Overriding the default SecureSocketFactory in Axis

[Michael Bednarek <mi...@eu.citrix.com>]

Hello all,

I am using Axis 1.1 with some WSDL-generated client stubs, in order to talk
to a .NET web service. Communication over standard HTTP works just fine;
however, I would like communication over HTTPS to use a custom socket
factory that I have developed.

This seems to be quite poorly documented on the web, and there are only a
handful of related posts on the axis user list. But from what I can gather,
there are two ways of overriding the default secure socket factory:

- Set the system property "axis.socketSecureFactory" to your implementation
(this is undesirable as I am using the Axis libraries from a webapp and do
not wish to disturb other Axis apps which may reside on the same app
server).

- Package the custom secure socket factory into a JAR, together with a
service definition file (this is the approach I am attempting).

I have created my custom SecureSocketFactory implementation, say
my.secure.socketFactory, and put it into a JAR. I have added to this JAR the
service definition file:

org.apache.axis.components.net.SecureSocketFactory

which contains one line:

my.secure.socketFactory

Inside the JAR, the class is stored under my/secure/ and the service
definition file is stored under /META-INF/services/. I then add this JAR
file to all the other JARs I am using (which, because this is a web app,
live in /WEB-INF/lib).

However, from debugging my web app (and the Axis source), I see that when
the Axis SocketFactoryFactory is asked to create a SecureSocketFactory, it
still creates a JSSESocketFactory (the default). So it seems to be ignoring
my service provider, despite me thinking I have done all the right
things....

Does anyone have any ideas as to where I might be going wrong, or any
suggestions on alternative ways of accomplishing this?

Many thanks for your time,


Michael Bednarek