-
1. Re: EBWS endpoint, contract and WS endpoint publishing using SSL
mageshbk Aug 18, 2010 12:44 AM (in response to baribal)Hi Eugene,
When you publish the ESB service as a Webservice, it automatically binds to all available connector ports in that server. So to enable your service to use HTTPS port, you need to just enable the SSL/TLS Connector in server.xml as done by the webservice_proxy_security quickstart.
<!-- copy into jbossesb-server-4.x/server/default/deploy/jboss-web.deployer/server.xml --> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keyAlias="webservice_proxy_security" keystoreFile="/jboss-5.1.0.GA-esb/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore" keystorePass="webservice_proxy_security_pass" truststoreFile="/jboss-5.1.0.GA-esb/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore" truststorePass="webservice_proxy_security_pass" />
-
2. Re: EBWS endpoint, contract and WS endpoint publishing using SSL
baribal Aug 18, 2010 8:44 AM (in response to mageshbk)Well, nothing changed. I've enabled SSL here "...\server\production\deploy\jbossweb.sar\server.xml":
<!-- A AJP 1.3 Connector on port 8009 -->
<Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
redirectPort="8443" /><!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keyAlias="webservice_proxy_security"
keystoreFile="C:/jboss-soa-p.5.0.2/jboss-as/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore"
keystorePass="webservice_proxy_security_pass"
truststoreFile="C:/jboss-soa-p.5.0.2/jboss-as/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore"
truststorePass="webservice_proxy_security_pass"
/>I've also put
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keyAlias="webservice_proxy_security"
keystoreFile="C:/jboss-soa-p.5.0.2/jboss-as/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore"
keystorePass="webservice_proxy_security_pass"
truststoreFile="C:/jboss-soa-p.5.0.2/jboss-as/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore"
truststorePass="webservice_proxy_security_pass"
/>into the ...\server\production\deployers\jbossweb.deployer\server.xml
I can open https://127.0.0.1:8443. After I had deployed publish_as_webservice quickstart I got in the JBossESB Service List:
HTTP
Endpoint: http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService
Contract: http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdlNo mention about https. Also inside "...\server\production\data\wsdl\Quickstart_publish_as_webservice.esb\ESBServiceSample\HelloWorldPubService.wsdl" I have <soap:address location="http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService"/>
However I can open this endpoint and contract by using "https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService" and "https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl". Also I can change to <soap:address location="https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService"/> inside wsdl. But is it the right way? Should I change wsdl manually after EBWS publishing?
-
3. Re: EBWS endpoint, contract and WS endpoint publishing using SSL
mageshbk Aug 19, 2010 6:42 AM (in response to baribal)> I've also put into the ...\server\production\deployers\jbossweb.deployer\server.xml
You don't have to do that. This file will not be used.
> No mention about https.
This is a known issue https://jira.jboss.org/browse/JBESB-3165
> Should I change wsdl manually after EBWS publishing?
When you access the contract using HTTPS, it automatically converts the endpoint address based on the request's host and port and protocol. Is it not happening?
-
4. Re: EBWS endpoint, contract and WS endpoint publishing using SSL
baribal Sep 1, 2010 5:33 AM (in response to mageshbk)Magesh Bojan wrote:
> Should I change wsdl manually after EBWS publishing?
When you access the contract using HTTPS, it automatically converts the endpoint address based on the request's host and port and protocol. Is it not happening?
Well, it is not true. Let's proceed from the beginning:
1. I have enabled SSL in C:\jboss-soa-p.5.0.2\jboss-as\server\production\deploy\jbossweb.sar\server.xml:
<!-- SSL/TLS Connector configuration using the admin devl guide keystore --> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keyAlias="webservice_proxy_security" keystoreFile="C:/jboss-soa-p.5.0.2/jboss-as/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore" keystorePass="webservice_proxy_security_pass" truststoreFile="C:/jboss-soa-p.5.0.2/jboss-as/samples/quickstarts/webservice_proxy_security/build/webservice_proxy_security.keystore" truststorePass="webservice_proxy_security_pass" />
2. I have deployed publish_as_webservice quickstart and have got:
JBossWS/Services
Endpoint Name jboss.ws:context=Quickstart_publish_as_webservice,endpoint=ESBServiceSample_HelloWorldPubService
Endpoint Address http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubServiceJBoss ESB Service Deployments
ESBServiceSample:HelloWorldPubService
Hello world ESB Service
JMS
Endpoint: jms:localhost#queue/quickstart_publish_as_webservice_Request_esb
Contract: UnavailableJMS
Endpoint: jms:127.0.0.1:1099#queue/quickstart_publish_as_webservice_Request_esb
Contract: UnavailableHTTP
Endpoint: http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService
Contract: http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl3. I can open https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl and see there:
<wsdl:types> <xs:schema targetNamespace="http://www.jboss.org/sayHi" version="1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:include schemaLocation="https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl&resource=request.xsd"/> </xs:schema> <xs:schema targetNamespace="http://www.jboss.org/sayHi" version="1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:include schemaLocation="https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl&resource=response.xsd"/> </xs:schema> <xs:schema targetNamespace="http://www.jboss.org/sayHi" version="1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:include schemaLocation="https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl&resource=fault.xsd"/> </xs:schema> </wsdl:types>
Looks like all is ok, but:
<wsdl:service name="HelloWorldPubServiceService"> <wsdl:port binding="tns:HelloWorldPubServiceBinding" name="HelloWorldPubServicePortType"> <soap:address location="http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService"/> </wsdl:port> </wsdl:service>
That's not right. And if I test my service by doing request in soapUI I get:
INFO:Error getting response for [HelloWorldPubServiceBinding.HelloWorldPubServiceOp:Request 1]; java.net.ConnectException: Connection refused: connect
Because it uses http://127.0.0.1:8080/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService endpoint from https://127.0.0.1:8443/Quickstart_publish_as_webservice/ebws/ESBServiceSample/HelloWorldPubService?wsdl wsdl.
So what should I do? Thanks.
-
5. Re: EBWS endpoint, contract and WS endpoint publishing using SSL
mageshbk Sep 2, 2010 1:29 AM (in response to baribal)Edit the file deployers/jbossws.deployer/META-INF/jboss-beans.xml and comment this line
<property name="webServiceHost">${jboss.bind.address}</property>
If 'webServiceHost' is not set, JBossWS uses requesters protocol host when rewriting the <soap:address>.