domenica 1 aprile 2012

True ssl web service on jboss 4.2.x

Do you think that your web service responde really  over https port?
Setting https connector on jboss ( https jboss configuration )  is not really enougth , this is only the first configuration step.
Infact you may check if your web service endpoint  is exposed in http or in https from jboss ws console.
You may see a tipical web service miss-configuration in picture below which refers to jboss with https connector enabled but without any specific configuration over web service iteself (web service was created by @wsdl annotation).

You may notice that jboss exposes  wsdl file over an  https url,  but wsdl endpoint is an http path .
To fix this miss configuration issue you have to do two extra operations:
1-          Provide a web.xml file containing security constraints as follows:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="" xmlns:xsi="" xsi:schemaLocation="" version="2.4"> 



      <web-resource-name>All resources</web-resource-name>

2-          Modify  jboss-beans.xml file under $jboss_home\server\default\deploy\jbossws.sar\jbossws.beans\META-INF           
As follows:
  <!-- An abstraction of server configuration aspects. --> 
  <bean name="WSServerConfig" class="org.jboss.wsf.stack.jbws.NativeServerConfig">
    <property name="mbeanServer"><inject bean="WSMBeanServerLocator" property="mbeanServer"/></property>
    <property name="webServiceHost">${jboss.bind.address}</property>
    <property name="modifySOAPAddress">true</property>
                <property name="webServiceSecurePort">8443</property>
    <property name="webServicePort">8080</property>

Nessun commento:

Posta un commento