What is the easiest way to either configure Axis2 or extend the message listener to PREVENT any and all information regarding system from returning to the calling client?
An example of what I'm trying to prevent is as follows: Someone sends an improper soap request with some weird stuff in the header and the server responds:
HTTP/1.1 500 Internal Server Error
Date: Wed, 19 Nov 2014 13:12:34 GMT
Server: Apache
X-Powered-By: Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition 3.1.2.2 Java/Oracle Corporation/1.7)
Connection: close
Content-Length: 465
Content-Type: text/xml;charset=utf-8
...
<faultstring>javax.xml.stream.XMLStreamException: DOCTYPE is not allowed</faultstring>
What is the best way to prevent all of that information from being delivered back to the client? The glassfish messages can be turned off in GlassFish as answered below. I should have been more specific I want to set it up so that any and all exceptions never reach the client. I want to somehow force axis2 to use a generic message instead of returning an Exception. Is it possible to do this with Axis2?
You can add a
-Dproduct.name="".
in your JVM Option for suppressing the X-Powered-By
I'm using jCryption and JavaCryption, the server-side implementation of the jCryption JavaScript plug-in.
There appears to be an issue with what seems the Java implementation, in that FireFox's firebug is reporting a "not-well formed" error with the JSON that is returned to the client from the server. So, unlike the thread, "not well-formed" error in Firefox when loading JSON file with XMLHttpRequest, this is coming from the response object, NOT the request object.
I tried adding .JSON, application/json as a MIMEtype to my web server, IIS 7.5, but that didn't help. Then I tried .JSON, text/plain and that didn't help, either.
Do I have to edit the Java code to force application/json, when it sends it back to the client? Or, what can I do to resolve this issue?
Thank you for any help.
Here is the raw output for the first one causing the "not-well formed" error:
HTTP/1.1 200 OK
Content-Length: 294
Server: Microsoft-IIS/7.5
X-Powered-By: Nothing
Date: Tue, 23 Oct 2012 02:10:24 GMT
{"e":"10001","n":"b3fbbe3d2e3599e840a117be08f72726d8ee643dada3805ab24b9a9150d123a7a0902ae45f2f2e194e5462c4f5c3b91cca91b48d1f07c6cd7fab629a331148f66516df05dfa0bd95cc9f477069e60fa54eab8a5586d08436717758d9706b90c884eded7260af1ce5ff70f507b9c5ddb019b6e1313a77f4eab3b2d04a09934d8d","maxdigits":"131"}
Here is the second one:
HTTP/1.1 200 OK
Content-Length: 200
Server: Microsoft-IIS/7.5
X-Powered-By: Nothing
Date: Tue, 23 Oct 2012 02:10:24 GMT
{"challenge":"zf6iI5D8hVDCmMVuHIFy71ikKxcqVzkLplMDKP6Hgz7EPv2STfYjcBlf6ep1wu5OMCCsPKf4dRECpVvr7yIK8kCm0I5c4xTXCkmnyyzBXeHgbvkzGWVmaLzxj5RYajdWLFkvN1waV41FhR+PtK1tOmGe8k57wSZ/yyZUAsvh7NaJf6THc9P9rQ=="}
You need to look at what is in the actual response. You need to look at what the responses content-type header currently says, and what the body of the response contains. Firebug can show you both of those.
There is a good chance that the response body is not JSON at all ... but an HTML error report about some problem with the request (as the server sees it).
Either way, you can't resolve the problem properly until you have worked out what is causing it. Simply assuming that it is content type problem is not a sound strategy.
Based on the response you posted, the problem is most likely due to the fact that there is no Content-Type header. If this response comes from Java, then you probably do need to modify the Java (or JSP) to set the missing header in the response.
Set Content-Type to application/json in jsp file
Setting a Content-type header in a servlet.
(There are other ways to do this if it is impossible to change the servlet or JSP code.)
I'm have written an Axis2 client with XMLBeans binding and everything seems to work fine as far as creating the soap message. However, the http header has the protocol set to "POST /SOAP/ HTTP/1.1" (see debug logging below) which is causing the service provider to raise this error - Runtime extension for protocol 'SOAP/' not found
I couldn't find anything that i can configure within axis to not add /SOAP/ to the protocol, would appreciate any pointers!
I would rather not ask the service provider to address this issue and ideally would want to address this on the client side (by the way, the request works just fine using SoapUI).
2012/09/21 10:02:42:955 PDT [DEBUG] header - >> "POST /SOAP/ HTTP/1.1[\r][\n]"
I have a web application running on one of the apache instances. I am using Apache httpd.
In httpd error_log.log file below error is logged:
10.203.128.142 - - [08/Aug/2012:13:12:27 +0530] "GET /CMM_TM/js/common%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C/div%3E%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C/td%3E%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C/tr%3E%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C/table%3E%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cscript%20type= HTTP/1.1" 404 45
Why the error is logged in this format? I mean why the error log contains %20 %3C sort of things?
Please provide your valuable suggestions.
Worldpay (The payment processor from RBS) sends a HTTP Post to my website once a payment is accepted. Problem is - the Post isnt getting through and my server responds with one of the following 3 HTTP error's:
HTTP 408 (Timeout)
HTTP 405 (Not allowed)
Invalid status line >NULL<
Now when i Post something to the url from my test php script this works fine which leads me to believe the issue could be with the fact that the Post from them is created by Java:
POST /worldpay_success.html HTTP/1.0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Host: www.mysite.com
Content-Length: 116
User-Agent: WJHRO/1.0 (WorldPay Java HTTP Request Object)
authAmountString=%26%23163%3B1.99&_SP.charEnc=UTF-8&desc=Test.....etc
Does anyone have any experience with this? After speaking to Worldpay they say my server is responding with a 408 Timeout after 0.1 seconds so it doesnt seem to be properly timeing out... Any help apreciated
Paul
Check 405 Method Not Allowed and Request Timeout. It shouldn't matter if the POST request is created from Java.