Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-2943

Inconsistent / Incomplete handling of CONFIDENTIAL transport-guarantee defined in jboss.xml compared to @WebContext annotation

    Details

    • Workaround:
      Workaround Exists
    • Workaround Description:
      Hide

      As the endpoint itself only accepts calls over https clients can either override the address in code or the WSDL can be downloaded and the address corrected and the local copy of the WSDL used by the clients.

      Show
      As the endpoint itself only accepts calls over https clients can either override the address in code or the WSDL can be downloaded and the address corrected and the local copy of the WSDL used by the clients.

      Description

      If the transport-guarantee is set to CONFIDENTIAL using the @WebContext annotation then the following happens: -

      1 - The services page https://localhost:8443/jbossws/services lists access to the WSDL using a https address.
      2 - The address in the WSDL is a https address. (Regardless of if WSDL is accessed over http or https)
      3 - The endpoint called over http results in a 302 status being returned.

      If the transport-guarantee is defined in the jboss.xml then only the following happens: -

      3 - The endpoint called over http results in a 302 status being returned.

      The first two report only http addresses.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  dlofthouse Darran Lofthouse
                  Reporter:
                  dlofthouse Darran Lofthouse
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: