tracker issue : CF-4203045

select a category, or use search below
(searches all categories and all time range)

Any reason CF does not preconfigure support of https for axis2 web services?

| View in Tracker

Status/Resolution/Reason: To Fix//EnhancementRequired

Reporter/Name(from Bugbase): Charlie Arehart / ()

Created: 06/30/2018

Components: Web Services, Axis 2

Versions: 2016

Failure Type: Others

Found In Build/Fixed In Build: /

Priority/Frequency: Normal /

Locale/System: /

Vote Count: 0

Ever since CF10 added support for axis2, folks trying to use that with https have found that it failed out of the box. Instead, they have to know to modify CF's axis2.xml file to add an https transportreceiver line. But why should we have to, now 6 years later? Why can't CF do this by default for us?

Is there some reason that turning it on by default is a problem? 

Of course, we can ask also if/whether Tomcat itself preconfigures it to be enabled by default, and if not, why not. I have not found any such info (via google searching about that https transportreceiver). 

In the meantime, those who may find this and need to enable it manually in CF10 and above, see this blog post:



Hi Charlie, There are two main reasons for not providing pre-configure support of https for axis2 web services: 1) If we will give both http and https configuration in xml file, the generated wsdl will  have both the secured and non-secured url as wsdl soap location.address. This address is located at the end of the generated wsdl. Exposing secure urls in the generated non secured wsdl will may not be acceptable by a user.  2) If we give both http and https condfiuration, default port will be 80 and  443 correspondingly. But user again need to modify the xml and restart the CF, in case if there is any change in the mentioned ports.    Thanks -Poonam
Comment by Poonam J.
29292 | July 09, 2018 09:10:33 AM GMT
Hi Charlie, Any comment on this? Shall I go ahead and  close this thread as "AsDesigned". Thanks Poonam
Comment by Poonam J.
29345 | July 18, 2018 04:10:53 AM GMT
Sorry, I somehow missed the notification of your first comment. So first thanks for that. And ok on your first point. That explains it. But why not then at least offer a checkbox in the cf admin, rather than have people need to rely only on that non-adobe blog post? And even if you may consider adding a technote I'd still think an option in the admin is warranted given the proliferation of SSL in recent years and months. Before closing this, would you be able to indicate if such an option would be considered? Thanks.
Comment by Charlie A.
29346 | July 18, 2018 12:19:04 PM GMT
Thanks Charlie! I would still agree to your comment to provide an option in admin to offer these manual steps. Could you please log an enhancement for the same so that it can be track via that. I guess, we need port value as an input from user on Admin while enabling this SSL option. User needs to restart CF after this. and this will work then.  
Comment by Poonam J.
29357 | July 19, 2018 09:44:13 AM GMT
Charlie, are you ok with the steps I mention. If yes, we can start an enhancement thread for the same. -Poonam
Comment by Poonam J.
29397 | July 25, 2018 05:48:48 AM GMT
Since this itself is an enhancement request, Lets track it  through this only. Here is the enhancement required: 1) CF Admin should have SSL option for web service. 2)Enabling this SSL option , an  input box for port should be visible. 3)Https configuration should get enable in xml file, with the entered port value.  4) user should be asked to restart CF for the changes to get affected.
Comment by Poonam J.
29400 | July 25, 2018 08:50:41 AM GMT
Sure, that looks great. Thanks. (Sorry, I don't always see email sent from notifications about replies here.) I wonder if an installer choice about this should be considered. I realize some would decry more installer choices, but this is no less likely than the one about making the add-on services respond to remote requests.
Comment by Charlie A.
29408 | July 27, 2018 11:11:57 AM GMT