3 Replies Latest reply on Nov 29, 2017 9:49 AM by nicoschl

    SOAP address rewrite for wsdl-uri-scheme=https for nested XML schema documents (XSD) referenced by the WSDL behind reverse proxy

    nicoschl

      We have Wildfly 10 configured behind NGINX as a reverse proxy for handling the SSL requirements of the web service. Wildfly serves everything as plain HTTP and NGINX handles the HTTPS side of the request.

       

      We have enabled the uri rewriting inside JBossWS with the following settings in standalone.xml

      <subsystem xmlns="urn:jboss:domain:webservices:2.0">
          <modify-wsdl-address>true</modify-wsdl-address>
          <wsdl-host>jbossws.undefined.host</wsdl-host>
          <wsdl-secure-port>8081</wsdl-secure-port>
          <wsdl-uri-scheme>https</wsdl-uri-scheme>
      
      
      

       

      The endpoint also uses a custom deployment descriptor: jboss-webservices.xml

      <jboss:port-component>
        <jboss:ejb-name>ClaimWebServiceBean</jboss:ejb-name>
        <jboss:port-component-name>ClaimWSPort</jboss:port-component-name>
        <jboss:port-component-uri>Claim</jboss:port-component-uri>
        <jboss:transport-guarantee>CONFIDENTIAL</jboss:transport-guarantee>
      </jboss:port-component>
      
      
      

       

      The URI rewriting for the SOAP address and the schema location of the XSD included in the WSDL works correctly

      <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
        xmlns:tns="http://example.systems/webservices/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" 
        xmlns:ns1="http://example.co.za/claim/zmf" attributeFormDefault="unqualified" elementFormDefault="unqualified" 
        targetNamespace="http://example.systems/webservices/">
            
        <xs:import namespace="http://example.co.za/claim/zmf" schemaLocation="https://dev.example.ws:8081/webservices/Claim?xsd=ZietoClaim_2_1.xsd"/>
        <!-- xml omitted -->      
      
        <wsdl:service name="ClaimService">
          <wsdl:port binding="tns:ClaimServiceSoapBinding" name="ClaimWSPort">
            <soap12:address location="https://dev.example.ws:8081/webservices/ZMF"/>
          </wsdl:port>
        </wsdl:service>
      

       

      The XSD referenced inside the WSDL contains 2 more import statements to import 2 more XSD's. This is however where the problem starts. In the extract below you will notice that the schema location uses http and not https for the other 2 XSD's.

      Using curl to download the XSD referenced above give this content, which shows the problem:

      » curl https://dev.example.ws:8081/webservices/Claim?xsd=ZietoClaim_2_1.xsd
      
      <?xml version='1.0' encoding='UTF-8'?>
      <xsd:schema xmlns:zdt="http://example.co.za/claim/zmf/datatypes" xmlns:zcdt="http://example.co.za/common/datatypes" 
        xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://example.co.za/claim/zmf" elementFormDefault="qualified" 
        targetNamespace="http://example.co.za/claim/zmf">
      
        <xsd:import namespace="http://example.co.za/claim/zmf/datatypes" schemaLocation="http://dev.example.ws:8081/webservices/Claim?xsd=zmf_dt_2_1.xsd"/>
        <xsd:import namespace="http://example.co.za/common/datatypes" schemaLocation="http://dev.example.ws:8081/webservices/Claim?xsd=zdt_1_2.xsd"/>
      
      
      

       

      Is there a way to configure JBossWS to rewrite the shema locations inside the first XSD as well to use https?

       

      Message was edited by: Nico Schlebusch - obfuscating some URL details