[JBossWS] - SOAP 1.1 unbinding response message issue
by sbivol
Hi,
I'm getting this exception when jbossws processes the response message from a sample web service:
| Caused by: org.jboss.ws.WSException: Cannot find child element: result
| 00:43:23,128 ERROR [STDERR] at org.jboss.ws.core.CommonSOAPBinding.getParameterFromMessage(CommonSOAPBinding.java:749)
| 00:43:23,128 ERROR [STDERR] at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:486)
| 00:43:23,128 ERROR [STDERR] at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:312)
| 00:43:23,128 ERROR [STDERR] at org.jboss.ws.core.jaxrpc.CallImpl.invokeInternal(CallImpl.java:562)
| 00:43:23,128 ERROR [STDERR] ... 82 more
|
It seems that for rpc style operations, it is expected that the return value be in the 'result' element of the response message. If I read the SOAP 1.1 it does not mandate the name of the element containing the return value, but it does say that the first accessor of the response 'struct' must contain the return value (see bullet #5 and 6 at http://www.w3.org/TR/2000/NOTE-SOAP-20000508/#_Toc478383533).
Is my understanding correct? If so, for SOAP 1.1 rpc style operations, should getParameterFromMessage() try matching based on the type of the first element?
Thank you
Sergiu
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012020#4012020
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4012020
19 years, 2 months
[JBossWS] - Unscuring wsdl definition
by tremalnaik
Hello, I'm using jboss 4.0.2
I have deployed a simple web service, trying now to secure it. I added the following definitions in the web.xml
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>Protected service</web-resource-name>
| <description>no description</description>
| <url-pattern>/TestService</url-pattern>
| </web-resource-collection>
| <auth-constraint>
| <role-name>BITAStarUser</role-name>
| </auth-constraint>
| <user-data-constraint>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
|
| <login-config>
| <auth-method>BASIC</auth-method>
| </login-config>
|
| <security-role>
| <description>Intranet Bita Star user</description>
| <role-name>BITAStarUser</role-name>
| </security-role>
|
It protects all request matching /TestService, but it means that it protects the page /TestService?wsdl i.e. the wsdl file as well.
I'd like to avoid this, otherwise my simple test client will get a 401 error:
| String urlstr = "https://cor319:8443/BitaStarWebServices/TestService?wsdl";
| String argument = "claves";
| System.out.println("Contacting webservice at " + urlstr);
| URL url = new URL(urlstr);
| QName qname = new QName("https://ws.web.bitastar.bitaplus.com/", "TestService");
| ServiceFactory factory = ServiceFactory.newInstance();
| Service service = factory.createService(url, qname);
| WebServicesTestInt wst = (WebServicesTestInt) service.getPort(WebServicesTestInt.class);
|
Server returned HTTP response code: 401 for URL: https://cor319.cor-fs.com:8443/BitaStarWebServices/TestService?wsdl
I gave a look to the famous cap 13 of the Jboss WS guide on securing the endpoints, but it looks it's doing something too much for me: I don't need to define ejbs. I'm using a Jaas module configured in login-config.xml and jboss-web.xml looks like:
| <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
| <jboss-web>
| <security-domain>java:/jaas/bitastarRealm</security-domain>
| </jboss-web>
do you have any suggestions? Do you think what I'm doing has some sense? Can you point me to the right resources, please?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4011873#4011873
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4011873
19 years, 2 months