You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "nadir amra (JIRA)" <ji...@apache.org> on 2012/04/21 02:31:33 UTC
[jira] [Commented] (AXIS2-3278) Allow Customizable WSDL generation
error messages
[ https://issues.apache.org/jira/browse/AXIS2-3278?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13258693#comment-13258693 ]
nadir amra commented on AXIS2-3278:
-----------------------------------
This scenario should probably return the same error code as if exposeServiceMetadatais set to false in services.xml file.
> Allow Customizable WSDL generation error messages
> -------------------------------------------------
>
> Key: AXIS2-3278
> URL: https://issues.apache.org/jira/browse/AXIS2-3278
> Project: Axis2
> Issue Type: New Feature
> Components: wsdl
> Affects Versions: 1.3
> Environment: Axis2 (1.3)
> Reporter: Nathan Hook
> Assignee: Deepal Jayasinghe
> Priority: Minor
>
> When setting the value useOriginalwsdl to true in a services.xml and not providing a wsdl file in your directory the following message occurs:
> Unable to generate WSDL 1.1 for this serviceIf you wish Axis2 to automatically generate the WSDL 1.1, then please +set useOriginalwsdl as false in your services.xml
> However, it would be better if a customizable error message (including a blank message) could be returned or even better allow the behavior to return different http error codes like 404 where the wsdl is effectively hidden without giving a clue that it exists.
> A work around for this is to create a filter that will check to see if someone is try to access the wsdl file directly and then return a 404 or what ever type of message they chose.
> Here is an example filter class:
> import java.io.*;
> import java.util.*;
> import javax.servlet.*;
> import javax.servlet.http.*;
> public class WebServiceSecurityFilter implements Filter
> {
> private static org.apache.log4j.Logger log = org.apache.log4j.Logger.getLogger(WebServiceSecurityFilter.class);
>
> public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException
> {
> HttpServletRequest httpRequest = (HttpServletRequest)request;
>
> if(!httpRequest.getQueryString().contains("wsdl"))
> {
> filterChain.doFilter(request, response);
> }
> else
> {
> log.debug("WebServiceSecurityFilter - Unauthorized WSDL Access Attempt");
> log.debug(" remote ip: " + address);
>
> HttpServletResponse httpResponse = (HttpServletResponse)response;
> httpResponse.setStatus(HttpServletResponse.SC_NOT_FOUND);
>
> RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/error_pages/404.html");
> dispatcher.forward(request, response);
> }
> }
>
> public void init(FilterConfig config)
> {
>
> }
>
> public void destroy()
> {
>
> }
> }
> Thank you for your time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org