Hi, if you can you should probably update to a more recent version of
CXF, even 2.3.x is deprecated. Basing a security solution on an obsolete
version of software is not a good idea of course, also much of the code
has changed between back then and today. Your problem below might not
even occur with the latest CXF (2.6.2). Also, you might find it easier
to use Spring XML configuration[1] as done in CXF's wsdl_first_https
sample, available in the latest downloads of the CXF 2.5.x and CXF 2.6.x
versions.
Running with Wireshark[2], by providing you the XML over the wire, may
also help pinpoint the problem (it could be there's an error message
that CXF is covering up with its own error message). If it's still not
working and nobody else here has other ideas you might wish to try with
Metro ([3], although that just handles 1-way SSL, you may need to google
for a 2-way solution)--you might get different error messages better
pinpointing the problem (or it might work OOTB...)
As you're saying, the test environment is not the same as the production
environment (a redirect is occurring in the latter but not the former),
defeating much of the purpose of the test environment. I don't know if
you can get the server folks to fix that discrepancy (hopefully making
production like test so the problem will go away).
Sorry I can't offer an immediate solution, but otherwise, HTH,
Glen
[1]
http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/src/main/resources/SecureClient.xml?revision=1368431&view=markup
[2] http://www.jroller.com/gmazza/entry/soap_calls_over_wireshark
[3] http://www.jroller.com/gmazza/entry/ssl_for_web_services
On 08/30/2012 04:17 AM, Bart Van Den Steen wrote:
Hello,
It is my first time using cxf and I am attempting to communicate with an
outside web service that requires 2 way ssl authentication via certificates.
I can successfully connect with the web service in the Test environment but
when using the same code to contact the web service in their Production
environment I receive a 302 error (see below).
I tried to modify my code so that it would automatically follow redirects
but then I receive a different error, namely a redirect loop(see below).
I have added my code below with the modifcations that give me the loop error
between '// modified start' & '// end'.
I am using cxf version 2.2.12
Thanks,
Bart
-----------------------
CODE
try {
JaxWsProxyFactoryBean factory = new
JaxWsProxyFactoryBean();
factory.setServiceClass(clazz);
factory.setAddress(address);
Object port = factory.create();
Client client = ClientProxy.getClient(port);
// modified start
((BindingProvider)client).getRequestContext().put("org.apache.cxf.message.Message.MAINTAIN_SESSION",
Boolean.FALSE);
// end
client.getInInterceptors().add(new
LoggingInInterceptor());
client.getOutInterceptors().add(new
LoggingOutInterceptor());
if (client != null) {
HTTPConduit conduit = (HTTPConduit)
client.getConduit();
HTTPClientPolicy policy = new
HTTPClientPolicy();
// modified start
policy.setAllowChunking(false);
policy.setAutoRedirect(true);
policy.setConnection(ConnectionType.KEEP_ALIVE);
// end
conduit.setClient(policy);
}
return port;
} catch (Throwable e) {
throw new WSClientException(
"Error while creating WS Client for
service", e);
}
-------------------------
FIRST ERROR: 302 ERROR
Jul 30, 2012 2:18:51 PM
org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose
INFO: Outbound Message
---------------------------
ID: 3
Address: https://bcdabnx.nbb.be/soap/nbb
Encoding: UTF-8
Content-Type: text/xml
Headers: {SOAPAction=[SOAPActionMinFin], Accept=[*/*]}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><ns2:ws_abnxOperations
xmlns:ns2="http://www.nbb.be/BCD_ABNX/";><AbnxOperations><AbnxOpe
rations><ListAvailableFiles><RequestList>D</RequestList></ListAvailableFiles></AbnxOperations></AbnxOperations></ns2:ws_abnxOperations></soap:Body></soap:Envelope>
--------------------------------------
Jul 30, 2012 2:18:51 PM org.apache.cxf.interceptor.LoggingInInterceptor
logging
INFO: Inbound Message
----------------------------
ID: 3
Response-Code: 302
Encoding: ISO-8859-1
Content-Type: text/html; charset=iso-8859-1
Headers: {content-type=[text/html; charset=iso-8859-1],
connection=[Keep-Alive], Date=[Thu, 30 Jul 2012 12:18:51 GMT],
Content-Length=[513], Location=[https://bcdabnx.nbb.be/nbb
loginproxy/authenticationbackend?TYPE=33554433&REALMOID=06-0d35dbdf-73cf-4753-8c46-9e719ac30dab&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-74fXnAhrTV4d%2bSzRuWiYDsD8PuJbwO
7utDDh3zF6oS%2bcCtLdKRQE8uDp1N0dv4Yc&TARGET=-SM-http%3a%2f%2fbcdabnx%2enbb%2ebe%2fbcdabnx%2fsoap%2fnbb],
Keep-Alive=[timeout=5, max=100], Cache-Control=[no-store]}
Payload: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
Found
<p>The document has moved
https://bcdabnx.nbb.be/nbbloginproxy/authenticationbackend?TYPE=33554433&REALMOID=06-0d35dbdf-73cf-4753-8c46-9e719ac30dab&GUID=&SM
AUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-74fXnAhrTV4d%2bSzRuWiYDsD8PuJbwO7utDDh3zF6oS%2bcCtLdKRQE8uDp1N0dv4Yc&TARGET=-SM-http%3a%2f%2fbcdabnx%2enbb%2ebe%2fbcdabnx%2f
soap%2fnbb here .</p>
</body></html>
-------------------------
-------------------------
SECOND ERROR: LOOP ERROR
Aug 30, 2012 11:12:40 AM org.apache.cxf.transport.http.HTTPConduit
redirectRetransmit
INFO: Redirect loop detected on Conduit
"{http://www.nbb.be/BCDABNX/}BCD_ABNX_Server_InPortTypePort.http-conduit"; on
'https://bcdabnx.nbb.be/nbbloginproxy/authentication
backend?TYPE=33554433&REALMOID=06-0d35dbdf-73cf-4753-8c46-9e719ac30dab&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-74fXnAhrTV4d%2bSzRuWiYDsD8PuJbwO7utDDh3zF6oS%2bcC
tLdKRQE8uDp1N0dv4Yc&TARGET=-SM-http%3a%2f%2fbcdabnx%2enbb%2ebe%2fbcdabnx%2fsoap%2fnbb'
Aug 30, 2012 11:12:40 AM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://www.nbb.be/BCDABNX/}BCDABNXServerInPortTypeService#{http://www.nbb.be/BCDABNX/}ws_abnxOperations
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy1257.wsAbnxOperations(Unknown Source)
at
be.fgov.minfin.wsclientcxf.WSClient.listAvailableFilesWS(WSClient.java:58)
at
be.fgov.minfin.ccff.fwk.batch.batchtest.basic.business.Business.BusinessLogic(Business.java:59)
at
be.fgov.minfin.ccff.fwk.batch.batchtest.basic.BNBWSClientBatchExecutor.execute(BNBWSClientBatchExecutor.java:34)
at
be.fgov.minfin.ccff.fwk.batch.BatchExecutorMDB._execute(BatchExecutorMDB.java:162)
at
be.fgov.minfin.ccff.fwk.batch.BatchExecutorMDB.onMessage(BatchExecutorMDB.java:79)
at
weblogic.ejb.container.internal.MDListener.execute(MDListener.java:574)
at
weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:477)
at
weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:379)
at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
at
weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3821)
at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
at
weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
at
weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: java.io.IOException: IOException invoking
https://bcdabnx.nbb.be/bcdabnx/soap/nbb: Redirect loop detected on Conduit
"{http://www.nbb.be/BCDABNX/}BCD_ABNX_Ser
ver_InPortTypePort.http-conduit" on
'https://bcdabnx.nbb.be/nbbloginproxy/authenticationbackend?TYPE=33554433&REALMOID=06-0d35dbdf-73cf-4753-8c46-9e719ac30dab&GUID=&SMAU
THREASON=0&METHOD=POST&SMAGENTNAME=-SM-74fXnAhrTV4d%2bSzRuWiYDsD8PuJbwO7utDDh3zF6oS%2bcCtLdKRQE8uDp1N0dv4Yc&TARGET=-SM-http%3a%2f%2fbcdabnx%2enbb%2ebe%2fbcdabnx%2fsoap%2
fnbb'
----------------------
--
View this message in context:
http://cxf.547215.n5.nabble.com/302-error-and-redirect-loop-on-Conduit-tp5713358.html
Sent from the cxf-user mailing list archive at Nabble.com.
