Hi Gareth,
I also had this issue.
In insecure mode Taverna returns https (port 8443) URLs while it should
actually return HTTP responses.
I asked a question related to this to Donal Fellows, the developer of Taverna
Server (I didn't find the corresponding bug:
http://dev.mygrid.org.uk/issues/browse/TAVSERV).
My question to Donal was:
"The only point is that in "insecure" mode, the server returns HTTPS result
URLS. As I am using only one at the same time of either the HTTP ("insecure) or
the HTTPS client ("secure"), I have to rewrite the URLs in "insecure" mode
before sending a new request. I created a quick hack which rewrites https to
http urls in "insecure" mode that works fine. But I don't know, maybe the
server should generally return http urls in "insecure" mode."
Another "hack" is to use secure mode and accept everything:
I extended the client so that it is also able to handle HTTPS, I have
configured a "trust everything" https client that validates self signed
certificates using a javax.net.ssl.X509TrustManager implementation:
public class DefaultTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws
CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws
CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
}
This TrustManager can then be used in a connection manager for creating the
DefaultHttpClient:
// SECURE with SSL support (trust everything)
// SSL certificate validation must be configured, otherwise a
// "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated"
// exception is thrown.
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(new KeyManager[0], new TrustManager[]{new DefaultTrustManager()}, new
SecureRandom());
SSLContext.setDefault(ctx);
// SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER:
// Don't check if host name in certificate coincides with the server
// name of the Taverna Server, otherwise the exception
// "javax.net.ssl.SSLException: hostname in certificate didn't match"
// is thrown.
SSLSocketFactory sf = new SSLSocketFactory(ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
SchemeRegistry schemeRegistry = new SchemeRegistry();
Scheme httpScheme = new Scheme("http", 8080, sf);
Scheme httpsScheme = new Scheme("https", 8443, sf);
schemeRegistry.register(httpScheme);
schemeRegistry.register(httpsScheme);
BasicClientConnectionManager cm = new
BasicClientConnectionManager(schemeRegistry);
DefaultHttpClient httpClient = new DefaultHttpClient(cm);
By configuring the SSLSocketFactory of Apache's HTTP client with
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER:
SSLSocketFactory sf = new SSLSocketFactory(ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
I was able to get rid of the the hostname checking, otherwise you get the the
exception "javax.net.ssl.SSLException: hostname in certificate didn't match".
The only point is that in "insecure" mode, the server does not relocate HTTP
requests to HTTPS (302 Moved Temporarily), but it returns HTTPS result URLS. As
I am using only one at the same time of either the HTTP ("insecure) or the
HTTPS client ("secure"), I have to rewrite the URLs in "insecure" mode before
sending a new request. I created a quick hack which rewrites https to http urls
in "insecure" mode that works fine. But I don't know, maybe the server should
generally return http urls in "insecure" mode.
Hope that helps!
Best regards,
Sven
Von: Gareth Smith [mailto:[email protected]]
Gesendet: Freitag, 26. Juli 2013 17:00
An: [email protected]
Betreff: [Taverna-users] Taverna Server,Problem Accessing Workflow Output Files
Hi All,
I am trying to use Taverna 2.4.1 server to run a workflow.
I am running Taverna Server under Tomcat 6.0.37 on a Ubuntu/Linux OS.
I am accessing the Taverna Server via the REST interface with the server
running in 'insecure' mode.
The workflow that I am running can be uploaded to the Taverna server fine.
I can start and run the workflow via the REST.
I can also check the workflow status.
When the workflow status is 'Finished', I invoke a GET on the Taverna server to
retrieve XML file containing the output file paths.
I do this by GETting the following URL:-
http://localhost:8443/taverna-server/rest/runs/UUID/wd/out
<http://localhost:8443/taverna-server/rest/runs/UUID/wd/out>
Where UUID is a long character string for the current session ID.
If I open the path http://localhost:8443/taverna-server/rest/runs/UUID
<http://localhost:8443/taverna-server/rest/runs/UUID> , I see an XML document
with path tags like <ts-rest:input />, <ts-rest:output/>.
Input XML, creation time XML etc are all available and valid.
If I access any of the output paths for a given session however, either by Java
REST client or the firefox web browser, Taverna server returns a HTTP 403 error
code and the message 'problem getting main directory handle'.
This output path function were working earlier today but something has
corrupted with the Taverna Server system state and I do not know what.
I have tried re-starting the Tomcat server and the error persists.
If I run any workflow, I cannot access any of the output as the output
directories are not being published by the Taverna server.
Any advice on how to resolve this issue would be most appreciated.
I will try undeploying the Taverna server but I would rather have an idea on
the root cause.
Many thanks in advance,
Gareth
This E-Mail is sent in confidence for the addressee only. Unauthorised
recipients must preserve this confidentiality and should please advise the
sender immediately by telephone (+44 (0)1625 505100) and return the original
E-Mail to the sender without taking a copy. Cyprotex has taken all reasonable
precautions to ensure that no viruses are transmitted from Cyprotex to any
third party. Cyprotex accepts no responsibility for any loss or damage
resulting directly or indirectly from the use of this E-Mail or the contents.
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
taverna-users mailing list
[email protected]
[email protected]
Web site: http://www.taverna.org.uk
Mailing lists: http://www.taverna.org.uk/about/contact-us/
