Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-4406

JBossWS - Incomplete CONFIDENTIAL transport-guarantee detection for POJO endpoint.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • EAP_EWP 5.1.1
    • EAP 5.0.1
    • Web Services
    • None
    • Workaround Exists
    • Hide

      Remove the trailing /* from the url-pattern.

      Show
      Remove the trailing /* from the url-pattern.
    • Not Required

    Description

      Take an endpoint with a servlet-mapping similar to: -

      <servlet-mapping>
      <servlet-name>PhoneBook</servlet-name>
      <url-pattern>/PB</url-pattern>
      </servlet-mapping>

      If the transport-guarantee is defined as: -

      <security-constraint>
      <web-resource-collection>
      <web-resource-name>CONFIDENTIAL</web-resource-name>
      <url-pattern>/PB</url-pattern>

      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>

      <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
      </security-constraint>

      JBossWS will detect this correctly and place a https address in the WSDL.

      However if the url-pattern is changed to: -

      <url-pattern>/PB/*</url-pattern>

      JBoss Web will still enforce the transport-guarantee for the call JBossWS will not detect this and will present a wsdl with a http address.

      Attachments

        Issue Links

          blocks

          Task - Represents a small unit of work that is not end-user facing. JBPAPP-4552 Release and upgrade JBossWS Native

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          incorporates

          Bug - A problem that impairs or prevents the functions of the product. JBWS-3212 Incomplete CONFIDENTIAL transport-guarantee detection for POJO endpoint.

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: