so it were correct. And re-deployed the index.jsp file on the sever, reloaded the loginpage in Explorer but the picture still isen´t visible.
I have had similar problems with other changes on the server. You change somthing on the server, it works fine, but when you want to change it back nothing happends.
Do you have to do something else besides re-deploy the login.jsp file to get the changes i had made to apply (make the picture visible again)?
/Sverker
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4069515#4069515
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4069515
17Â years, 2Â months
[JBoss Portal] - Application Scope with Struts?
by nriihinen
Hey all. Im having an issue with Struts and or Freemarker. There are not nearly enough decent resources on the markup and I am wondering if someone can help me.
What I need to do is click on a link, and have it change the view in another portlet window. Assuming there are two portlets in the webapp, there should be no problem at least setting variables in the APPLICATION SCOPE and then writing conditionals. Can anyone tell me how i might go about this (any method). I want a tree navigation portlet that changes the page on the other portlet, but for now we can just assume its a simple list of links.
If you can help thatd be great. It would really help me to get somewhere with this and would be endlessly appreciated. The environment is irrelevant, but for the same of sticking to post standards, im on jboss 2.6 portal server, windows xp pro, no database connectivity in the current respect (though id use postgres), struts2, freemarker.
Thanks!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4069513#4069513
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4069513
17Â years, 2Â months
[JBoss jBPM] - when i end the TaskInstance, an LazyInitializationException o
by foolpcman
first,i want say sorry ,because i'm a Chinese and english isn't well.
i think you can know the folowing language:
when i do this:
RndfReport businessReport = new RndfReport();
| businessReport.setExampleName(example_name);
| businessReport.setExampleRemark(example_remark);
|
| JbpmConfiguration jbpmConfiguration = JbpmConfiguration.getInstance();
| JbpmContext jbpmContext = jbpmConfiguration.createJbpmContext();
| Session hsession = jbpmContext.getSessionFactory().openSession();
| Transaction transaction = hsession.beginTransaction();
| try {
|
| hsession.save(businessReport);
| transaction.commit();
| ProcessDefinition pd = jbpmContext.getGraphSession().findLatestProcessDefinition("RNDFProcess");
| ProcessInstance pi = pd.createProcessInstance();
| pi.getContextInstance().setVariable("username", from_username);
| TaskInstance ti = pi.getTaskMgmtInstance().createStartTaskInstance();
| ti.setVariable("report_id", businessReport.getReportId());
| ti.end();
| } catch (Exception e) {
| System.out.println("Unknown error in the SaveGo().");
| return_code = Property.SQL_ERROR;
| message = "?????????";
| event_type = "";
| e.getMessage();
| e.printStackTrace();
| transaction.rollback();
| }finally{
| hsession.close();
| jbpmContext.close();
| }
exception:15:06:16,671 [http8001-Processor25] ERROR LazyInitializationException : failed to lazily initialize a collection of role: org.jbpm.graph.def.Node.leavingTransitions, no session or session was closed
| org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: org.jbpm.graph.def.Node.leavingTransitions, no session or session was closed
| at org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationException(AbstractPersistentCollection.java:358)
| at org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationExceptionIfNotConnected(AbstractPersistentCollection.java:350)
| at org.hibernate.collection.AbstractPersistentCollection.readSize(AbstractPersistentCollection.java:97)
| at org.hibernate.collection.PersistentList.size(PersistentList.java:91)
| at org.jbpm.graph.def.Node.getDefaultLeavingTransition(Node.java:217)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.hibernate.proxy.pojo.cglib.CGLIBLazyInitializer.invoke(CGLIBLazyInitializer.java:147)
| at org.jbpm.graph.def.Node$$EnhancerByCGLIB$$57ae0d8c.getDefaultLeavingTransition(<generated>)
| at org.jbpm.graph.exe.Token.signal(Token.java:136)
| at org.jbpm.taskmgmt.exe.TaskInstance.end(TaskInstance.java:475)
| at org.jbpm.taskmgmt.exe.TaskInstance.end(TaskInstance.java:389)
| at buesiness.BusinessEngine.SaveGo(BusinessEngine.java:119)
| at buesiness.BusinessEngine.exectue(BusinessEngine.java:63)
| at org.apache.jsp.order_005fexec_jsp._jspService(order_005fexec_jsp.java:99)
| at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:133)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
| at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:311)
| at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:301)
| at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:248)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:284)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:204)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
| at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:563)
| at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:245)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:199)
| at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:563)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:195)
| at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:164)
| at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:149)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:563)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:156)
| at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:151)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:563)
| at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:972)
| at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:209)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:670)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:517)
| at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:575)
| at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:666)
| at java.lang.Thread.run(Thread.java:595)
thank you !!!!!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4069508#4069508
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4069508
17Â years, 2Â months