[
https://issues.apache.org/jira/browse/CXF-4037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-4037.
------------------------------
Resolution: Fixed
Fix Version/s: 2.5.2
2.4.6
Assignee: Daniel Kulp
The DynamicClient wasn't using the already preloaded schemas and was instead
trying to redownload them. I've updated it to attempt to reuse the schemas we
already gathered. I'd appreciate it if you could try testing with tonights
snapshots.
> Problem creating dynamic client when WSDL is hosted with secured transport
> (https)
> ----------------------------------------------------------------------------------
>
> Key: CXF-4037
> URL: https://issues.apache.org/jira/browse/CXF-4037
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Affects Versions: 2.4.2, 2.4.3, 2.4.5
> Reporter: Harsha Devireddy
> Assignee: Daniel Kulp
> Priority: Critical
> Fix For: 2.4.6, 2.5.2
>
>
> I am trying to call a create a client dynamically to invoke the
> WebService(see below). Notice my WSDL URL is https.
> Also, with a minor modification(to add the spring config file to the bus) to
> the client generated using the wsdl2java utility I am able to call the
> secured webservice.
> But my requirement is to dynamically generate clients and call the webservice
> provided the wsdlUrl, method name and method arguments.
> CLIENT CODE
> ------------
> {code}
> SpringBusFactory bf = new SpringBusFactory();
> bus = bf.createBus(securityConfigFile);
> BusFactory.setDefaultBus(bus);
>
> JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.newInstance(bus);
> dcf.setSimpleBindingEnabled(false);
> List<String> bindingFiles = new ArrayList<String>();
> File bindingFile = generateCustomBindingFile(fileLocationURL);
> try {
> bindingFiles.add(bindingFile.getCanonicalPath().toString());
> } catch (IOException e) {
> throw new LVOException(Level.SEVERE, "WSDL_INVALID_BINDINGFILE",
> bindingFile.toString());
> }
> Client client = dcf.createClient(new
> URL(https://localhost:9999/getAccount?wsdl), bindingFiles);
> {code}
>
>
> EXCEPTION
> ----------
>
> I get the below Exception while trying to create the client.
>
> {code}
> log4j:WARN No appenders could be found for logger
> (org.apache.cxf.bus.spring.BusApplicationContext).
> log4j:WARN Please initialize the log4j system properly.
> Jan 14, 2012 4:44:59 PM org.apache.cxf.bus.spring.BusApplicationContext
> getConfigResources
> INFO: Loaded configuration file ./test/resources/wsdl/WibbleClient.xml.
> Exception in thread "main"
> org.apache.cxf.service.factory.ServiceConstructionException: Failed to create
> service.
> at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:80)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:261)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:235)
> at
> org.apache.cxf.endpoint.dynamic.DynamicClientFactory.createClient(DynamicClientFactory.java:170)
> at
> com.convergys.lvo.integration.wsdl.WSDLDataModelerImpl.generateClient(WSDLDataModelerImpl.java:82)
> at
> com.convergys.lvo.integration.WebServiceDataModeler.getServiceClient(WebServiceDataModeler.java:414)
> at
> com.convergys.lvo.integration.wsdl.WSDLDataModelerImpl.getEntityData(WSDLDataModelerImpl.java:139)
> at
> com.convergys.lvo.integration.wsdl.WSDLDataModelerImpl.main(WSDLDataModelerImpl.java:302)
> Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
> Problem parsing 'https://localhost:9999/getCustomer?wsdl'.:
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2111)
> at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2303)
> at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2335)
> at
> org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:239)
> at
> org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:186)
> at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:78)
> ... 7 more
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1611)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
> at
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
> at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418)
> at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
> at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1041)
> at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
> at
> com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:677)
> at
> com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:186)
> at
> com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:771)
> at
> com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
> at
> com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
> at
> com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:225)
> at
> com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:283)
> at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2101)
> ... 12 more
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
> at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
> at sun.security.validator.Validator.validate(Validator.java:218)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
> at
> com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
> at
> com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
> ... 31 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
> at
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
> at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
> at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
> ... 37 more
> {code}
>
>
> SPRING CONFIG FILE
> ------------------
> Below is my spring config file for my client.
> {code:xml}
>
> <beans xmlns="http://www.springframework.org/schema/beans";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:sec="http://cxf.apache.org/configuration/security";
> xmlns:http="http://cxf.apache.org/transports/http/configuration";
> xsi:schemaLocation="
> http://cxf.apache.org/configuration/security
> http://cxf.apache.org/schemas/configuration/security.xsd
> http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd";>
> <http:conduit name="{http://www.example.org/AWC/}AWCSOAP.http-conduit";>
> <http:tlsClientParameters disableCNCheck="true">
> <sec:trustManagers>
> <sec:keyStore type="JKS" password="password"
> file="test/resources/wsdl/truststore.jks"/>
> </sec:trustManagers>
> <sec:keyManagers keyPassword="password">
> <sec:keyStore type="JKS" password="password"
> file="test/resources/wsdl/wibble.jks"/>
> </sec:keyManagers>
> <sec:cipherSuitesFilter>
> <!-- these filters ensure that a ciphersuite with
> export-suitable or null encryption is used,
> but exclude anonymous Diffie-Hellman key change as
> this is vulnerable to man-in-the-middle attacks -->
> <sec:include>.*_EXPORT_.*</sec:include>
> <sec:include>.*_EXPORT1024_.*</sec:include>
> <sec:include>.*_WITH_DES_.*</sec:include>
> <sec:include>.*_WITH_NULL_.*</sec:include>
> <sec:exclude>.*_DH_anon_.*</sec:exclude>
> </sec:cipherSuitesFilter>
> </http:tlsClientParameters>
> <http:authorization>
> <sec:UserName>admin</sec:UserName>
> <sec:Password>admin</sec:Password>
> </http:authorization>
> </http:conduit>
> </beans>
> {code}
>
> Really appreciate your comments and feedback.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
