[jboss-user] [JBoss Web Services] - http still works when transportGuarantee is CONFIDENTIAL

Emil Nilimaa do-not-reply at jboss.com
Tue Jan 18 05:21:43 EST 2011

Emil Nilimaa [http://community.jboss.org/people/Eminil] created the discussion

"http still works when transportGuarantee is CONFIDENTIAL"

To view the discussion, visit: http://community.jboss.org/message/581509#581509

We have an EJB3 deployed as following:

@WebService(endpointInterface = "mystuff.ejb.system.SystemEJBRemote")

@RemoteBinding(clientBindUrl="sslsocket://", jndiBinding="SystemEJB")

In our deploy/jbossweb.sar/server.xml we have:

      <!-- Add this option to the connector to avoid problems with 
          .NET clients that don't implement HTTP/1.1 correctly 
         restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"

Now if we do not use the connector for port 80 above only https will work. But if we turn on the port 80 connector to allow other webpages to use http, the deployed EJB also seems to work with http over jbossws... Why is this? Is it not meant to REQUIRE confidential (ssl) to connect to it when we have specified the transportGuarantee as CONFIDENTIAL?

How can we fix this? We want the EJB to only be available with https (ssl) but let other pages

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110118/3d3ac376/attachment.html 

More information about the jboss-user mailing list