Stephen Coy [https://community.jboss.org/people/sfcoy] created the discussion "MessageContext.WSDL_DESCRIPTION needs authentication?" To view the discussion, visit: https://community.jboss.org/message/774703#774703 -------------------------------------------------------------- Hi there, We have a server-side http://docs.oracle.com/javaee/6/api/javax/xml/ws/handler/LogicalHandler.html javax.xml.ws.handler.LogicalHandler in which we grab a URI reference to the WSDL using URI wsdlURI = (URI)messageContext.get(MessageContext.WSDL_DESCRIPTION); The associated web service is secured using standard servlet security mechanisms. The webservice itself declares a wsdlLocation: @WebService(serviceName = "AutoResponseService",             portName = "AutoResponseServicePort",             endpointInterface = "com.somecompany.ws.autoresponse.AutoResponseService",             wsdlLocation = "WEB-INF/wsdl/AutoResponse.wsdl",             targetNamespace = "http://ws.somcompany.com/AutoResponseService") @HandlerChain(file = "HandlerConfig.xml") public class AutoResponseServiceImpl implements AutoResponseService { ... } It seems that the JBossWS implementation returns an external http based URI to the WSDL *which needs to be authenticated* in order to be read. Other JAX-WS implementations do not do this, but in fact return a URI to the WSDL provided by the wsdlLocation attribute of the @WebService as shown above. This can safely be read without the need for (superfluous) authentication. How can we portably get access to the WSDL in a handler without the need to authenticate? Thanks -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/774703#774703] Start a new discussion in JBoss Web Services at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]