Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-2943

Inconsistent / Incomplete handling of CONFIDENTIAL transport-guarantee defined in jboss.xml compared to @WebContext annotation

XMLWordPrintable

    • Workaround Exists
    • Hide

      As the endpoint itself only accepts calls over https clients can either override the address in code or the WSDL can be downloaded and the address corrected and the local copy of the WSDL used by the clients.

      Show
      As the endpoint itself only accepts calls over https clients can either override the address in code or the WSDL can be downloaded and the address corrected and the local copy of the WSDL used by the clients.

      If the transport-guarantee is set to CONFIDENTIAL using the @WebContext annotation then the following happens: -

      1 - The services page https://localhost:8443/jbossws/services lists access to the WSDL using a https address.
      2 - The address in the WSDL is a https address. (Regardless of if WSDL is accessed over http or https)
      3 - The endpoint called over http results in a 302 status being returned.

      If the transport-guarantee is defined in the jboss.xml then only the following happens: -

      3 - The endpoint called over http results in a 302 status being returned.

      The first two report only http addresses.

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: