0 Replies Latest reply on Jul 8, 2007 11:39 AM by Vishal Pai Vernekar

    (HTTPS + Basic HTTP Authorization + Proxy Server) and Webser

    Vishal Pai Vernekar Newbie

      Hi,

      I have created the same simple hello web service following the same steps as mentioned in the JBOSS chapter 12 document (http://docs.jboss.org/jbossas/jboss4guide/r2/html/ch12.html).

      JBOSS version: JBoss [Zion] 4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339.
      JBOSSWS version: jbossws-1.0.3.SP1 (date=200609291417).

      I have deployed the web service on a external server that lives on the internet. The access from my machine to the server is through a proxy server which is a Microsoft ISA 2004 SP2 on windows 2003 server in cluster mode (two array members).

      I am trying to protect the web service through basic HTTP authentication + HTTPS authentication.

      I have written two types of clients to the web service.
      i) Stub based consumer.
      ii) DII based consumer.

      Following are the scenarios where these clients fail.
      i) Stub based client does not work as soon as I enabled HTTPS on the server.
      ii) DII based client works in the above scenario but fails when I enable basic authentication in addition to HTTPS on the server.
      iii) ALL WORKS WELL IF THERE IS NO PROXY SERVER FOR STUB BASED CONSUMER. I HAVE NOT TRIED THE SAME FOR DII BASED CONSUMER.


      I have set the required user name/password and also set the proxy related properties in my source code.

      Following are my findings:
      i. DII based mechanism of invoking the web service (All scenarios with proxy server which is a Microsoft ISA).

      Works with only HTTP.
      Works with only HTTPS.
      Works with HTTP + Basic authentication.
      Does not work with HTTPS + basic authentication.

      ii. Stub based mechanism of invoking the web service (All scenarios with proxy server which is a Microsoft ISA).

      Works with only HTTP.
      Works with HTTP + Basic authentication.
      Does not work with HTTPS.
      Does not work with HTTPS + basic authentication. [Follows from above.]

      The output that I see is following [I have set the debug property to ssl]:

      instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl

      After this line my client hangs forever. My thread dump shows that a socket is waiting for read operation to complete. [If needed I can post the dump as well.]

      I am in real urgent need of a solution as this scenario has stalled our release.

      Thanks in advance Best Regards,
      Vishal