-
Feature Request
-
Resolution: Won't Do
-
Major
-
4.3.0.GA_CP05
-
All
-
Compatibility/Configuration
The common deployment environment in many organizations are
client -> load balancer/ssl concentrator (ssl, port 443) -> Apache web server + mod_jk (no ssl, port 8000) -> JBoss application server (no ssl, port 9000)
The SSL is terminated in the load balancer/ssl concentrator and therefore neither apache web server not jboss application server is aware of it. The webservice is deployed as web application on the application server. The JBoss doesn't have even configured SSL connector and the web application doesnt have
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
in the web.xml since it is not SSL aware.
When bottom-up approach for the web service is used, the JBoss applicaiton server generates the WSDL for the webservice. The WSDL needs to contain the protocol:URL:port of the load balancer/ssl concentrator and not of the JBoss regardless of what connectors are configured in the JBoss.
There is a need to expand the configuration in jboss-beans.xml
<!--
The WSDL, that is a required deployment artifact for an endpoint, has a <soap:address>
element which points to the location of the endpoint. JBoss supports rewriting of that SOAP address.
If the content of <soap:address> is a valid URL, JBossWS will not rewrite it unless 'modifySOAPAddress' is true.
If the content of <soap:address> is not a valid URL, JBossWS will rewrite it using the attribute values given below.
If 'webServiceHost' is not set, JBossWS uses requesters protocol host when rewriting the <soap:address>.
<property name="webServiceHost">${jboss.bind.address}</property>
-->
<property name="modifySOAPAddress">true</property>
<!--
Set these properties to explicitly define the ports that will be used for rewriting the SOAP address.
Otherwise the ports will be identified by querying the list of installed connectors.
If multiple connectors are found the port of the first connector is used.
<property name="webServiceSecurePort">8443</property>
<property name="webServicePort">8080</property>
-->
to be able to force the web service protocol, host and port, e.g. add configuration settings
<property name="forceWebServiceProtocol">http|https|...</property>
<property name="forceWebServiceHost">${jboss.bind.address}</property>
<property name="forceWebServicePort">port number</property>