You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-dev@ws.apache.org by "Nelson, Christopher" <cn...@synchrony.net> on 2000/10/18 23:13:14 UTC
SSL Soap
I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
In HTTPSUtils, at the line where the URL is built I removed this. After
that it worked fine. Oddly enough, this behavior occurred only at a certain
weblogic service patch level (4.5.1sp11). Just thought I'd share my
experience
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
You are right, as always. There are 2 client SSL enable options: 'autoenable' and 'enable'. The last one does
not rebuild the URL. I know, this is IN the upcoming version and it might have been in some of the earlier
ones also. I will be posting the next 'SecureSoap' version 'probably' later today. It will have most of the
authentication stuff also in it. I believe that the performance remained OK and also the complexity. I was
very careful not to sin too much on the side of 'performance costly' automation and also everything seems to
be backward compatible.
Thank you for keeping me on the straight path!
Regards - George
Nathan Wray wrote:
> The reasons not to rebuild the URL object inside the library are many and lengthy, and deserve to prevail.
>
> "Nelson, Christopher" wrote:
>
> > I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> > problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> > In HTTPSUtils, at the line where the URL is built I removed this. After
> > that it worked fine. Oddly enough, this behavior occurred only at a certain
> > weblogic service patch level (4.5.1sp11). Just thought I'd share my
> > experience
>
> --
> Nathan Wray
> nwray@mich.com
> --
> "Our attitudes control our lives. Attitudes are a secret
> power working twenty-four hours a day, for good or bad. It
> is of paramount importance that we know how to harness
> and control this great force."
>
> - Tom Blandi
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
You are right, as always. There are 2 client SSL enable options: 'autoenable' and 'enable'. The last one does
not rebuild the URL. I know, this is IN the upcoming version and it might have been in some of the earlier
ones also. I will be posting the next 'SecureSoap' version 'probably' later today. It will have most of the
authentication stuff also in it. I believe that the performance remained OK and also the complexity. I was
very careful not to sin too much on the side of 'performance costly' automation and also everything seems to
be backward compatible.
Thank you for keeping me on the straight path!
Regards - George
Nathan Wray wrote:
> The reasons not to rebuild the URL object inside the library are many and lengthy, and deserve to prevail.
>
> "Nelson, Christopher" wrote:
>
> > I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> > problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> > In HTTPSUtils, at the line where the URL is built I removed this. After
> > that it worked fine. Oddly enough, this behavior occurred only at a certain
> > weblogic service patch level (4.5.1sp11). Just thought I'd share my
> > experience
>
> --
> Nathan Wray
> nwray@mich.com
> --
> "Our attitudes control our lives. Attitudes are a secret
> power working twenty-four hours a day, for good or bad. It
> is of paramount importance that we know how to harness
> and control this great force."
>
> - Tom Blandi
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
I have added a global properties to inhibit it. I am worried about the next generation J2EE Application
Servers which will probably need explicit keep-alive notification. I am going to allow URL regeneration with
HTTP1.1 addition as an option when the global override is false.
Regards - George
Nathan Wray wrote:
> The reasons not to rebuild the URL object inside the library are many and lengthy, and deserve to prevail.
>
> "Nelson, Christopher" wrote:
>
> > I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> > problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> > In HTTPSUtils, at the line where the URL is built I removed this. After
> > that it worked fine. Oddly enough, this behavior occurred only at a certain
> > weblogic service patch level (4.5.1sp11). Just thought I'd share my
> > experience
>
> --
> Nathan Wray
> nwray@mich.com
> --
> "Our attitudes control our lives. Attitudes are a secret
> power working twenty-four hours a day, for good or bad. It
> is of paramount importance that we know how to harness
> and control this great force."
>
> - Tom Blandi
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
I have added a global properties to inhibit it. I am worried about the next generation J2EE Application
Servers which will probably need explicit keep-alive notification. I am going to allow URL regeneration with
HTTP1.1 addition as an option when the global override is false.
Regards - George
Nathan Wray wrote:
> The reasons not to rebuild the URL object inside the library are many and lengthy, and deserve to prevail.
>
> "Nelson, Christopher" wrote:
>
> > I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> > problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> > In HTTPSUtils, at the line where the URL is built I removed this. After
> > that it worked fine. Oddly enough, this behavior occurred only at a certain
> > weblogic service patch level (4.5.1sp11). Just thought I'd share my
> > experience
>
> --
> Nathan Wray
> nwray@mich.com
> --
> "Our attitudes control our lives. Attitudes are a secret
> power working twenty-four hours a day, for good or bad. It
> is of paramount importance that we know how to harness
> and control this great force."
>
> - Tom Blandi
Re: SSL Soap
Posted by Nathan Wray <nw...@mich.com>.
The reasons not to rebuild the URL object inside the library are many and lengthy, and deserve to prevail.
"Nelson, Christopher" wrote:
> I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> In HTTPSUtils, at the line where the URL is built I removed this. After
> that it worked fine. Oddly enough, this behavior occurred only at a certain
> weblogic service patch level (4.5.1sp11). Just thought I'd share my
> experience
--
Nathan Wray
nwray@mich.com
--
"Our attitudes control our lives. Attitudes are a secret
power working twenty-four hours a day, for good or bad. It
is of paramount importance that we know how to harness
and control this great force."
- Tom Blandi
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
Thank you. In the next version you will be able to pass on your URL (when want
to) without the system interfering with it, like Nathan W. always wanted to.:-)
Yo just have to use enable instead of autoenable. It might even be working that
way in your current version.
Regards - George
p.s. IMHO some of the J2EE Servers do not seem to follow the http1.1 specs. We
should really remind them. Could you, please?
"Nelson, Christopher" wrote:
> I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> In HTTPSUtils, at the line where the URL is built I removed this. After
> that it worked fine. Oddly enough, this behavior occurred only at a certain
> weblogic service patch level (4.5.1sp11). Just thought I'd share my
> experience
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
Thank you. In the next version you will be able to pass on your URL (when want
to) without the system interfering with it, like Nathan W. always wanted to.:-)
Yo just have to use enable instead of autoenable. It might even be working that
way in your current version.
Regards - George
p.s. IMHO some of the J2EE Servers do not seem to follow the http1.1 specs. We
should really remind them. Could you, please?
"Nelson, Christopher" wrote:
> I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> In HTTPSUtils, at the line where the URL is built I removed this. After
> that it worked fine. Oddly enough, this behavior occurred only at a certain
> weblogic service patch level (4.5.1sp11). Just thought I'd share my
> experience
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
Thank you for the testing effort. I have the HTTP/1.1 string appended because
IMHO it is part of the HTTP spec. The current generation of J2EE App. Servers
and 'older' Tomcat Versions seem to choke on this. In the next version I will
have a global flag in Soap.properties to override the generation of this string.
I would like to have it left in for the future because the Next Gen. Servers
might only do HTTP1.1 provided 'keep-alive' support when explicitly requested.
This is one of those 'small letter' parts of the HTTP spec. I would also like a
small favor to ask. I need to put some headers also into Soap but I do not know
where to break into the code for header support. You must have already solved
the problem for your SSL password effort. My problem is not the generation of
header elements but where to break into the code with as little disturbance, and
rewrite as possible. (-: like I done it for SSL.
Regards - George
"Nelson, Christopher" wrote:
> I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> In HTTPSUtils, at the line where the URL is built I removed this. After
> that it worked fine. Oddly enough, this behavior occurred only at a certain
> weblogic service patch level (4.5.1sp11). Just thought I'd share my
> experience
Re: SSL Soap
Posted by Nathan Wray <nw...@mich.com>.
The reasons not to rebuild the URL object inside the library are many and lengthy, and deserve to prevail.
"Nelson, Christopher" wrote:
> I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> In HTTPSUtils, at the line where the URL is built I removed this. After
> that it worked fine. Oddly enough, this behavior occurred only at a certain
> weblogic service patch level (4.5.1sp11). Just thought I'd share my
> experience
--
Nathan Wray
nwray@mich.com
--
"Our attitudes control our lives. Attitudes are a secret
power working twenty-four hours a day, for good or bad. It
is of paramount importance that we know how to harness
and control this great force."
- Tom Blandi
Re: SSL Soap
Posted by George I Matkovits <ma...@uswest.net>.
Thank you for the testing effort. I have the HTTP/1.1 string appended because
IMHO it is part of the HTTP spec. The current generation of J2EE App. Servers
and 'older' Tomcat Versions seem to choke on this. In the next version I will
have a global flag in Soap.properties to override the generation of this string.
I would like to have it left in for the future because the Next Gen. Servers
might only do HTTP1.1 provided 'keep-alive' support when explicitly requested.
This is one of those 'small letter' parts of the HTTP spec. I would also like a
small favor to ask. I need to put some headers also into Soap but I do not know
where to break into the code for header support. You must have already solved
the problem for your SSL password effort. My problem is not the generation of
header elements but where to break into the code with as little disturbance, and
rewrite as possible. (-: like I done it for SSL.
Regards - George
"Nelson, Christopher" wrote:
> I have been testing SSL SOAP with weblogic 4.5.1 and ran into a small
> problem. Weblogic did not like having the HTTP/1.1 at the end of the URL.
> In HTTPSUtils, at the line where the URL is built I removed this. After
> that it worked fine. Oddly enough, this behavior occurred only at a certain
> weblogic service patch level (4.5.1sp11). Just thought I'd share my
> experience