users@glassfish.java.net

Re: SSL Hostname Validation - Possible to override?

From: Rama Pulavarthi <Rama.Pulavarthi_at_Sun.COM>
Date: Thu, 12 Feb 2009 17:29:00 -0800

Refer to the Metro user guide
https://metro.dev.java.net/guide/HTTPS_HostnameVerifier.html, that shows
about doing this at runtime.
For wsimport, there is a switch *|-XdisableSSLHostnameVerification |*as
you can find in
https://metro.dev.java.net/nonav/1.4/docs/wsimport.html#Syntax

thanks,
Rama Pulavarthi

glassfish_at_javadesktop.org wrote:
> Here's the problem:
>
> I have a webservice. It appears as a Servlet under the default Glassfish domain (domain1) as part of a larger web application. I am writing another web application (that will run on the same domain) in order to test this webservice.
>
> The webservice is secured by SSL/HTTPS. The certificate is the default Glassfish certificate (for testing purposes only! It will be changed later on).
>
> I generated the code for this webservice from an existing WSDL file - it all works fine.
>
> Now, there's the thing: When I use the client class wsimport generated, I was initially getting an exception (I forget what, exactly) that basically boiled down to the fact that I was passing an unexpected URL for the WSDL - I had thought that I could pass in a URL of the form [i]https://localhost:8181/ws_app/webservicepath?wsdl[/i]
>
> However, I was wrong - it needed the hostname: [i]https://hostname:8181/ws_app/webservicepath?wsdl[/i]. Changed it to that and everything worked as expected.
>
> For reference, the relevant lines of code is like so (fix included - previously hostname would have been hardcoded to localhost):
>
> InetAddress address = InetAddress.getLocalHost();
> hostname = address.getHostName();
>
> WebServiceInterface wsi = new WebServiceInterface(new URL("https://" + hostname + ":8181/ws_app/WebserviceNameService?wsdl"), new QName(
> "urn:B2C:Customer:Webservicev1.0", "WebServiceInterface"));
>
> The relevant section of the WebServiceInterface class looks like so:
>
> import javax.xml.ws.Service;
>
> public class WebServiceInterface
> extends Service
> {
>
> public WebServiceInterface(URL wsdlLocation, QName serviceName) {
> super(wsdlLocation, serviceName);
> }
> }
>
> What I would like is to be able to use any of the hostname, localhost, or 127.0.0.1 in the URL for the WSDL - the first thing that comes to mind is simply overriding whatever authenticates the hostname. It may also be the case that I need to allow both the hostname or the IP of the server. I'm not sure exactly what I'll need to do yet.
>
> However, if there is a better option, I'd be glad to investigate it.
>
> I also understand that things are probably this way for a good reason, but I still need to understand how to change it as I may not be in a position where I can say "I don't think that's a good idea...". Alternatively, this may turn out to be a non-issue.
>
> Thanks for any help you can give, folks.
>
> - ipsi
> [Message sent by forum member 'ipsi' (ipsi)]
>
> http://forums.java.net/jive/thread.jspa?messageID=331710
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>