Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-4087

SOAP address rewrite for wsdl-uri-scheme=https for nested XML schema documents (XSD) referenced by the WSDL behind reverse proxy

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • jbossws-cxf-5.1.5.Final
    • jbossws-cxf
    • Hide

      Enable the uri rewriting inside JBossWS with the following settings in standalone.xml

      <subsystem xmlns="urn:jboss:domain:webservices:2.0">  
    <modify-wsdl-address>true</modify-wsdl-address>  
    <wsdl-host>jbossws.undefined.host</wsdl-host>  
    <wsdl-secure-port>8081</wsdl-secure-port>  
    <wsdl-uri-scheme>https</wsdl-uri-scheme>

      The endpoint also uses a custom deployment descriptor: jboss-webservices.xml

      <jboss:port-component>  
  <jboss:ejb-name>ClaimWebServiceBean</jboss:ejb-name>  
  <jboss:port-component-name>ClaimWSPort</jboss:port-component-name>  
  <jboss:port-component-uri>Claim</jboss:port-component-uri>  
  <jboss:transport-guarantee>CONFIDENTIAL</jboss:transport-guarantee>  
</jboss:port-component>
      Show
      Enable the uri rewriting inside JBossWS with the following settings in standalone.xml <subsystem xmlns= "urn:jboss:domain:webservices:2.0" > <modify-wsdl-address> true </modify-wsdl-address> <wsdl-host> jbossws.undefined.host </wsdl-host> <wsdl-secure-port> 8081 </wsdl-secure-port> <wsdl-uri-scheme> https </wsdl-uri-scheme> The endpoint also uses a custom deployment descriptor: jboss-webservices.xml <jboss:port-component> <jboss:ejb-name> ClaimWebServiceBean </jboss:ejb-name> <jboss:port-component-name> ClaimWSPort </jboss:port-component-name> <jboss:port-component-uri> Claim </jboss:port-component-uri> <jboss:transport-guarantee> CONFIDENTIAL </jboss:transport-guarantee> </jboss:port-component>

      We have Wildfly 10 configured behind NGINX as a reverse proxy for handling the SSL requirements of the web service. Wildfly serves everything as plain HTTP and NGINX handles the HTTPS side of the request. The webservices subsystem is configured to rewrite the uri using https schema. The XSD schema location referenced inside the WSDL is rewritten to use https. However, any other XSD's scheme location that is referenced by the first XSD is not changed to use https.

      The URI rewriting for the SOAP address and the schema location of the XSD included in the WSDL works correctly.

      <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"   
  xmlns:tns="http://example.systems/webservices/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"   
  xmlns:ns1="http://example.co.za/claim/zmf" attributeFormDefault="unqualified" elementFormDefault="unqualified"   
  targetNamespace="http://example.systems/webservices/">  
        
  <xs:import namespace="http://example.co.za/claim/zmf" schemaLocation="https://dev.example.ws:8081/webservices/Claim?xsd=ZietoClaim_2_1.xsd"/>  
  <!-- xml omitted -->        
  
  <wsdl:service name="ClaimService">  
    <wsdl:port binding="tns:ClaimServiceSoapBinding" name="ClaimWSPort">  
      <soap12:address location="https://dev.example.ws:8081/webservices/ZMF"/>  
    </wsdl:port>  
  </wsdl:service>

      The XSD referenced inside the WSDL contains 2 more import statements to import 2 more XSD's. This is however where the problem starts. In the extract below you will notice that the schema location uses http and not https for the other 2 XSD's.

      <?xml version='1.0' encoding='UTF-8'?>  
<xsd:schema xmlns:zdt="http://example.co.za/claim/zmf/datatypes" xmlns:zcdt="http://example.co.za/common/datatypes"   
  xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://example.co.za/claim/zmf" elementFormDefault="qualified"   
  targetNamespace="http://example.co.za/claim/zmf">  
  
  <xsd:import namespace="http://example.co.za/claim/zmf/datatypes" schemaLocation="http://dev.example.ws:8081/webservices/Claim?xsd=zmf_dt_2_1.xsd"/>  
  <xsd:import namespace="http://example.co.za/common/datatypes" schemaLocation="http://dev.example.ws:8081/webservices/Claim?xsd=zdt_1_2.xsd"/>

              Unassigned Unassigned
              nicoschl@gmail.com Nico Schlebusch (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: