Hi Odin,
You have omitted the mapping of the servlet "CheroServer" to a URL.
You need something like the following:
<servlet-mapping>
<servlet-name>CheroServer</servlet-name>
<url-pattern>/jobs/*</url-pattern>
</servlet-mapping>
Paul.
On Feb 26, 2009, at 11:15 PM, odin wrote:
> I have a web service using Jersey API on both server side and
> client side, the service is running on glassfishv3+jdk1.5. My web
> service worked well without https, now I want to secure the
> communication between client and server.
> I have tried the https example from http://blogs.sun.com/jluehe/entry/how_to_downshift_from_https
> , and it worked. It was a simple REST web service.
> I followed the examples in the forum but still can not get it
> running. My web.xml configuration is like follows:
>
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web
> Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"><!--http://java.sun.com/dtd/web-app_2_3.dtd--
> >
> <web-app>
> <display-name>Archetype Created Web Application</display-name>
> <servlet>
> <servlet-name>CheroServer</servlet-name>
> <servlet-
> class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-
> class>
> <init-param>
> <param-
> name>com.sun.jersey.config.property.resourceConfigClass</param-name>
> <param-
> value>com.sun.jersey.api.core.PackagesResourceConfig</param-value>
> </init-param>
> <init-param>
> <param-name>com.sun.jersey.config.property.packages</
> param-name>
> <param-value>org.chero.server.resources</param-value>
> </init-param>
> <load-on-startup>1</load-on-startup>
> </servlet>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Protected resource</web-resource-name>
> <url-pattern>/jobs</url-pattern>
> <http-method>POST</http-method>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Protected resource2</web-resource-name>
> <url-pattern>/jobs/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>DELETE</http-method>
> <http-method>PUT</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> </web-app>
>
> and to create the client:
>
> ClientConfig config = new DefaultClientConfig();
> HostnameVerifier hv = new HostnameVerifier() {
>
> //_at_Override
> public boolean verify(String hostname, SSLSession
> session) {
> System.out.println("Warning: URL Host: " + hostname +
> " vs. " + session.getPeerHost());
> return true;
> }
> };
> HttpsURLConnection.setDefaultHostnameVerifier(hv);
> try { // Create a trust manager that does not validate
> certificate chains
> TrustManager[] trustAllCerts = new TrustManager[]{new
> X509TrustManager() {
>
> public void
> checkClientTrusted(java.security.cert.X509Certificate[] certs,
> String authType) {
> }
>
> public void
> checkServerTrusted(java.security.cert.X509Certificate[] certs,
> String authType) {
> }
>
> public java.security.cert.X509Certificate[]
> getAcceptedIssuers() {
> return null;
> }
> }
> };
>
> // Install the all-trusting trust manager
> SSLContext sc = SSLContext.getInstance("SSL");
> sc.init(null, trustAllCerts, new
> java.security.SecureRandom());
>
>
> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
>
> } catch (Exception ex) {
> throw new RuntimeException(ex);
> }
>
> final String BASE_URI = "https://localhost:8181/cheroServer";
> Client c = Client.create(config);
>
> ......
> ClientResponse response = service.path("/jobs").
> type("multipart/
> mixed").post(ClientResponse.class, multiPart);
>
> Now when I type :
> http://localhost:8080/cheroServer/jobs in the web browser, it would
> redirect to :
> https://localhost:8181/cheroServer/jobs, but there is nothing but
> an error on the page:
> The requested resource () is not available.
>
> I would really appreciate if someone can give me help.
>
> Regards.
> Odin.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>