Ok, so here's an update. I got my services to work in both secure and
insecure mode (that is some services are published as secure, other
insecure -- not one service as both). I did this by using the handlers
on the Service objects rather than the global XFire object. Makes sense.
Here's my problem now: Faults only seem to work from the global XFire
object. So when a fault occurs, it doesn't appear that the framework
will look at the Service's handlers to handle the fault on a service by
service basis, but rather the XFire fault handlers only and since not
all services are secured, I get exceptions when wss4j headers are
expected in some cases, but not others.
I verified this by adding a secure handler to the Global XFire fault
handler, caused a fault in the insecure service and got a prolog eof
exception because the wss4j headers were missing. Then tried a secure
fault and got the real fault back in the client which is what was
expected. Flipped the scenario and got the exact opposite results.
So, what I need is the framework to use the service fault handlers when
a fault occurs (when they are registered, of course) rather than the
global handlers.
I think this is in the DefaultEndpoint class, around line 70 in the
catch block when the fault is created and piped through.
Any thoughts?
I'm going to keep digging in the code to see if I can fix the problem.
Thanks all!
-Nate
Nathaniel A. Johnson wrote:
Hi all,
I am looking at the code for XFireFactory and it appears to be a
singleton for the XFire instance. The javadoc mentions that there is
one XFire per JVM -- cool, works for most people.
My problem is that I need both secure (wss4j signed and encrypted) and
insecure web services in the same JVM. But since there is just one
XFire, once you register the wss4j handlers you can not go insecure any
longer.
My question is, does anyone know of an implementation that would work
for me? I basically need two XFire objects in the factory, one for
secure web services and one for insecure web services. I've begun doing
this work, and will happily contribute it back when finished if it is
wanted, but if someone else has already done the work I'd like to just
use that :)
Or if I am going about this all the wrong way and anyone has thoughts on
the subject, please let me know.
Thanks all!
Nate
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
