You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Herr Otto <gu...@yahoo.de> on 2008/10/27 10:55:24 UTC
xml-version missing in soap message
Hi,
follow problems we have: I call a werbservice (createtd by cxf) - in the
soap message, which will created, ist the xml-version tag missing. The
server declines the message ....
Tips are welcome to complete the soap message.
Thos code will called:
File truststoreFile = new File("zertifikate/key.store");
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setSecureSocketProtocol("SSLv3");
tlsParams.setDisableCNCheck(true);
try {
// Set Truststore
KeyStore truststore = KeyStore.getInstance("JKS");
truststore.load(new FileInputStream(truststoreFile),
truststorePassword.toCharArray());
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance
(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(truststore);
TrustManager[] trustManager = trustManagerFactory.getTrustManagers();
tlsParams.setTrustManagers(trustManager);
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream(truststoreFile),
truststorePassword.toCharArray());
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
char[] passphrase = "changeit".toCharArray();
keyManagerFactory.init(keystore, passphrase);
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
tlsParams.setKeyManagers(keyManagers);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (java.security.cert.CertificateException e) {
e.printStackTrace();
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
}
JaxWsProxyFactoryBean proxyFactory = new JaxWsProxyFactoryBean();
proxyFactory.setServiceClass(WsClass.class);
proxyFactory.setAddress(serverLocation);
proxyFactory.setEndpointName(new QName("http://www.ip.wsdl", "WsClass"));
// Set Filters
FiltersType filter = new FiltersType();
filter.getInclude().add("SSL_RSA_WITH_3DES_EDE_CBC_SHA");
filter.getInclude().add("SSL_RSA_EXPORT_WITH_RC4_40_MD4");
filter.getInclude().add("SSL_RSA_WITH_RC4_128_MD5");
filter.getInclude().add("SSL_RSA_WITH_DES_CBC_SHA");
filter.getInclude().add("SSL_RSA_WITH_RC4_128_SHA");
filter.getInclude().add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5");
filter.getInclude().add("SSL_RSA_WITH_NULL_SHA");
filter.getInclude().add("SSL_RSA_WITH_NULL_MD5");
filter.getInclude().add("SSL_NULL_WITH_NULL_NULL");
tlsParams.setCipherSuitesFilter(filter);
WsPortType port = (WsPortType) proxyFactory.create();
Client cxfClient = ClientProxy.getClient(port);
cxfClient.getInInterceptors().
HTTPConduit httpConduit = (HTTPConduit)cxfClient.getConduit();
httpConduit.setTlsClientParameters(tlsParams);
Return return1 = port.ping();
--
View this message in context: http://www.nabble.com/xml-version-missing-in-soap-message-tp20184595p20184595.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: xml-version missing in soap message
Posted by Daniel Kulp <dk...@apache.org>.
On Tuesday 28 October 2008 12:18:51 pm Glen Mazza wrote:
> Hmmm...aren't XML processing instructions forbidden with SOAP requests and
> responses, per the SOAP spec--or is the XML tag not considered a PI?
According to the xml spec grammar, the xml tag is an "XMLDecl" and not really
a PI.
In anycase, the WSI-BasicProfile basically states that toolkits should accept
messages with the xml decl, but not really create one. If the xml-decl is
there, it's pretty much ignored as the charset and stuff comes from the HTTP
content-type header. Thus, the xml decl really is just wasted bandwidth.
Dan
>
> Glen
>
> dkulp wrote:
> > According to spec, the xml version tag it not required. It's basically
> > just
> > redundant information that consumes bandwidth and uses more CPU.
> > Thus, this is technically a bug in whatever implementation you have on
> > your server.
> >
> > That said, I believe you can do:
> >
> > ((BindingProvider)port).getRequestContext()
> > .put("org.apache.cxf.stax.force-start-document", Boolean.TRUE)
> >
> > to force it. That may require one of the very recent versions of CXF.
> >
> > Dan
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Re: xml-version missing in soap message
Posted by Glen Mazza <gl...@gmail.com>.
Hmmm...aren't XML processing instructions forbidden with SOAP requests and
responses, per the SOAP spec--or is the XML tag not considered a PI?
Glen
dkulp wrote:
>
> According to spec, the xml version tag it not required. It's basically
> just
> redundant information that consumes bandwidth and uses more CPU. Thus,
> this is technically a bug in whatever implementation you have on your
> server.
>
> That said, I believe you can do:
>
> ((BindingProvider)port).getRequestContext()
> .put("org.apache.cxf.stax.force-start-document", Boolean.TRUE)
>
> to force it. That may require one of the very recent versions of CXF.
>
> Dan
>
--
View this message in context: http://www.nabble.com/xml-version-missing-in-soap-message-tp20184595p20210539.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: xml-version missing in soap message
Posted by Herr Otto <gu...@yahoo.de>.
Hi Daniel,
you're right - the xml version tag is not required. I througt, the server
need it, because the anser included this tag.
The reason for the problem: wrong password was configurated on server and
wrong answer from the server ;-(
Thanks for help!
Otto
dkulp wrote:
>
>
>
> On Monday 27 October 2008 5:55:24 am Herr Otto wrote:
>> follow problems we have: I call a werbservice (createtd by cxf) - in the
>> soap message, which will created, ist the xml-version tag missing. The
>> server declines the message ....
>
> According to spec, the xml version tag it not required. It's basically
> just
> redundant information that consumes bandwidth and uses more CPU. Thus,
> this is technically a bug in whatever implementation you have on your
> server.
>
> That said, I believe you can do:
>
> ((BindingProvider)port).getRequestContext()
> .put("org.apache.cxf.stax.force-start-document", Boolean.TRUE)
>
> to force it. That may require one of the very recent versions of CXF.
>
> Dan
>
>
>
>> Tips are welcome to complete the soap message.
>>
>> Thos code will called:
>>
>>
>> File truststoreFile = new File("zertifikate/key.store");
>> TLSClientParameters tlsParams = new TLSClientParameters();
>> tlsParams.setSecureSocketProtocol("SSLv3");
>> tlsParams.setDisableCNCheck(true);
>>
>> try {
>> // Set Truststore
>> KeyStore truststore = KeyStore.getInstance("JKS");
>> truststore.load(new FileInputStream(truststoreFile),
>> truststorePassword.toCharArray());
>> TrustManagerFactory trustManagerFactory =
>> TrustManagerFactory.getInstance
>> (TrustManagerFactory.getDefaultAlgorithm());
>> trustManagerFactory.init(truststore);
>> TrustManager[] trustManager = trustManagerFactory.getTrustManagers();
>> tlsParams.setTrustManagers(trustManager);
>>
>> KeyStore keystore = KeyStore.getInstance("JKS");
>> keystore.load(new FileInputStream(truststoreFile),
>> truststorePassword.toCharArray());
>> KeyManagerFactory keyManagerFactory =
>> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
>> char[] passphrase = "changeit".toCharArray();
>>
>> keyManagerFactory.init(keystore, passphrase);
>> KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
>> tlsParams.setKeyManagers(keyManagers);
>>
>> } catch (NoSuchAlgorithmException e) {
>> e.printStackTrace();
>> } catch (java.security.cert.CertificateException e) {
>> e.printStackTrace();
>> } catch (FileNotFoundException e) {
>> e.printStackTrace();
>> } catch (IOException e) {
>> e.printStackTrace();
>> } catch (KeyStoreException e) {
>> e.printStackTrace();
>> }
>>
>>
>>
>> JaxWsProxyFactoryBean proxyFactory = new JaxWsProxyFactoryBean();
>> proxyFactory.setServiceClass(WsClass.class);
>> proxyFactory.setAddress(serverLocation);
>>
>> proxyFactory.setEndpointName(new QName("http://www.ip.wsdl", "WsClass"));
>>
>> // Set Filters
>> FiltersType filter = new FiltersType();
>> filter.getInclude().add("SSL_RSA_WITH_3DES_EDE_CBC_SHA");
>> filter.getInclude().add("SSL_RSA_EXPORT_WITH_RC4_40_MD4");
>> filter.getInclude().add("SSL_RSA_WITH_RC4_128_MD5");
>> filter.getInclude().add("SSL_RSA_WITH_DES_CBC_SHA");
>> filter.getInclude().add("SSL_RSA_WITH_RC4_128_SHA");
>> filter.getInclude().add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5");
>> filter.getInclude().add("SSL_RSA_WITH_NULL_SHA");
>> filter.getInclude().add("SSL_RSA_WITH_NULL_MD5");
>> filter.getInclude().add("SSL_NULL_WITH_NULL_NULL");
>> tlsParams.setCipherSuitesFilter(filter);
>>
>> WsPortType port = (WsPortType) proxyFactory.create();
>>
>> Client cxfClient = ClientProxy.getClient(port);
>> cxfClient.getInInterceptors().
>> HTTPConduit httpConduit = (HTTPConduit)cxfClient.getConduit();
>> httpConduit.setTlsClientParameters(tlsParams);
>>
>>
>> Return return1 = port.ping();
>
>
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://dankulp.com/blog
>
>
--
View this message in context: http://www.nabble.com/xml-version-missing-in-soap-message-tp20184595p20208753.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: xml-version missing in soap message
Posted by Daniel Kulp <dk...@apache.org>.
On Monday 27 October 2008 5:55:24 am Herr Otto wrote:
> follow problems we have: I call a werbservice (createtd by cxf) - in the
> soap message, which will created, ist the xml-version tag missing. The
> server declines the message ....
According to spec, the xml version tag it not required. It's basically just
redundant information that consumes bandwidth and uses more CPU. Thus,
this is technically a bug in whatever implementation you have on your server.
That said, I believe you can do:
((BindingProvider)port).getRequestContext()
.put("org.apache.cxf.stax.force-start-document", Boolean.TRUE)
to force it. That may require one of the very recent versions of CXF.
Dan
> Tips are welcome to complete the soap message.
>
> Thos code will called:
>
>
> File truststoreFile = new File("zertifikate/key.store");
> TLSClientParameters tlsParams = new TLSClientParameters();
> tlsParams.setSecureSocketProtocol("SSLv3");
> tlsParams.setDisableCNCheck(true);
>
> try {
> // Set Truststore
> KeyStore truststore = KeyStore.getInstance("JKS");
> truststore.load(new FileInputStream(truststoreFile),
> truststorePassword.toCharArray());
> TrustManagerFactory trustManagerFactory =
> TrustManagerFactory.getInstance
> (TrustManagerFactory.getDefaultAlgorithm());
> trustManagerFactory.init(truststore);
> TrustManager[] trustManager = trustManagerFactory.getTrustManagers();
> tlsParams.setTrustManagers(trustManager);
>
> KeyStore keystore = KeyStore.getInstance("JKS");
> keystore.load(new FileInputStream(truststoreFile),
> truststorePassword.toCharArray());
> KeyManagerFactory keyManagerFactory =
> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
> char[] passphrase = "changeit".toCharArray();
>
> keyManagerFactory.init(keystore, passphrase);
> KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
> tlsParams.setKeyManagers(keyManagers);
>
> } catch (NoSuchAlgorithmException e) {
> e.printStackTrace();
> } catch (java.security.cert.CertificateException e) {
> e.printStackTrace();
> } catch (FileNotFoundException e) {
> e.printStackTrace();
> } catch (IOException e) {
> e.printStackTrace();
> } catch (KeyStoreException e) {
> e.printStackTrace();
> }
>
>
>
> JaxWsProxyFactoryBean proxyFactory = new JaxWsProxyFactoryBean();
> proxyFactory.setServiceClass(WsClass.class);
> proxyFactory.setAddress(serverLocation);
>
> proxyFactory.setEndpointName(new QName("http://www.ip.wsdl", "WsClass"));
>
> // Set Filters
> FiltersType filter = new FiltersType();
> filter.getInclude().add("SSL_RSA_WITH_3DES_EDE_CBC_SHA");
> filter.getInclude().add("SSL_RSA_EXPORT_WITH_RC4_40_MD4");
> filter.getInclude().add("SSL_RSA_WITH_RC4_128_MD5");
> filter.getInclude().add("SSL_RSA_WITH_DES_CBC_SHA");
> filter.getInclude().add("SSL_RSA_WITH_RC4_128_SHA");
> filter.getInclude().add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5");
> filter.getInclude().add("SSL_RSA_WITH_NULL_SHA");
> filter.getInclude().add("SSL_RSA_WITH_NULL_MD5");
> filter.getInclude().add("SSL_NULL_WITH_NULL_NULL");
> tlsParams.setCipherSuitesFilter(filter);
>
> WsPortType port = (WsPortType) proxyFactory.create();
>
> Client cxfClient = ClientProxy.getClient(port);
> cxfClient.getInInterceptors().
> HTTPConduit httpConduit = (HTTPConduit)cxfClient.getConduit();
> httpConduit.setTlsClientParameters(tlsParams);
>
>
> Return return1 = port.ping();
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog