You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Bartholodeus <ba...@hotmail.com> on 2008/09/08 16:44:52 UTC
Axis2 webservice over https in Tomcat
Hi,
I am currently running an axis2 v1.3 webservice with https support. I made
the webservice with java2wsdl and wsdl2java with the eclipse codegen plugin.
In my scenario Axis and Tomcat are both deployed in JBoss. What I do not
fully understand is how they work together especially with https. As I
understand it Axis is deployed in Tomcat and Tomcat is deployed in JBoss so
the https request of the client reaches Tomcat first (maybe even something
before) and is forwarded to axis then. So far I have read about 2
possibilities to configure the server to accept https with authentication in
2 ways (client auth = true):
1.) Configure Tomcat (This is what I am using and which is working)
Uncommenting the SSL/TLS Connector in the server.xml in the tomcat home
directory and setting client auth = true and the server keystore and
truststore files.
The clients key- and truststore files are set over System properties.
2.) Configure Axis
Adding the following to the service.xml
<transports>
<transport>https</transport>
</transports>
and uncomment the section in axis2.xml
<transportReceiver name="https"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
and add the corresponding server key- and truststores (as above)
Also the client system properties have to been set as above.
My questions are:
1.) Did I understand the connection between jboss, tomcat and axis
correctly?
2.) As I did not try the second possibility: Did I describe it correctly or
is there to be done something else?
3.) Are these indeed the 2 possibilities to enable https support? Which of
the two do I have to configure?
4.) How can I configure that this particular webservice can only be accessed
by https? Obviously the https-transport tag in the second possibility does
that (if I described it correctly) but how do I do it in the first
possibility?
5.) The https connection is around 50 times slower then the http connection.
Is there a possibility to speed things up? There are several other post
about this issue in this forum and other forums but none of them got an
answer.
Thank you very much for your help,
Bartho
--
View this message in context: http://www.nabble.com/Axis2-webservice-over-https-in-Tomcat-tp19373554p19373554.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
RE: Axis2 webservice over https in Tomcat
Posted by Martin Gainty <mg...@hotmail.com>.
Good Morning
If I understand you're attempting to override a running http connection with https protocol?
one viable solution would be to engage WS - Security 1.0 or WS - Security 1.1 with a rampart module
rampart will enforce your configured security policy for any/all axis archives which engage the rampart module
http://ws.apache.org/rampart/
anyone else?
Martin
______________________________________________
Disclaimer and confidentiality note
Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission.
> Date: Tue, 16 Sep 2008 05:34:26 -0700
> From: bartholodeus@hotmail.com
> To: axis-user@ws.apache.org
> Subject: Re: Axis2 webservice over https in Tomcat
>
>
> I am still looking for a solution. Anybody an idea?
> --
> View this message in context: http://www.nabble.com/Axis2-webservice-over-https-in-Tomcat-tp19373554p19510845.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
_________________________________________________________________
Get more out of the Web. Learn 10 hidden secrets of Windows Live.
http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008
Re: Axis2 webservice over https in Tomcat
Posted by Bartholodeus <ba...@hotmail.com>.
I am still looking for a solution. Anybody an idea?
--
View this message in context: http://www.nabble.com/Axis2-webservice-over-https-in-Tomcat-tp19373554p19510845.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 webservice over https in Tomcat
Posted by srodrigu <sr...@sircon.com>.
I have the same issue where it did not like the <transports> part in the
services.xml. I tried not doing the <transports> part in the service.xml
file and called up the wsdl and it looks like it thinks http is port 8080
and https is port 80 even though Tomcat is using port 80 for http and port
443 for https. Is there somewhere we need to link these two together? I
tried modifying the port numbers in axis2.xml to no avail.
--
View this message in context: http://www.nabble.com/Axis2-webservice-over-https-in-Tomcat-tp19373554p19395167.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 webservice over https in Tomcat
Posted by Bartholodeus <ba...@hotmail.com>.
Thank you for your explanations.
My service.xml looks like this now:
<service name="TestWebservice" >
<description>
Please Type your service description here
</description>
<messageReceivers>
<messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"
class="org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver" />
<messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</messageReceivers>
<transports>
<transport>https</transport>
</transports>
<parameter name="ServiceClass">xx.xxx.xxx.TestWebservice</parameter>
</service>
When I start my JBoss again I get the following exception:
org.apache.axis2.deployment.DeploymentException: Service [ TestWebservice ]
is trying to expose in a transport : <transports>
<transport>https</transport> </transports> and which is not available in
Axis2
You have any idea what I am missing now?
Bartho
Deepal Jayasinghe-2 wrote:
>
> Bartholodeus wrote:
>> Hi,
>>
>> I am currently running an axis2 v1.3 webservice with https support. I
>> made
>> the webservice with java2wsdl and wsdl2java with the eclipse codegen
>> plugin.
>> In my scenario Axis and Tomcat are both deployed in JBoss. What I do not
>> fully understand is how they work together especially with https. As I
>> understand it Axis is deployed in Tomcat and Tomcat is deployed in JBoss
>> so
>> the https request of the client reaches Tomcat first (maybe even
>> something
>> before) and is forwarded to axis then. So far I have read about 2
>> possibilities to configure the server to accept https with authentication
>> in
>> 2 ways (client auth = true):
>>
>> 1.) Configure Tomcat (This is what I am using and which is working)
>> Uncommenting the SSL/TLS Connector in the server.xml in the tomcat home
>> directory and setting client auth = true and the server keystore and
>> truststore files.
>> The clients key- and truststore files are set over System properties.
>>
>>
> Yes you need to do this to make the Application server to be HTTPS aware.
>> 2.) Configure Axis
>> Adding the following to the service.xml
>> <transports>
>> <transport>https</transport>
>> </transports>
> You need this option if and only if you need to expose the service in
> https. Whether you specify this or not axis2 will expose the service in
> both http and https. As I mentioned earlier if you want your service to
> be expose only in https then you need to do that.
>>
>>
>> and uncomment the section in axis2.xml
>> <transportReceiver name="https"
>> class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
>> and add the corresponding server key- and truststores (as above)
>>
>>
> You do not need to do this. This transport listener has nothing to do
> with tomcat https connection.
>> Also the client system properties have to been set as above.
>>
>> My questions are:
>> 1.) Did I understand the connection between jboss, tomcat and axis
>> correctly?
>>
> Well , Axis2 is just an application running behind an application
> server. Once the message receive to Axis2, it does not know how it came.
>> 2.) As I did not try the second possibility: Did I describe it correctly
>> or
>> is there to be done something else?
>> 3.) Are these indeed the 2 possibilities to enable https support? Which
>> of
>> the two do I have to configure?
>> 4.) How can I configure that this particular webservice can only be
>> accessed
>> by https? Obviously the https-transport tag in the second possibility
>> does
>> that (if I described it correctly) but how do I do it in the first
>> possibility?
>>
> Just adding the transport "https" in services.xml
>> 5.) The https connection is around 50 times slower then the http
>> connection.
>> Is there a possibility to speed things up? There are several other post
>> about this issue in this forum and other forums but none of them got an
>> answer.
>>
>> Thank you very much for your help,
>>
>> Bartho
>>
> Thank you!
> Deepal
>
> http://blogs.deepal.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Axis2-webservice-over-https-in-Tomcat-tp19373554p19388077.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 webservice over https in Tomcat
Posted by Deepal jayasinghe <de...@gmail.com>.
Bartholodeus wrote:
> Hi,
>
> I am currently running an axis2 v1.3 webservice with https support. I made
> the webservice with java2wsdl and wsdl2java with the eclipse codegen plugin.
> In my scenario Axis and Tomcat are both deployed in JBoss. What I do not
> fully understand is how they work together especially with https. As I
> understand it Axis is deployed in Tomcat and Tomcat is deployed in JBoss so
> the https request of the client reaches Tomcat first (maybe even something
> before) and is forwarded to axis then. So far I have read about 2
> possibilities to configure the server to accept https with authentication in
> 2 ways (client auth = true):
>
> 1.) Configure Tomcat (This is what I am using and which is working)
> Uncommenting the SSL/TLS Connector in the server.xml in the tomcat home
> directory and setting client auth = true and the server keystore and
> truststore files.
> The clients key- and truststore files are set over System properties.
>
>
Yes you need to do this to make the Application server to be HTTPS aware.
> 2.) Configure Axis
> Adding the following to the service.xml
> <transports>
> <transport>https</transport>
> </transports>
You need this option if and only if you need to expose the service in
https. Whether you specify this or not axis2 will expose the service in
both http and https. As I mentioned earlier if you want your service to
be expose only in https then you need to do that.
>
>
> and uncomment the section in axis2.xml
> <transportReceiver name="https"
> class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
> and add the corresponding server key- and truststores (as above)
>
>
You do not need to do this. This transport listener has nothing to do
with tomcat https connection.
> Also the client system properties have to been set as above.
>
> My questions are:
> 1.) Did I understand the connection between jboss, tomcat and axis
> correctly?
>
Well , Axis2 is just an application running behind an application
server. Once the message receive to Axis2, it does not know how it came.
> 2.) As I did not try the second possibility: Did I describe it correctly or
> is there to be done something else?
> 3.) Are these indeed the 2 possibilities to enable https support? Which of
> the two do I have to configure?
> 4.) How can I configure that this particular webservice can only be accessed
> by https? Obviously the https-transport tag in the second possibility does
> that (if I described it correctly) but how do I do it in the first
> possibility?
>
Just adding the transport "https" in services.xml
> 5.) The https connection is around 50 times slower then the http connection.
> Is there a possibility to speed things up? There are several other post
> about this issue in this forum and other forums but none of them got an
> answer.
>
> Thank you very much for your help,
>
> Bartho
>
Thank you!
Deepal
http://blogs.deepal.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org