2 Replies Latest reply on Mar 4, 2010 12:38 PM by Fernando Rubbo

    Jboss EAP 4.3 + Java 1.6 + WS Client over https does not work

    Fernando Rubbo Newbie

      Hi,

       

      I’m accessing a WS over HTTPS. The code is this:

       

                  System.setProperty("javax.net.ssl.keyStoreType", "TAC");

                 // the ‘javax.net.ssl.keyStore’ and ‘javax.net.ssl.KeyStorePassword’ properties are not required because we are using an HSM (Hardware Security Module) which has its own file configuration.

       

                  System.setProperty("javax.net.ssl.trustStoreType", "JKS");

                  System.setProperty("javax.net.ssl.trustStore", "c:\\cacerts");

                  System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

       

                final NfeConsulta wsNfeConsulta = retrieveNfeConsulta();

                final NfeConsultaSoap port = wsNfeConsulta. getNfeConsultaSoap()

                return port.nfeConsultaNF(nfeCabecMsg, nfeDadosMsg);

                // these classes were generated from the WSDL file using jboss wstools        

                 

       

      The interesting point is that:

      when I execute this code in the Java SE 1.6.0_17 environment, everything works. It goes to the WS over HTTPS and returns the data accordingly. However, when the same code is put on Jboss EAP 4.3 (inside an EJB stateless) it stops to work. The exception is the following:

       

      javax.xml.ws.WebServiceException: java.io.IOException: Could not transmit message

                      at org.jboss.ws.core.jaxws.client.ClientImpl.handleRemoteException(ClientImpl.java:307)

                      at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:245)

                      at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:164)

                      at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)

                      at $Proxy17.nfeConsultaNF(Unknown Source)

                      at br.com.zaffari.nfe.server.facade.NFeSefazFacade.nfeConsultaNF(NFeSefazFacade.java:93)

                      at br.com.zaffari.nfe.server.facade.ChecaConectividadeURLSefazTest.testURL_HOM_RS(ChecaConectividadeURLSefazTest.java:318)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

                      at java.lang.reflect.Method.invoke(Method.java:597)

                      at org.junit.internal.runners.TestMethodRunner.executeMethodBody(TestMethodRunner.java:99)

                      at org.junit.internal.runners.TestMethodRunner.runUnprotected(TestMethodRunner.java:81)

                      at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:34)

                      at org.junit.internal.runners.TestMethodRunner.runMethod(TestMethodRunner.java:75)

                      at org.junit.internal.runners.TestMethodRunner.run(TestMethodRunner.java:45)

                      at org.junit.internal.runners.TestClassMethodsRunner.invokeTestMethod(TestClassMethodsRunner.java:66)

                      at org.junit.internal.runners.TestClassMethodsRunner.run(TestClassMethodsRunner.java:35)

                      at org.junit.internal.runners.TestClassRunner$1.runUnprotected(TestClassRunner.java:42)

                      at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:34)

                      at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52)

                      at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38)

                      at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386)

                      at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)

      Caused by: java.io.IOException: Could not transmit message

                      at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:210)

                      at org.jboss.ws.core.client.SOAPRemotingConnection.invoke(SOAPRemotingConnection.java:77)

                      at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:337)

                      at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:233)

                      ... 25 more

      Caused by: org.jboss.remoting.CannotConnectException: Can not connect http client invoker. Invalid HTTP server response [403] - Forbidden. Response: Forbidden/403.

                      at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:368)

                      at org.jboss.remoting.transport.http.HTTPClientInvoker.transport(HTTPClientInvoker.java:148)

                      at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:141)

                      at org.jboss.remoting.Client.invoke(Client.java:1858)

                      at org.jboss.remoting.Client.invoke(Client.java:718)

                      at org.jboss.ws.core.client.RemotingConnectionImpl.invoke(RemotingConnectionImpl.java:189)

                      ... 28 more

      Caused by: org.jboss.ws.WSException: Invalid HTTP server response [403] - Forbidden

                      at org.jboss.ws.core.soap.SOAPMessageUnMarshaller.read(SOAPMessageUnMarshaller.java:77)

                      at org.jboss.remoting.transport.http.HTTPClientInvoker.readResponse(HTTPClientInvoker.java:548)

                      at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:322)

                      ... 33 more

       

      That is a little obscure because in Java SE the code runs successfully. And inside of jboss it give me an exception saying HTTP 403. The question is: If my code is incorrect or may certificate is not valid, why I don’t have the same problem in pure Java SE environment? For me it seems that I’m lacking some Jboss configuration, but I’ve already tried the following (with no success, of course):

       

      1)     Set wsse properties, but had no success.

            System.setProperty("org.jboss.ws.wsse.keyStoreType", "TAC");

            System.setProperty("org.jboss.ws.wsse.trustStoreType", "JKS");

            System.setProperty("org.jboss.ws.wsse.trustStore", trustStoreFile);

            System.setProperty("org.jboss.ws.wsse.trustStorePassword", "changeit");

       

      2)     Deployed jboss-wsse-client.xml into the jar META-INF (along with jboss.xml file), but had no success

      <?xml version="1.0" encoding="UTF-8"?>

      <jboss-ws-security

        xmlns="http://www.jboss.com/ws-security/config"

         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://www.jboss.com/ws-security/config

         http://www.jboss.com/ws-security/schema/

            jboss-ws-security_1_0.xsd">

            <key-store-type>TAC</key-store-type>

       

            <trust-store-file>c:\cacerts</trust-store-file>

            <trust-store-password>changeit</trust-store-password>

            <trust-store-type>jks</trust-store-type>

      </jboss-ws-security>

              

      // in the code I’ve added the following lines to Jboss use the file above

      List<Handler> chain = new ArrayList<Handler>();

         chain.add(new org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient());

        ((BindingProvider)port).getBinding().setHandlerChain(chain);

       

       

      I think it is important to say that I could reproduce the error in the Java SE 1.6.0_17 environment setting the system property

      -Djava.endorsed.dirs="C:\Desenv\Siz\jboss-eap.4.3\lib\endorsed"

      Note that I’ve followed the bellow procedure, which could be found in the issue https://jira.jboss.org/jira/browse/JBPAPP-1272:

      “JavaSE 6 includes includes support for JAX-WS, Version 2.1. Before starting your server, you need replace the APIs included in JDK 6 with the JBossWS jars by simply copying the following jars to

      ${JBOSS_HOME}/lib/endorsed from ${JBOSS_HOME}/server/production/lib:• jboss-jaxrpc.jar jboss-jaxws.jar jboss-saaj.jar”

       

      It seems that some of the jars into jboss endorsed are making all this problem. But what should I do????

       

       

      Any though will be appreciated,

      Thanks in advanced

      Fernando Rubbo