WSDL绑定URL在SSL终止后将协议更改为HTTP [英] WSDL binding URL changes protocol to HTTP when behind an SSL termination
问题描述
我们有一个简单的jax-ws SOAP服务器,该服务器由Apache CXF 3.2.6以独立(自托管)模式支持,使用嵌入式Jetty。该服务器使用CXF的 wsdl2java 首先生成wsdl。 WSDL是类路径上的文件,并且该物理WSDL文件在位置 https:// .... > soapbind:address 元素的属性。
We have a simple jax-ws SOAP server backed by Apache CXF 3.2.6 in standalone (self-hosted) mode that uses an embedded Jetty. The server was generated wsdl-first using CXF's wsdl2java. WSDL is a file on the classpath, and that physical WSDL file has https://.... in the location attribute of the soapbind:address element.
启动后,服务器将发布到 http://0.0.0.0:8080 。服务器还位于SSL终端后面,该终端路由 https:// external-name -> SSL终端-> http:// internal-name: 8080 ,因此在外部可以通过 https:// external-name 访问该服务及其WSDL。
When started, the server publishes to http://0.0.0.0:8080. The server also sits behind an SSL termination that routes https://external-name -> SSL termination -> http://internal-name:8080, so externally the service and its WSDL are available at https://external-name.
问题是,当通过 https:// external-name?wsdl 从已部署的服务器请求WSDL时,CXF会更改 http:// external-name (将协议从HTTPS更改为HTTP并保留所有其他内容),这会导致生成客户端代理,Soap UI等问题。
The problem is that when the WSDL is requested from the deployed server through https://external-name?wsdl, CXF changes the location attribute of the soapbind:address element in the resulting file to http://external-name (changes the protocol to HTTP from HTTPS and retains everything else ), which causes problems with generating client proxies, Soap UI, etc.
最糟糕的是,我们的我们的合作伙伴的SOA无法完全使用该服务,该SOA仅强制使用WSDL中的已发布位置。
What's worst, our service can't be consumed by our partner's SOA which enforces the usage of published location from WSDL exclusively.
我们如何解决此问题,除了消除SSL终止和使用CXF自己处理SSL? (这是可怕的,由于Java密钥库维护的噩梦,并且不得不在服务器实例中存储公司范围的证书+私钥)。
How can we solve this, short of removing SSL termination and having CXF handle SSL on its own? (which is horrible, due to Java keystore maintenance nightmare and having to store the company-wide certificate + private key in the server instance).
推荐答案
您可以在配置中将所需地址设置为 publishedEndpointUrl 。请参阅: http://cxf.apache.org/docs/jax-ws- configuration.html
You can set the desired address as publishedEndpointUrl in the configuration. See: http://cxf.apache.org/docs/jax-ws-configuration.html
这篇关于WSDL绑定URL在SSL终止后将协议更改为HTTP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
