You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by ha...@raceeend-2.demon.nl on 2008/09/10 14:35:54 UTC
java.io.IOException: Illegal Protocol http for HTTPS URLConnection
Factory
Hallo,
I want to access a Webservice over HTTPS.
In order to do so I configured the 'http:conduit' element in my cxf.xml.
This cxf.xml is used by a webservice client inside of a servlet, so
I put the cxf.xml beneath the .../WEB-INF/classes directory.
The Service en port Object can be created without any problems.
But as soon as I call a method in the webservice, I get an Exception
concerning the use of 'http' protocol (see below).
Here are my web.xml and the cxf.xml
............... web.xml ...............................................
<?xml version="1.0" encoding="UTF-8"?>
<web-app
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="MyClient"
version="2.5">
<display-name>MyClient</display-name>
<context-param>
<param-name>webAppRootKey</param-name>
<param-value>MyClient</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.util.Log4jConfigListener
</listener-class>
</listener>
<servlet>
<servlet-name>SomeServlet</servlet-name>
<servlet-class>
some.other.example.SomeServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SomeServlet</servlet-name>
<url-pattern>/SomeServlet</url-pattern>
</servlet-mapping>
</web-app>
............... cxf.xml ...............................................
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
xmlns:cxf="http://cxf.apache.org/core"
xsi:schemaLocation="
http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
<http:conduit name="{http://this.is.my.namespace}MyPort.http-conduit">
<http:tlsClientParameters secureSocketProtocol="SSL">
<sec:keyManagers keyPassword="topsecret">
<sec:keyStore type="JKS" password="topsecret" file="/opt/tomcat/conf/tpay/mykeystore.keystore"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="changeit" file="/opt/tomcat/conf/tpay/mytruststore.keystore"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
<http:client ContentType="text/xml"/>
</http:conduit>
</beans>
............... the code with the webservice call ...............................................
QName myWebServiceName =
new QName("http://this.is.my.namespace", "MyWebService");
wsdlURL = new URL("https://this.is.my.namespace/services/MyService" + "?wsdl");
myWebService = new WebService(wsdlURL, myWebServiceName );
port = myWebService .getMyPort();
............... the Exception ...............................................
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
at org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:48)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:177)
at $Proxy35.delete(Unknown Source)
at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.delete(Unknown Source)
at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.doPost(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.io.IOException: Illegal Protocol http for HTTPS URLConnection Factory.
at org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:124)
at org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:480)
at org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
... 22 more
I have tried to add i.e. 'secureSocketProtocol="SSL"' to the 'http:tlsClientParameters' element in the cxf file, but nothings helps.
The problem is somewhere in my configuration, but I cannot solve it due to lack of sensible documentation.
Also I cannot verify (in logs) of the cxf.xml is really evaluated.
Any Help would be welcome.
Harry
Re: java.io.IOException: Illegal Protocol http for HTTPS
URLConnection Factory
Posted by ha...@raceeend-2.demon.nl.
My SOAP Client still gets the same Exception:
Illegal Protocol http for HTTPS URLConnection Factory
I have left the config solution (http-conduit in cxf.xml) and did all programmatically:
same result: Illegal Protocol http for HTTPS URLConnection Factory
What am I doing wrong?
I created a Webservice, derived the port and the client.
Then I created a TLSClientParameters object, added TrustManagers, and CipherSuitesFilter.
Finally I took the HTTPConduit from the client and added the TLSClientParameters object.
Everything as described in the examples.
Is it impossible to use HTTPS with cxf 2.1?
Here is the code, please give some hint...
......................... code .....................................
private EconomyEndpoint getSSLPort() {
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setSecureSocketProtocol("SSL");
tlsParams.setDisableCNCheck(true);
String truststorePassword = micromoneyProperties.getProperty("economy.truststore.password");
log.info("MicroMoney Keystore Password = ********");
String microMoneyPropertiesDir = System.getProperty("catalina.home") + "/conf/tpay/micromoney/";
String truststoreFilename = micromoneyProperties.getProperty("economy.truststore.filename");
String truststorePath = microMoneyPropertiesDir + truststoreFilename;
log.info("MicroMoney Truststore Filename = " + truststorePath);
File truststoreFile = new File(truststorePath);
try {
// Set Truststore
KeyStore truststore = KeyStore.getInstance("JKS");
truststore.load(new FileInputStream(truststoreFile), truststorePassword.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(truststore);
TrustManager[] trustManager = trustManagerFactory.getTrustManagers();
tlsParams.setTrustManagers(trustManager);
} catch (NoSuchAlgorithmException e) {
log.debug(e);
} catch (CertificateException e) {
log.debug(e);
} catch (FileNotFoundException e) {
log.debug(e);
} catch (IOException e) {
log.debug(e);
} catch (KeyStoreException e) {
log.debug(e);
}
// Set Filters
FiltersType filter = new FiltersType();
filter.getInclude().add(".*_EXPORT_.*");
filter.getInclude().add(".*_EXPORT1024_.*");
filter.getInclude().add(".*_WITH_DES_.*");
filter.getInclude().add(".*_WITH_NULL_.*");
filter.getExclude().add(".*_DH_anon_.*");
tlsParams.setCipherSuitesFilter(filter);
// Create Service
String externeMicroMoneyUrl = micromoneyProperties.getProperty("economy.externe.url");
log.info("Externe MicroMoney Url = " + externeMicroMoneyUrl);
URL wsdlURL = null;
try {
wsdlURL = new URL(externeMicroMoneyUrl + "?wsdl");
} catch (MalformedURLException e) {
log.debug(e);
}
EconomyService economyService = new EconomyService(wsdlURL, economyServiceName);
EconomyEndpoint port = economyService.getEconomyPort();
Client cxfClient = ClientProxy.getClient(port);
log.debug("economy Service = " + economyService);
log.debug("economy Port = " + port);
// Add HttpConduit
HTTPConduit httpConduit = (HTTPConduit)cxfClient.getConduit();
httpConduit.setTlsClientParameters(tlsParams);
return port;
}
.................................
Then when doing this:
EconomyEndpoint port = getSSLPort();
port.create(); <<<<< Re: java.io.IOException: Illegal Protocol http for HTTPS URLConnection Factory
> Hi Glenn,
>
> Sorry but the SOAP Client (Webservice Client) is INSIDE of the servlet.
> The servlet itself is accessed over normal HTTP, whereas this SOAP Client
> tries to communicate with some WebService over HTTPS.
>
> For the sake of clarity, here is (partly) the servlet code:
>
> ................ servlet ...........................................
>
> public class MyWebServiceClient extends HttpServlet { <<<< communicates over HTTP
>
> public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
> .
> .
> .
> MyPort port;
>
> try {
> URL wsdlURL = null;
> try {
> wsdlURL = new URL(externeMicroMoneyUrl + "?wsdl");
> } catch (MalformedURLException e) {
> e.printStackTrace();
> }
> MyWebService ss = new MyWebService(wsdlURL, myWebServiceName); <<<< communicates over HTTPS
> port = ss.getMyPort();
> } catch (Exception e) {
> log.debug(e);
> }
> // I put this extra logging, because I suspected the cxf.xml is not read
> String config = System.getProperty("cxf.config.file");
> log.debug("Credentials from " + (config != null ? config : "cxf.config.file NOT set") + " will be used for the invocation.");
>>>> // Here the logging says "cxf.config.file NOT set" during execution.
>
> port.create();
> .
> .
> .
> }
>
> }
>
> To my opinion the cxf.xml file is not read, all be it in the classpath (beneath .../WEB-INF/classes).
> So the problem remains that I have a SOAP Client (standalone or in a servlet, whatever) that refuses to
> communicate over HTTPS. After all I do not understand why the cxf.xml is not read.
>
> The other point(#5), 'using https://', is something that I cannot change, because the WSDL is read from
> the remote server anytime when I create myWebService.
>
> But I used a copy of the WSDL in order to generate my client stubs etc..
> In fact it is a bit weird that I use the remote wsdl again in creating the service:
> I have allready generated the stubs, so I only have to supply the actual endpoint at execution time.
>
>
>>
>> http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic ?
>>
>> I would update your web.xml to require SSL (see step #4 above, and alter the
>> WSDL that your client is reading to use https:// instead of http:// -- step
>> #5 above).
>>
>> HTH,
>> Glen
>>
>>
>> harryvanrijn wrote:
>>>
>>> Hallo,
>>>
>>> I want to access a Webservice over HTTPS.
>>>
>>> In order to do so I configured the 'http:conduit' element in my cxf.xml.
>>>
>>> This cxf.xml is used by a webservice client inside of a servlet, so
>>> I put the cxf.xml beneath the .../WEB-INF/classes directory.
>>>
>>> The Service en port Object can be created without any problems.
>>> But as soon as I call a method in the webservice, I get an Exception
>>> concerning the use of 'http' protocol (see below).
>>>
>>> Here are my web.xml and the cxf.xml
>>>
>>> ............... web.xml ...............................................
>>>
>>> <?xml version="1.0" encoding="UTF-8"?>
>>> <web-app
>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>>> xmlns="http://java.sun.com/xml/ns/javaee"
>>> xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
>>> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
>>> http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
>>> id="MyClient"
>>> version="2.5">
>>>
>>> <display-name>MyClient</display-name>
>>>
>>> <context-param>
>>> <param-name>webAppRootKey</param-name>
>>> <param-value>MyClient</param-value>
>>> </context-param>
>>>
>>> <listener>
>>> <listener-class>
>>> org.springframework.web.util.Log4jConfigListener
>>> </listener-class>
>>> </listener>
>>>
>>> <servlet>
>>> <servlet-name>SomeServlet</servlet-name>
>>> <servlet-class>
>>> some.other.example.SomeServlet
>>> </servlet-class>
>>> </servlet>
>>> <servlet-mapping>
>>> <servlet-name>SomeServlet</servlet-name>
>>> <url-pattern>/SomeServlet</url-pattern>
>>> </servlet-mapping>
>>>
>>> </web-app>
>>>
>>> ............... cxf.xml ...............................................
>>>
>>> <beans
>>> xmlns="http://www.springframework.org/schema/beans"
>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>>> xmlns:sec="http://cxf.apache.org/configuration/security"
>>> xmlns:http="http://cxf.apache.org/transports/http/configuration"
>>> xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
>>> xmlns:cxf="http://cxf.apache.org/core"
>>> xsi:schemaLocation="
>>> http://cxf.apache.org/core
>>> http://cxf.apache.org/schemas/core.xsd
>>> http://cxf.apache.org/configuration/security
>>> http://cxf.apache.org/schemas/configuration/security.xsd
>>> http://cxf.apache.org/transports/http/configuration
>>> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>>> http://www.springframework.org/schema/beans
>>> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
>>>
>>> <http:conduit name="{http://this.is.my.namespace}MyPort.http-conduit">
>>>
>>> <http:tlsClientParameters secureSocketProtocol="SSL">
>>> <sec:keyManagers keyPassword="topsecret">
>>> <sec:keyStore type="JKS" password="topsecret"
>>> file="/opt/tomcat/conf/tpay/mykeystore.keystore"/>
>>> </sec:keyManagers>
>>> <sec:trustManagers>
>>> <sec:keyStore type="JKS" password="changeit"
>>> file="/opt/tomcat/conf/tpay/mytruststore.keystore"/>
>>> </sec:trustManagers>
>>>
>>> <sec:cipherSuitesFilter>
>>> <!-- these filters ensure that a ciphersuite with
>>> export-suitable or null encryption is used,
>>> but exclude anonymous Diffie-Hellman key change as
>>> this is vulnerable to man-in-the-middle attacks -->
>>> <sec:include>.*_EXPORT_.*</sec:include>
>>> <sec:include>.*_EXPORT1024_.*</sec:include>
>>> <sec:include>.*_WITH_DES_.*</sec:include>
>>> <sec:include>.*_WITH_NULL_.*</sec:include>
>>> <sec:exclude>.*_DH_anon_.*</sec:exclude>
>>> </sec:cipherSuitesFilter>
>>> </http:tlsClientParameters>
>>>
>>> <http:client ContentType="text/xml"/>
>>>
>>> </http:conduit>
>>>
>>> </beans>
>>>
>>> ............... the code with the webservice call
>>> ...............................................
>>>
>>> QName myWebServiceName =
>>> new QName("http://this.is.my.namespace", "MyWebService");
>>> wsdlURL = new URL("https://this.is.my.namespace/services/MyService" +
>>> "?wsdl");
>>>
>>> myWebService = new WebService(wsdlURL, myWebServiceName );
>>> port = myWebService .getMyPort();
>>>
>>> ............... the Exception
>>> ...............................................
>>>
>>> INFO: Interceptor has thrown exception, unwinding now
>>> org.apache.cxf.interceptor.Fault: Could not send Message.
>>> at
>>> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:48)
>>> at
>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
>>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:177)
>>> at $Proxy35.delete(Unknown Source)
>>> at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.delete(Unknown
>>> Source)
>>> at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.doPost(Unknown
>>> Source)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>> at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>>> at
>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
>>> at
>>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
>>> at
>>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
>>> at java.lang.Thread.run(Thread.java:619)
>>> Caused by: java.io.IOException: Illegal Protocol http for HTTPS
>>> URLConnection Factory.
>>> at
>>> org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:124)
>>> at
>>> org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:480)
>>> at
>>> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
>>> ... 22 more
>>>
>>> I have tried to add i.e. 'secureSocketProtocol="SSL"' to the
>>> 'http:tlsClientParameters' element in the cxf file, but nothings helps.
>>> The problem is somewhere in my configuration, but I cannot solve it due to
>>> lack of sensible documentation.
>>> Also I cannot verify (in logs) of the cxf.xml is really evaluated.
>>> Any Help would be welcome.
>>>
>>> Harry
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/java.io.IOException%3A-Illegal-Protocol-http-for-HTTPS-URLConnection--Factory-tp19412659p19414334.html
>> Sent from the cxf-user mailing list archive at Nabble.com.
>>
>>
>
>
Re: java.io.IOException: Illegal Protocol http for HTTPS
URLConnection Factory
Posted by ha...@raceeend-2.demon.nl.
>
>
> harryvanrijn wrote:
>>
>> To my opinion the cxf.xml file is not read, all be it in the classpath
>> (beneath .../WEB-INF/classes).
>> So the problem remains that I have a SOAP Client (standalone or in a
>> servlet, whatever) that refuses to
>> communicate over HTTPS. After all I do not understand why the cxf.xml is
>> not read.
>>
>
> You might want to confirm if that is a problem, by doing some dependency
> injection from your cxf.xml to your SOAP client, e.g., passing in a string
> ("Hello World!") from the cxf.xml to your client code, and having the latter
> output or log that value. Does it get that message?
>
> BTW, here's an alternative to client creation that might fix your
> problem--look at here:
> http://www.jroller.com/gmazza/date/20080729, Step #5, Substeps #1 and #3 --
> Using JaxWsProxyFactoryBean may be just what you need.
>
Hi Glen,
I tried indeed to setup the communication with the JaxWsProxyFactoryBean, that worked!
I already had some suspect as you state below that 'local' and 'remote' Settings concerning
the HTTP(S) protocol conflict with each other.
So the JaxWsProxyFactoryBean approach gave me the impression that everything was handled
locally, that is, the endpoint with https was used.
But thank you very much for the explanations.
bye
Harry
>
> harryvanrijn wrote:
>>
>> The other point(#5), 'using https://', is something that I cannot change,
>> because the WSDL is read from
>> the remote server anytime when I create myWebService.
>>
>
> That's a shame, because I'm nearly certain that is the heart of your
> problem--CXF clients read a local (on-machine) version of the WSDL first,
> and from that WSDL's wsdl:service's soap:address, use that URL. If that
> local wsdl's address is http:// instead of https://, you will get that
> error. While CXF clients will indeed reload the WSDL from the remote server
> as you're saying above, the first step--that of determining the address of
> the remote server to begin with--comes from that local WSDL. Where is that
> local WSDL? It is normally hardcoded in the JAX-WS generated *Service.java
> class--I would start hunting for it there, and when you find that WSDL,
> changing its address to https://.
In the wsdl was no valid URL, just a placeholder: http://replace_with_actual_url.
I didn't pay attention to this..., but now I understand the URL resolving mechanism.
Again, thanks a lot for this information.
>
> Glen
>
> --
> View this message in context:
> http://www.nabble.com/java.io.IOException%3A-Illegal-Protocol-http-for-HTTPS-URLConnection--Factory-tp19412659p19435643.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>
Re: java.io.IOException: Illegal Protocol http for HTTPS
URLConnection Factory
Posted by Glen Mazza <gl...@gmail.com>.
harryvanrijn wrote:
>
> To my opinion the cxf.xml file is not read, all be it in the classpath
> (beneath .../WEB-INF/classes).
> So the problem remains that I have a SOAP Client (standalone or in a
> servlet, whatever) that refuses to
> communicate over HTTPS. After all I do not understand why the cxf.xml is
> not read.
>
You might want to confirm if that is a problem, by doing some dependency
injection from your cxf.xml to your SOAP client, e.g., passing in a string
("Hello World!") from the cxf.xml to your client code, and having the latter
output or log that value. Does it get that message?
BTW, here's an alternative to client creation that might fix your
problem--look at here:
http://www.jroller.com/gmazza/date/20080729, Step #5, Substeps #1 and #3 --
Using JaxWsProxyFactoryBean may be just what you need.
harryvanrijn wrote:
>
> The other point(#5), 'using https://', is something that I cannot change,
> because the WSDL is read from
> the remote server anytime when I create myWebService.
>
That's a shame, because I'm nearly certain that is the heart of your
problem--CXF clients read a local (on-machine) version of the WSDL first,
and from that WSDL's wsdl:service's soap:address, use that URL. If that
local wsdl's address is http:// instead of https://, you will get that
error. While CXF clients will indeed reload the WSDL from the remote server
as you're saying above, the first step--that of determining the address of
the remote server to begin with--comes from that local WSDL. Where is that
local WSDL? It is normally hardcoded in the JAX-WS generated *Service.java
class--I would start hunting for it there, and when you find that WSDL,
changing its address to https://.
Glen
--
View this message in context: http://www.nabble.com/java.io.IOException%3A-Illegal-Protocol-http-for-HTTPS-URLConnection--Factory-tp19412659p19435643.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: java.io.IOException: Illegal Protocol http for HTTPS
URLConnection Factory
Posted by ha...@raceeend-2.demon.nl.
Hi Glenn,
Sorry but the SOAP Client (Webservice Client) is INSIDE of the servlet.
The servlet itself is accessed over normal HTTP, whereas this SOAP Client
tries to communicate with some WebService over HTTPS.
For the sake of clarity, here is (partly) the servlet code:
................ servlet ...........................................
public class MyWebServiceClient extends HttpServlet { <<<< communicates over HTTP
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
.
.
.
MyPort port;
try {
URL wsdlURL = null;
try {
wsdlURL = new URL(externeMicroMoneyUrl + "?wsdl");
} catch (MalformedURLException e) {
e.printStackTrace();
}
MyWebService ss = new MyWebService(wsdlURL, myWebServiceName); <<<< communicates over HTTPS
port = ss.getMyPort();
} catch (Exception e) {
log.debug(e);
}
// I put this extra logging, because I suspected the cxf.xml is not read
String config = System.getProperty("cxf.config.file");
log.debug("Credentials from " + (config != null ? config : "cxf.config.file NOT set") + " will be used for the invocation.");
>>> // Here the logging says "cxf.config.file NOT set" during execution.
port.create();
.
.
.
}
}
To my opinion the cxf.xml file is not read, all be it in the classpath (beneath .../WEB-INF/classes).
So the problem remains that I have a SOAP Client (standalone or in a servlet, whatever) that refuses to
communicate over HTTPS. After all I do not understand why the cxf.xml is not read.
The other point(#5), 'using https://', is something that I cannot change, because the WSDL is read from
the remote server anytime when I create myWebService.
But I used a copy of the WSDL in order to generate my client stubs etc..
In fact it is a bit weird that I use the remote wsdl again in creating the service:
I have allready generated the stubs, so I only have to supply the actual endpoint at execution time.
>
> http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic ?
>
> I would update your web.xml to require SSL (see step #4 above, and alter the
> WSDL that your client is reading to use https:// instead of http:// -- step
> #5 above).
>
> HTH,
> Glen
>
>
> harryvanrijn wrote:
>>
>> Hallo,
>>
>> I want to access a Webservice over HTTPS.
>>
>> In order to do so I configured the 'http:conduit' element in my cxf.xml.
>>
>> This cxf.xml is used by a webservice client inside of a servlet, so
>> I put the cxf.xml beneath the .../WEB-INF/classes directory.
>>
>> The Service en port Object can be created without any problems.
>> But as soon as I call a method in the webservice, I get an Exception
>> concerning the use of 'http' protocol (see below).
>>
>> Here are my web.xml and the cxf.xml
>>
>> ............... web.xml ...............................................
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <web-app
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns="http://java.sun.com/xml/ns/javaee"
>> xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
>> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
>> http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
>> id="MyClient"
>> version="2.5">
>>
>> <display-name>MyClient</display-name>
>>
>> <context-param>
>> <param-name>webAppRootKey</param-name>
>> <param-value>MyClient</param-value>
>> </context-param>
>>
>> <listener>
>> <listener-class>
>> org.springframework.web.util.Log4jConfigListener
>> </listener-class>
>> </listener>
>>
>> <servlet>
>> <servlet-name>SomeServlet</servlet-name>
>> <servlet-class>
>> some.other.example.SomeServlet
>> </servlet-class>
>> </servlet>
>> <servlet-mapping>
>> <servlet-name>SomeServlet</servlet-name>
>> <url-pattern>/SomeServlet</url-pattern>
>> </servlet-mapping>
>>
>> </web-app>
>>
>> ............... cxf.xml ...............................................
>>
>> <beans
>> xmlns="http://www.springframework.org/schema/beans"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns:sec="http://cxf.apache.org/configuration/security"
>> xmlns:http="http://cxf.apache.org/transports/http/configuration"
>> xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
>> xmlns:cxf="http://cxf.apache.org/core"
>> xsi:schemaLocation="
>> http://cxf.apache.org/core
>> http://cxf.apache.org/schemas/core.xsd
>> http://cxf.apache.org/configuration/security
>> http://cxf.apache.org/schemas/configuration/security.xsd
>> http://cxf.apache.org/transports/http/configuration
>> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>> http://www.springframework.org/schema/beans
>> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
>>
>> <http:conduit name="{http://this.is.my.namespace}MyPort.http-conduit">
>>
>> <http:tlsClientParameters secureSocketProtocol="SSL">
>> <sec:keyManagers keyPassword="topsecret">
>> <sec:keyStore type="JKS" password="topsecret"
>> file="/opt/tomcat/conf/tpay/mykeystore.keystore"/>
>> </sec:keyManagers>
>> <sec:trustManagers>
>> <sec:keyStore type="JKS" password="changeit"
>> file="/opt/tomcat/conf/tpay/mytruststore.keystore"/>
>> </sec:trustManagers>
>>
>> <sec:cipherSuitesFilter>
>> <!-- these filters ensure that a ciphersuite with
>> export-suitable or null encryption is used,
>> but exclude anonymous Diffie-Hellman key change as
>> this is vulnerable to man-in-the-middle attacks -->
>> <sec:include>.*_EXPORT_.*</sec:include>
>> <sec:include>.*_EXPORT1024_.*</sec:include>
>> <sec:include>.*_WITH_DES_.*</sec:include>
>> <sec:include>.*_WITH_NULL_.*</sec:include>
>> <sec:exclude>.*_DH_anon_.*</sec:exclude>
>> </sec:cipherSuitesFilter>
>> </http:tlsClientParameters>
>>
>> <http:client ContentType="text/xml"/>
>>
>> </http:conduit>
>>
>> </beans>
>>
>> ............... the code with the webservice call
>> ...............................................
>>
>> QName myWebServiceName =
>> new QName("http://this.is.my.namespace", "MyWebService");
>> wsdlURL = new URL("https://this.is.my.namespace/services/MyService" +
>> "?wsdl");
>>
>> myWebService = new WebService(wsdlURL, myWebServiceName );
>> port = myWebService .getMyPort();
>>
>> ............... the Exception
>> ...............................................
>>
>> INFO: Interceptor has thrown exception, unwinding now
>> org.apache.cxf.interceptor.Fault: Could not send Message.
>> at
>> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:48)
>> at
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>> at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:177)
>> at $Proxy35.delete(Unknown Source)
>> at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.delete(Unknown
>> Source)
>> at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.doPost(Unknown
>> Source)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>> at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>> at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>> at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>> at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>> at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>> at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>> at
>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
>> at
>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
>> at
>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
>> at java.lang.Thread.run(Thread.java:619)
>> Caused by: java.io.IOException: Illegal Protocol http for HTTPS
>> URLConnection Factory.
>> at
>> org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:124)
>> at
>> org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:480)
>> at
>> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
>> ... 22 more
>>
>> I have tried to add i.e. 'secureSocketProtocol="SSL"' to the
>> 'http:tlsClientParameters' element in the cxf file, but nothings helps.
>> The problem is somewhere in my configuration, but I cannot solve it due to
>> lack of sensible documentation.
>> Also I cannot verify (in logs) of the cxf.xml is really evaluated.
>> Any Help would be welcome.
>>
>> Harry
>>
>>
>
> --
> View this message in context:
> http://www.nabble.com/java.io.IOException%3A-Illegal-Protocol-http-for-HTTPS-URLConnection--Factory-tp19412659p19414334.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>
Re: java.io.IOException: Illegal Protocol http for HTTPS
URLConnection Factory
Posted by Glen Mazza <gl...@gmail.com>.
http://www.jroller.com/gmazza/entry/setting_up_ssl_and_basic ?
I would update your web.xml to require SSL (see step #4 above, and alter the
WSDL that your client is reading to use https:// instead of http:// -- step
#5 above).
HTH,
Glen
harryvanrijn wrote:
>
> Hallo,
>
> I want to access a Webservice over HTTPS.
>
> In order to do so I configured the 'http:conduit' element in my cxf.xml.
>
> This cxf.xml is used by a webservice client inside of a servlet, so
> I put the cxf.xml beneath the .../WEB-INF/classes directory.
>
> The Service en port Object can be created without any problems.
> But as soon as I call a method in the webservice, I get an Exception
> concerning the use of 'http' protocol (see below).
>
> Here are my web.xml and the cxf.xml
>
> ............... web.xml ...............................................
>
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns="http://java.sun.com/xml/ns/javaee"
> xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
> id="MyClient"
> version="2.5">
>
> <display-name>MyClient</display-name>
>
> <context-param>
> <param-name>webAppRootKey</param-name>
> <param-value>MyClient</param-value>
> </context-param>
>
> <listener>
> <listener-class>
> org.springframework.web.util.Log4jConfigListener
> </listener-class>
> </listener>
>
> <servlet>
> <servlet-name>SomeServlet</servlet-name>
> <servlet-class>
> some.other.example.SomeServlet
> </servlet-class>
> </servlet>
> <servlet-mapping>
> <servlet-name>SomeServlet</servlet-name>
> <url-pattern>/SomeServlet</url-pattern>
> </servlet-mapping>
>
> </web-app>
>
> ............... cxf.xml ...............................................
>
> <beans
> xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:sec="http://cxf.apache.org/configuration/security"
> xmlns:http="http://cxf.apache.org/transports/http/configuration"
> xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"
> xmlns:cxf="http://cxf.apache.org/core"
> xsi:schemaLocation="
> http://cxf.apache.org/core
> http://cxf.apache.org/schemas/core.xsd
> http://cxf.apache.org/configuration/security
> http://cxf.apache.org/schemas/configuration/security.xsd
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
>
> <http:conduit name="{http://this.is.my.namespace}MyPort.http-conduit">
>
> <http:tlsClientParameters secureSocketProtocol="SSL">
> <sec:keyManagers keyPassword="topsecret">
> <sec:keyStore type="JKS" password="topsecret"
> file="/opt/tomcat/conf/tpay/mykeystore.keystore"/>
> </sec:keyManagers>
> <sec:trustManagers>
> <sec:keyStore type="JKS" password="changeit"
> file="/opt/tomcat/conf/tpay/mytruststore.keystore"/>
> </sec:trustManagers>
>
> <sec:cipherSuitesFilter>
> <!-- these filters ensure that a ciphersuite with
> export-suitable or null encryption is used,
> but exclude anonymous Diffie-Hellman key change as
> this is vulnerable to man-in-the-middle attacks -->
> <sec:include>.*_EXPORT_.*</sec:include>
> <sec:include>.*_EXPORT1024_.*</sec:include>
> <sec:include>.*_WITH_DES_.*</sec:include>
> <sec:include>.*_WITH_NULL_.*</sec:include>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
> </sec:cipherSuitesFilter>
> </http:tlsClientParameters>
>
> <http:client ContentType="text/xml"/>
>
> </http:conduit>
>
> </beans>
>
> ............... the code with the webservice call
> ...............................................
>
> QName myWebServiceName =
> new QName("http://this.is.my.namespace", "MyWebService");
> wsdlURL = new URL("https://this.is.my.namespace/services/MyService" +
> "?wsdl");
>
> myWebService = new WebService(wsdlURL, myWebServiceName );
> port = myWebService .getMyPort();
>
> ............... the Exception
> ...............................................
>
> INFO: Interceptor has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: Could not send Message.
> at
> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:48)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:177)
> at $Proxy35.delete(Unknown Source)
> at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.delete(Unknown
> Source)
> at com.tsystems.tpay.micromoney.ws.MicroMoneyWsClient.doPost(Unknown
> Source)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> at java.lang.Thread.run(Thread.java:619)
> Caused by: java.io.IOException: Illegal Protocol http for HTTPS
> URLConnection Factory.
> at
> org.apache.cxf.transport.https.HttpsURLConnectionFactory.createConnection(HttpsURLConnectionFactory.java:124)
> at
> org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:480)
> at
> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
> ... 22 more
>
> I have tried to add i.e. 'secureSocketProtocol="SSL"' to the
> 'http:tlsClientParameters' element in the cxf file, but nothings helps.
> The problem is somewhere in my configuration, but I cannot solve it due to
> lack of sensible documentation.
> Also I cannot verify (in logs) of the cxf.xml is really evaluated.
> Any Help would be welcome.
>
> Harry
>
>
--
View this message in context: http://www.nabble.com/java.io.IOException%3A-Illegal-Protocol-http-for-HTTPS-URLConnection--Factory-tp19412659p19414334.html
Sent from the cxf-user mailing list archive at Nabble.com.