Open UlrichLohrmann opened 2 years ago
@UlrichLohrmann I really appreciate you taking the time to open this issue and bringing it to our attention. I'm going to take a look at our config and see if I can spot a reason for the mismatch. I'll keep you posted if I find a cause/solution.
@UlrichLohrmann so I did some digging, and it looks like the metadata for the server.xml config expects an integer value (as I'm sure you've guessed by the failure message). Where the ibm-ws-bnd.xml config expects one of three possible strings: NONE, INTEGRAL, CONFIDENTIAL, the server.xml transport-guarantee element expects one of three integer values: 0, 1, 2. These three integer values map to the possible string values in ibm-ws-bnd.xml like this:
0 = NONE 1 = INTEGRAL 2 = CONFIDENTIAL
So for your use case, I'd suggest you change the value of CONFIDENTIAL to 2 and it should work. Can you try that and let me know if it resolves the failure your hitting?
Note: Putting in '2' is alright only as a temporary work-around. If the XML text were subsequently copied into the application, a different exception would occur. The correct fix for this is for the parsing code to correctly handle the value as a string value.
@neuwerk Thank you for keeping me informed. I tried to use the numeric value 2 instead of CONFIDENTIAL in server.xml and it worked as expected. If this will be fixed is it possible to post the Open Liberty version that contains the fix?
@UlrichLohrmann apologizes for the delay getting back to you, but yes, if it is fixed we can link the PR and give a Open-Liberty release that it goes into.
Open Liberty Version: Open Liberty 21.0.0.9 (wlp-1.0.56.cl210920210824-2341) wlp.install.dir = D:/Programme/openLiberty/openLiberty-JAXWSDemo/wlp/ java.home = D:\tools\jdk\w2k\AdoptOpenJDK-11\11.0.10.9-openj9 java.version = 11.0.10 java.runtime = OpenJDK Runtime Environment (11.0.10+9) os = Windows 10 (10.0; amd64) (en_US)
I have an EJB based JAX-WS service and I would like to ensure that access to the service is via TLS.
According to documentation the user data contstraint of a JAX-WS web service can be set in server.xml using enterpriseApplication > webservices-bnd > http-publishing > webservice-security > security-constraint > user-data-constraint.
Example:
Using this configuration the following error message is displayed during startup:
If I put the webservices-bnd configuration into META-INF/ibm-ws-bnd.xml everything works fine.