Coldfusion 11 Web Services and SSL Issue

Similar Messages

• RPC Style Web Service and SSL

  Hi,
  Has anyone tried (and maybe succeeded) in accessing an
  RPC-style Web Service deployed on WebLogic Server 6.1 using
  SSL? I have a Web Service deployed and am able to access it using JNDI and the
  weblogic.soap.http.SoapInitialContextFactory
  INITIAL_CONTEXT_FACTORY. However, when I try to set the
  Context.SECURITY_PROTOCOL to "ssl" and access the secure port,
  I get a "java.net.SocketException: Unexpected end of file from
  the server" error message.
  Does the weblogic.soap.http.SoapInitialContextFactory not
  support SSL? Do I need to do the SOAP/XML messaging myself,
  without being able to make use of the WebLogic convenience
  classes? Thanks! Rob

  Alright!
  Glad you got it working ;-)
  Actually, the problem with the protocol being hardcoded to http in the wsdl.jsp,
  is a bit strange. It's unusual that the BEA engineers that coded the wsgen component
  and support classes, didn't use something like the following:
  <soap:address location="<%= request.getScheme() + "://" + request.getServerName()
  + ":" + request.getServerPort() %>/security/examples/webservices/security/PhoneBookService"/>
  I don't use wsgen too much, because I need to have more control over the J2EE
  packaging. It (wsgen) is great for spitting out stuff, but not really setup for
  doing Web service packaging that use classes (i.e. helper files, frameworks, etc.)
  that it doesn't generate. I think they (BEA) might be looking into integrating
  the Web Services assembly process with other tools like WebGain, Forte, etc. to
  alleviate these types of issues.
  Anyway, glad you got it working, so now you can help somebody else (time permitting,
  of course) with this topic in the future!
  Regards,
  Mike Wooten
  "Rob Nelson" <[email protected]> wrote:
  >
  Mike,
  Thank you very much for your response! The next to
  last sentence did it for me (when you mentioned checking
  that the location attribute of the soap:address element
  was set properly)! I noticed that when I viewed the WSDL
  file via the browser (by clicking on the link in the
  index.html page), I saw http://host:<unsecure_port> when
  I requested it over the unsecure port, but I saw
  http://host:<secure_port> when I requested the WSDL over
  the secure port. Notice it did not say https!
  So, I unjarred the EAR file that was generated by my
  wsgen task, and then unjarred the generated WAR file
  contained therein. When I looked at wsdl.jsp, I noticed
  that "http" was hard-coded in the location attribute, but
  that the host name and port number were dynamically
  generated. So I added a scriplet to dynamically place an
  "s" after "http" (if request.isSecure()) and rejarred up
  the WAR and EAR files.
  Now when I deployed the EAR file, I see "https" when
  I request the WSDL over the secure port, and my client
  (actually your client;) works! Awesome! I really appreciate
  your help! Now my only issue is why did the wsdl.jsp have
  "http" hard-coded, not accounting for secure requests.
  These files were generated by the WSGEN task in ANT.
  I figure it's either: I have a configuration problem,
  I have a problem with my ANT build script, my version of
  WebLogic Server (6.1 w/SP1 built 9/18/2001) has a bug, or
  maybe you just have to manually go in and modify the wsdl.jsp
  file if you want to use https :(. Please let me know if
  you have any insight on this, and I will also follow up
  with WebLogic support. Thanks again! Rob
  "Michael Wooten" <[email protected]> wrote:
  Hi Rob,
  I am absolutely sure the code I posted works, so we need to approach
  this from
  a different angle ;-)
  First, I know why the Context.SECURITY_PROTOCOL approach doesn't works.
  It's because
  the namespace in the Web Services code examples is not the same oneas
  the one
  used for RMI objects, EJBs, JDBC Data Sources, etc. For those objects,
  the Context.PROVIDER_URL
  is something like "t3://localhost:7001", and the INITIAL_CONTEXT_FACTORY
  is "weblogic.jndi.WLInitialContextFactory".
  The one being used with WebLogic Web Services, is mainly just functioning
  as a
  mechanism for manufacturing WebServiceProxy objects, because it is a
  non-instanciable!
  It does this by using a subclass of javax.naming.Context called SOAPContext,
  which
  is completely hidden from you, but also doesn't do much except implement
  the lookup()
  method. The implementation of this method ignores the Context.SECURITY_URL
  property,
  but it does pay attention to the "java.naming.security.principal" and
  "java.naming.security.credentials"
  properties. You don't need these properties for SSL, just Basic Authentication.
  Enough about that, though. The service end-point is a servlet right?
  So this means
  it has a URL that begins with http or https, which in turn means the
  WebLogic
  servlet engine gets the SOAP request and sends it to the StatelessSessionAdapter
  servlet. To WLS, this is just like any other HTTP/HTTPS request sent
  to it ;-)
  There is no special "SOAP-related" HTTP/HTTPS handler in WLS, but the
  SSL challenge
  dance still happens. So my first question is, are you sure you havethe
  HTTPS
  attributes set properly in the WebLogic console. SSL/HTTPS should be
  enabled and
  the "Hostname Verification Ignored" checkbox should be checked. Next,
  are you
  sure the URL assigned to the location attribute of the <service> element
  in the
  WSDL is correct (i.e. https://localhost:7002)? Are you using the "dynamic
  client"
  approach?
  Regards,
  Mike Wooten
  "Rob Nelson" <[email protected]> wrote:
  Mike,
  Thanks for your response. I downloaded the code example that
  you
  posted
  last week, as well as the code example that you posted in October for
  a similar
  request (BEA Support pointed me towards that). Unfortunately, I still
  can't get
  the Web Service to respond to the client request when the client uses
  the HTTPS
  port for the WebLogic Server.
  I tried two different client approaches. The first uses the client
  code
  that you posted in October, the WebServiceProxy approach. The second
  approach
  is based on the example in the WebLogic documentation, which uses the
  weblogic.soap.SoapInitialContextFactory
  class with the javax.naming.Context object to perform a lookup on the
  service
  (which closely resembles rmi without the narrowing).
  Both client classes fail to invoke the the service itself viaHTTPS
  (although
  they both work when making HTTP requests to the unsecure port). However,
  when
  I run the client based on the client class that you posted in October
  and make
  an HTTPS request, I can see in the output where it is able to download
  the WSDL
  file and use it (via the WebServiceProxy) to describe the availablemethods
  for
  the associated Web Service. It is only when the actual invoke() method
  is called
  on the SoapMethod object (which in turn sends the XML request to the
  Web Service
  Servlet), that the server doesn't respond, and the client fails with
  an UnexpectedEndOfFileException
  (i.e. no response).
  So, do you know why the servlet that the RPC-style Web Serviceuses
  to handle
  requests would not respond to HTTPS requests, when it processes HTTP
  requests
  without a problem (using the same client code that fails with the HTTPS
  request)?
  I am using WebLogic Server 6.1 w/SP1 on a Solaris 8 platform. Thanks
  for any
  advice you can give me! Rob
  "Michael Wooten" <[email protected]> wrote:
  Hi Rob,
  Check out the attached zip for "insights" into how to do this. It
  contains
  the
  code for two Web service "consumers" (that the new fangled word fora
  "client")
  and the web.xml and weblogic.xml for the RPC-style Web Service, that
  they consume.
  Hope this helps,
  Mike Wooten
  "Rob Nelson" <[email protected]> wrote:
  Hi,
  Has anyone tried (and maybe succeeded) in accessing an
  RPC-style Web Service deployed on WebLogic Server 6.1 using
  SSL? I have a Web Service deployed and am able to access it using
  JNDI
  and the
  weblogic.soap.http.SoapInitialContextFactory
  INITIAL_CONTEXT_FACTORY. However, when I try to set the
  Context.SECURITY_PROTOCOL to "ssl" and access the secure port,
  I get a "java.net.SocketException: Unexpected end of file from
  the server" error message.
  Does the weblogic.soap.http.SoapInitialContextFactory not
  support SSL? Do I need to do the SOAP/XML messaging myself,
  without being able to make use of the WebLogic convenience
  classes? Thanks! Rob

• Web Service Using SSL issue

  I have a web service that has been working fine using http. Just switched over to SSL using the <WLHttpsTransport> tag on the jwsc ant command. Now I get the following error at runtime: Any ideas/suggestions? Thanks in advance - Craig
  16:22:27,953 INFO [STDOUT] Caused by: java.lang.NoClassDefFoundError: org/apache/tools/ant/BuildException
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.bind.buildtime.internal.TylarJ2SBindingsBuilderImpl.<init>(TylarJ2SBindingsBuilderImpl.java:87)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.bind.buildtime.J2SBindingsBuilder$Factory.newInstance(J2SBindingsBuilder.java:30)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.util.ExceptionUtil.<clinit>(ExceptionUtil.java:48)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.util.FaultUtil.exception2Fault(FaultUtil.java:230)
  16:22:27,953 INFO [STDOUT] at weblogic.wsee.message.soap.SoapMessageContext.setFault(SoapMessageContext.java:102)

  I thought I would post an update since I found a solution. The problem was a ClassCast exception in a part of the SSL stack, that wanted to use the ant BuildException class. This has the effect of hiding the real issue which was that the SSL connection was not successfully occuring. The real problem was that the SSL connection started with a WSDL retrieved via SSL, but the connection for the port was through a username/password. When a username/password is used to create a port, the WL stack falls back to http and causes a ClassCast exception on weblogic.wsee.connection.transport.http.HttpTransportInfo. The solution is to create an https transport object when the service impl is created:
  HttpsTransportInfo transport = new HttpsTransportInfo ();
  transport.setUsername (user.getBytes ());
  transport.setPassword (pass.getBytes ());
  gServiceImpl = new PersistenceManagerService_Impl (url, transport);
  and to create the port without parameters:
  port = getServiceImpl ().getPersistenceManagerServicePort ();
  This allows one-way SSL with username/password for the connection.

• ASMX web service and The remote server returned an error: (500) Internal Server Error issue

  i have developed a very small web service and which is hosted along with our web site. our webservice url is
  http://www.bba-reman.com/Search/SearchDataIndex.asmx
  web service code
  namespace WebSearchIndex
  #region SearchDataIndex
  /// <summary>
  /// SearchDataIndex is web service which will call function exist in another library for part data indexing
  /// </summary>
  [WebService(Namespace = "http://tempuri.org/")]
  [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
  [System.ComponentModel.ToolboxItem(false)]
  // To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line.
  // [System.Web.Script.Services.ScriptService]
  public class SearchDataIndex : System.Web.Services.WebService
  //public AuthHeader ServiceAuth=null;
  public class AuthHeader : SoapHeader
  public string Username;
  public string Password;
  #region StartIndex
  /// <summary>
  /// this function will invoke CreateIndex function of SiteSearch module to reindex the data
  /// </summary>
  [WebMethod]
  public string StartIndex(AuthHeader auth)
  string strRetVal = "";
  if (auth.Username == "Admin" && auth.Password == "Admin")
  strRetVal = SiteSearch.CreateIndex(false);
  else
  SoapException se = new SoapException("Failed : Invalid credentials",
  SoapException.ClientFaultCode,Context.Request.Url.AbsoluteUri,new Exception("Invalid credentials"));
  throw se;
  return strRetVal;
  #endregion
  #endregion
  when i was calling that web service from my win apps using
  HttpWebRequest
  class then getting error The remote server returned an error: (500) Internal Server Error
  here is code of my win apps from where i am calling web service
  string strXml = "";
  strXml = "<s:Envelope xmlns:s='http://schemas.xmlsoap.org/soap/envelope/'><s:Body><StartIndex xmlns='http://tempuri.org/' xmlns:i='http://www.w3.org/2001/XMLSchema-instance'><auth><Username>joy</Username><Password>joy</Password></auth></StartIndex></s:Body></s:Envelope>";
  string url = "http://www.bba-reman.com/Search/SearchDataIndex.asmx";
  HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
  req.Method = "POST";
  req.ContentType = "text/xml";
  req.KeepAlive = false;
  req.ContentLength = strXml.Length;
  StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), System.Text.Encoding.ASCII);
  streamOut.Write(strXml);
  streamOut.Close();
  StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
  string strResponse = streamIn.ReadToEnd();
  streamIn.Close();
  i am just not being able to understand when this line execute
  StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
  then getting the error The remote server returned an error: (500) Internal Server Error
  not being able to understand where i made the mistake. mistake is in the code of web service end or in calling code?
  help me to fix this issue. thanks

  Hi Mou,
  I just tried your win app code about calling web service, but failed. I got the 500 error after I called your service:
  The error message I quoted from Fiddler:
  <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>System.Web.Services.Protocols.SoapException: Failed : Invalid credentials ---&gt; System.Exception: Invalid credentials
  --- End of inner exception stack trace ---
  at BBAReman.WebSearchIndex.SearchDataIndex.StartIndex(AuthHeader auth)</faultstring><faultactor>http://www.bba-reman.com/Search/SearchDataIndex.asmx</faultactor><detail /></soap:Fault></soap:Body></soap:Envelope>
  I am not totally sure that error occurred by the authentication. But I suggest you can try to add this service into your project using this method below:
  1.right click the Reference and select Add Service Reference
  2.input your service link and click "Go"
  And you can use this service as the following:
  private async void callService()
  ServiceReference1.SearchDataIndexSoapClient client =new ServiceReference1.SearchDataIndexSoapClient();
  var Str= await client.StartIndexAsync(new ServiceReference1.AuthHeader { Username = "Admin", Password = "Admin" });
  Please try it.
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Web service client behind a proxy server connecting to web service over SSL

  Hi Friends,
  A web service is exposed by an external system over SSL. We are behind a proxy server and are trying to get connected to web service over SSL. <p>
  We are getting the following error on the test browser of workshop<p><p>
  External Service Failure: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.<p><p>
  the whole trace is <p>
  <p>JDIProxy attached
  <Sep 24, 2005 9:27:25 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl:salesExpertServiceControl; Method=creditcheckcontr
  ol.SalesExpertServiceControl.doCreditVerification(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:javax.net.ssl.SSLHandshakeException
  String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
  Detail:
  END SERVICE FAULT>
  <Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl; Method=creditcheckcontrol.CreditCheck.testCreditC
  heck(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:javax.net.ssl.SSLHandshakeException
  String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
  Detail:
  END SERVICE FAULT [ServiceException]>
  <Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=top-level; Method=processes.CreditCheck_wf.$__clientRequest(); Fai
  lure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled process exception [ServiceException]>
  <Sep 24, 2005 9:27:26 AM EDT> <Error> <WLW> <000000> <Failure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled pr
  ocess exception [ServiceException]><p>
  I am not able to make out what could be possibly wrong. Please let me know if you guys have any ideas about how to resolve it.
  Thanks
  Sridhar

  did you resolve this problem. I am looking at the same issue. If you did I would really appreciate your response.
  Thanks.

• Web Service over SSL hangs if sent data size exceeds around 12Kb

  Hi,
  I have a Web Service running on a WebLogic Server 10.3. One of its purposes is to send and receive documents over a one-way SSL connection. The service runs fine if the documents are smaller than around 12Kb, however if its larger than that, the service simply hangs. From SSL debug information it looks like some data is sent but afterwards it simply stops. When testing the Web Service without SSL it works fine, which points to an SSL issue. Also, surprisingly, when it receives documents over the SSL, it also works fine. I assumed there is a parameter that limits the size of the POST message sent over SSL, however all the parameters that I found, that could do that, were already set to unlimited.

  We ended up resolving this issue. It turned out to be something really simple. The client that was sending the soap traffic did not have the proper SSL certificate installed on the server that was generating the soap traffic.

• Web Service over SSL failing in BEA Workshop

  I have deployed a web service on weblogic 9.2
  I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
  i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
  IWAB0135E An unexpected error has occurred.
  IOException
  sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  on server:
  <Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
  if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
  of course non-secure url for the web service is working fine in every case.
  what can be the reason for this failing only in 'web services explorer' in bea workshop?
  cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
  thanks.

  Hello,
  I used this example, when I made my experiments with SSL and Glassfish (GF):
  http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
  If you have problems with GF I suggest to post a message here:
  http://forums.java.net/jive/forum.jspa?forumID=56
  e.g. here is one thread:
  http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
  Miro.

• Calling a web service through SSL via a stand alone java class

  HI,
  I am trying to call a web service through SSL via a simple stand alone java client.
  I have imported the SSL certificate in my keystore by using the keytool -import command.
  Basically I want to add a user to a group on the server. Say I add a user user 1 to group group 1 using an admin userid and password. All these values are set in an xml file which I send to the server while calling the server. I pass the web service URL, the soap action name and the xml to post as the command line arguments to the java client.
  My xml file(Add.xml) that is posted looks like :
  <?xml version="1.0" encoding="UTF-8"?>
  <SOAP-ENV:Envelope
  xmlns:xsi = "http://www.w3.org/1999/XMLSchema-instance"
  xmlns:SOAP-ENC = "http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:SOAP-ENV = "http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd = "http://www.w3.org/1999/XMLSchema"
  SOAP-ENV:encodingStyle = "http://schemas.xmlsoap.org/soap/encoding/">
  <SOAP-ENV:Body>
  <namesp1:modifyGroupOperation xmlns:namesp1 = "/services/modifyGroup/modifyGroupOp">
  <auth>
  <user>adminUser</user>
  <password>adminPassword</password>
  </auth>
  <operationType>ADD</operationType>
  <groupName>group1</groupName>
  <users>
  <userName>user1</userName>
  </users>
  </namesp1:modifyGroupOperation>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  I call the client as:
  java PostXML https://com.webservice.com/services/modifyGroup "/services/modifyGroup/modifyGroupOp" Add.xml
  I my client, I have set the following:
  System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
  System.setProperty("javax.net.ssl.keyStorePassword", "password");
  System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
  System.setProperty("javax.net.ssl.trustStorePassword", "password");
  But when I try to execute the java client, I get the following error:
  setting up default SSLSocketFactory
  use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
  class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
  keyStore is : C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
  keyStore type is : jks
  keyStore provider is :
  init keystore
  init keymanager of type SunX509
  trustStore is: C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
  trustStore type is : jks
  trustStore provider is :
  init truststore
  adding as trusted cert:
  init context
  trigger seeding of SecureRandom
  done seeding SecureRandom
  instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
  main, setSoTimeout(0) called
  main, setSoTimeout(0) called
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: .....
  Compression Methods: { 0 }
  [write] MD5 and SHA1 hashes: len = 73
  main, WRITE: TLSv1 Handshake, length = 73
  [write] MD5 and SHA1 hashes: len = 98
  main, WRITE: SSLv2 client hello message, length = 98
  [Raw write]: length = 100
  [Raw read]: length = 5
  [Raw read]: length = 58
  main, READ: TLSv1 Handshake, length = 58
  *** ServerHello, TLSv1
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
  ** SSL_RSA_WITH_RC4_128_MD5
  [read] MD5 and SHA1 hashes: len = 58
  [Raw read]: length = 5
  [Raw read]: length = 5530
  main, READ: TLSv1 Handshake, length = 5530
  *** Certificate chain
  chain [0] = ...
  chain [1] = ...
  chain [2] = ...
  chain [3] = ...
  main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
  main, WRITE: TLSv1 Alert, length = 2
  [Raw write]: length = 7
  0000: 15 03 01 00 02 02 2E .......
  main, called closeSocket()
  main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  main, called close()
  main, called closeInternal(true)
  main, called close()
  main, called closeInternal(true)
  main, called close()
  main, called closeInternal(true)
  Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
  ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
  at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
  at java.io.BufferedOutputStream.flush(Unknown Source)
  at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
  at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2110)
  at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1088)
  at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
  at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
  at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
  at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
  at PostXML.main(PostXML.java:111)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find v
  alid certification path to requested target
  at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
  at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
  at sun.security.validator.Validator.validate(Unknown Source)
  at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
  at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
  ... 18 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
  at java.security.cert.CertPathBuilder.build(Unknown Source)
  ... 23 more
  I do not know where I have gone wrong. Could someone point out my mistake.
  Thanks In advance!

  Hi jazz123,
  There's an example in the [*Java Web Services Tutorial*|http://java.sun.com/webservices/docs/2.0/tutorial/doc/] : see Chapter 1: Building Web Services with JAX-WS - A Simple JAX-WS Client.

• BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6

  We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
  <Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
  wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
  at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
  tboundMessageContext.java:310)
  at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
  Truncated. see log file for complete stacktrace
  This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
  After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
  Thanks.
  Matt
  Edited by: user6946981 on Sep 17, 2009 7:58 AM

  Are you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
  I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
  Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
  Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way.

• Web Service Proxy client to invoke a Web service on SSL (Jdev 10.1.3.1)

  Hi,
  I have to develope a Web Service proxy client to invoke a web service on SSL. First I'm testing with OC4J 10.1.3.1 and JDEV 10.1.3.1 and did this:
  1) Developed a basic PL/SQL Web Service with JDEV and publish on my standalone OC4J.
  2) Made a test with a browser, it worked OK
  3) Generated a proxy client from JDev 10.1.3.1 to invoke web service, it worked OK
  --- Now make it work on SSL----
  4) Then, added SSL configuration to oc4j , generated a certificate with keytool (updated server.xml, secure-web-site.xml), and shutting down and starting the OC4j instance.
  5) Import the certificate to JAVA_HOME/jre/lib/security/cacerts
  6) Test web service from browser on https and worked OK.
  7) When tried to modified proxy client (generated in step 3) to make it work on SSL, I realized that just changing the END_POINT to the new url (https) it worked!
  Questions----
  1.- By default the proxy client generated from JDEV 10.1.3.1 knows how to deal with SSL conections?
  2.- If I dont have previously the server certificate to import it into JAVA keystore (cacerts) how could I ,from proxy client code, capture it and import it before the validation occurs... because if the certificate is not in keystore , the program fails.
  Thanks in advance
  J.

  Hi,
  Could you please provide me with the steps necessary to create a web service proxy client through JDeveloper or any other mechanism when 2 way SSL (requiring client authentication) is enabled.
  Thanks a lot in advance
  Nilesh

• IE browser and Web Cache and SSL - Internet Explorer cannot display the web page

  When using IE8, IE9, or IE10 with Web Cache and SSL certain pages which display a lot of data returns the error - "Internet Explorer cannot display the web page."
  if we eliminate SSL but continue to use Web Cache, the error does *not* reproduce & If we eliminate Web Cache altogether the error again does *not* reproduce.  The error is only reproducible when we use SSL with Web Cache and if we use IE and we access *large* pages. The error is not reproducible with Firefox or Chrome. This is a Web Tier 11.1.1.7 installation with WebLogic 10.3.6 & Red Hat Enterprise 5 Linux x86-64
  Event_log shows below errors.
  [2013-06-13T16:34:35-04:00] [webcache] [NOTIFICATION:1] [WXE-09002] [logging] [ecid: ] Generated by Oracle Web Cache on Thu Jun 13 16:34:35 2013 - Build 11.1.1.7.0 130113.0721
  [2013-06-13T16:34:36-04:00] [webcache] [NOTIFICATION:1] [WXE-08513] [logging] [ecid: ] Cache server process ID 4469 is starting up.
  [2013-06-13T16:34:36-04:00] [webcache] [NOTIFICATION:1] [WXE-09612] [main] [ecid: ] Oracle Web Cache 11g (11.1.1.6), Build 11.1.1.7.0 130113.0721
  [2013-06-13T16:34:37-04:00] [webcache] [NOTIFICATION:1] [WXE-13002] [config] [ecid: ] Maximum allowed incoming connections are 1000
  [2013-06-13T16:35:00-04:00] [webcache] [NOTIFICATION:1] [WXE-09441] [stats] [ecid: ] DMS enabled
  [2013-06-13T16:35:28-04:00] [webcache] [NOTIFICATION:1] [WXE-12209] [cluster] [ecid: ] A 1 node cluster successfully initialized
  [2013-06-13T16:35:29-04:00] [webcache] [NOTIFICATION:1] [WXE-09614] [main] [ecid: ] The following Oracle Web Cache internal files are pre-populated to the cache: [[
          /nssb-p.adm.fit.edu:7785/_oracle_http_server_webcache_static_.html
          /nssb-p.adm.fit.edu:4448/_oracle_http_server_webcache_static_.html
  [2013-06-13T16:35:29-04:00] [webcache] [NOTIFICATION:1] [WXE-09614] [main] [ecid: ]  [[
  The following Oracle Web Cache internal files are pre-populated to the cache: [[
          /nssb-p.adm.fit.edu:7785/_oracle_http_server_webcache_checkserviceavailability_.html
          /nssb-p.adm.fit.edu:4448/_oracle_http_server_webcache_checkserviceavailability_.html
  [2013-06-13T16:35:29-04:00] [webcache] [NOTIFICATION:1] [WXE-09608] [main] [ecid: ] The cache server process started successfully.
  [2013-06-13T16:35:29-04:00] [webcache] [WARNING:1] [WXE-12104] [utl] [ecid: ] Oracle Web Cache process has page faulted
  [2013-06-13T16:44:22-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-29049
  [2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The record type is unknown.
  [2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Remote IP [163.118.22.16]:55145
  [2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Local IP 163.118.170.70:4448
  [2013-06-13T16:44:22-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: SSL error during handshake (details: internal=The record type is unknown. system=Success)
  [2013-06-13T16:44:27-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-29049
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The record type is unknown.
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Remote IP [163.118.22.16]:55144
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Local IP 163.118.170.70:4448
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: SSL error during handshake (details: internal=The record type is unknown. system=Success)
  [2013-06-13T16:44:27-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-29049
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The record type is unknown.
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Remote IP [163.118.22.16]:55148
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: Local IP 163.118.170.70:4448
  [2013-06-13T16:44:27-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: SSL error during handshake (details: internal=The record type is unknown. system=Success)
  [2013-06-13T16:44:35-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
  [2013-06-13T16:44:35-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:44:47-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:45:18-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:45:18-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:45:22-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
  [2013-06-13T16:45:22-04:00] [webcache] [ERROR:32] [WXE-11904] [security] [ecid: ] SSL handshake fails SSL-28864
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:45:38-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  [2013-06-13T16:45:41-04:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: This error occurred because the peer closed the connection.
  [2013-06-13T16:45:41-04:00] [webcache] [WARNING:1] [WXE-11906] [security] [ecid: ] SSL details: success during initialization (details: internal=success system=Success)
  Any help or suggestions are greatly appreciated
  Tnx a lot,
  Lokesh

  Hello ,
  Try Below Workarounds:
  Workaround 1:
  Open Central Admin
  àApplication Management  à
  Configure Alternate access mapping-->Edit your web application zone and add your server name in Intranet zone. So default can be serverIP and intranet could be servername.
  Workaround 2:
  Might be there is some issue with DNS and try to check that WebApplication is pointing to correct IP or not.  
  Also try to access your Sharepoint site using ip Address .. If you still gets error Kindly share the logs .. 
  Best
  Regards Kuldeep Verma
  Please remember to click "Mark As Answer"
  if a post solves your problem or "Vote As Helpful" if it was useful.

• Java Web Start and SSL

  I have an AP designed as a Java Web Start program,
  and I want it to connect to a web service via SSL.
  I know how to do that in a normal AP. Just add a property like :
  System.setProperty("javax.net.ssl.trustStore","my.keystore");
  But since a JAWS program is downloaded from server, and don't have a my.keystore on local file system. I can't set a property that way. Is anyone know how to deal with this?
  Can a signed jar file help?
  Thanx in advance.

  We had the same problem. There's basically two ways around this. One is extremely easy and the other is a pain.
  easy: Use a CA certificate on the web server (Verisign, thawte etc.). All java applications already have a keystore (cacerts) that recognizes
  these CAs. This keystore will be used when the cert on the server is a CA. Only drawback - $250 or so for the cert.
  painful: Programmatically extract your personal certificate keystore from the deployed client jar. Also programmatically apply it to your SSL handler. Basically - you have to code what's done in a regular App simply by "javax.net.truststore=keyfile". I didn't explore this option
  too much as the easy option was viable.

• Calling web service via SSL

  Hi,
  I do not succeed in calling a web service via SSL from within a Web Dynpro application.
  Current settings of my logical port:
  Target Address: https://...
  Authentication: HTTP authentication, basic (username/password)
  I do call methods _setUser and _setPassword to set userid and password before calling method execute() of my modelclass.
  On calling method execute(), I get message "Connection closed by remote host".
  Any suggestions ?
  Many thanks.
  Jorgen

  Can you check the following?
  1) Did you install the SAP Cryptographic toolkit for Java available from service.sap.com?
  2) Did you install the "Java Cryptography Extension (JCE)
  Unlimited Strength Jurisdiction Policy Files 1.4.2". For Sun they are available here: http://java.sun.com/j2se/1.4.2/download.html (last item on page)
  3) How is the SSL server configured? Does it require client authentication? In this case you must send a client certificate.

• Calling web service with SSL (HTTPS) hangs client stub

  If anyone can help it would make my day! I've spent way too much time on this!!!
  I'm running:
  - Web service is running on Linux RedHat with Oracle9iAS 9.0.3
  - Client is running from Windows XP under Jdeveloper
  I've successfully installed and run the web security demo "ws_security" at http://otn.oracle.com/sample_code/tech/java/web_services/wssecurity/ws_security.jar.
  This demo goes through installing the web service, certificates, etc... and the demo runs fine. I'm also able to connect to the web service from a browser using https://server1:4443/CreditCardValidator/CreditCardValidator. I can download the proxy, look at the WSDL, etc...
  Now I've written my own very simple stateless java class web service, deployed it to 9iAS , and then downloaded the proxy stub jar. Using the proxy stub I can call my web service and everything works fine.
  Then I configure the web service to use HTTPS by making the following changes to the proxy stub (per the ws_security demo).
  1) Copy the following 5 lines to the proxy stub
  System.setProperty("ssl.SocketFactory.provider","oracle.security.ssl.OracleSSLSocketFactoryImpl");
  System.setProperty("ssl.ServerSocketFactory.provider","oracle.security.ssl.OracleSSLServerSocketFactoryImpl");
  System.setProperty("java.protocol.handler.pkgs","HTTPClient");
  System.setProperty("oracle.wallet.location","C:\\Data\\Oracle\\WALLETS\\ws_security\\wallet.txt");
  System.setProperty("oracle.wallet.password","thewalletpassword");
  2) modify the "m_soapURL" by changing "http" to "https" and the port number to 4443
  3) add the following 3 jar files to my projects library class list:
  C:\Program Files\jdev9031\jlib\jssl-1_2.jar
  C:\Program Files\jdev9031\jdk\jre\lib\ext\jcert.jar
  C:\Program Files\jdev9031\lib\jsse.jar;C:\Program Files\jdev9031\jlib\javax-ssl-1_2.jar
  When I run the proxy stub it just hangs. I've traced the hang to the "Response response = call.invoke(new URL(m_soapURL), soapActionURI);" statement in the "makeSOAPCallRPC" method in the proxy stub.
  Again, this works fine if I simply change the "m_soapURL" to use "http" instead of "https". It looks like it's hanging on the client side and the call is never making it to the server.
  Any help is GREATLY appreciated!!!!!

  Could you explain it a little more, please.
  Since my first message, I used the wallet manager to add the certificate the server where the web service is at, uses.
  What else do I need to make it work??
  Thanks in advance again.

• Coldfusion invoke web service

  I am trying to invoke a web service and I'm getting an error.
  Error 401 Unauthorized.  Unable to read WSDL from URL: http://servername/generation/bj/TestCalculation.wsdl.  An exception occurred while invoking an event handler method from Application.cfc. The method name is: onRequest.
  I can put the URL in the browser and it will pull up the WSDL. I can call this from a flex program and it will work fine.  I don't know much about Flex and I'm just learning it so I wanted to see if I could get it to work with ColdFusion.  
  Here is the CFC I created:
      <cffunction name="myCalcFunction" access="remote" returntype="any">
              <cfinvoke
       webservice="http://servername/generation/bj/TestCalculation.wsdl"
       method="TestCalculation"
       returnvariable="response">
       <cfinvokeargument name="number1" value="#arguments.number1#"/>
       <cfinvokeargument name="number2" value="#arguments.number2#"/>
     </cfinvoke>
    <cfreturn response>
  </cffunction>
  Can anyone point me in the right direction of what I can do?
  thanks for the support.
  BJ

  BKBK -
     I'm new to SOA/web services so maybe I'm not saying it right but I don't think we are on the same page.  In the defintion, the WSDL is just an XML based file used to describe the functionality offered by a web service. I don't need to know anything about the service except the inputs and outputs and the URL to call the WSDL.
  I created a service to calculate two numbers and return the result using a software called NextAxiom that my company has.  This service is not sitting on our web server but on one of our machines on our network.  See below for the WSDL file I have listed.  I was just trying to use some of the standards that I read about and was using a CFC to invoke the web service so any CFM program would be able to call the CFC and not put it in the CFM program.  But for now I can just put in the invoke tag in my CFM code:
    <cfinvoke
              webservice="http://localhost/TestCalculation.wsdl?wsdl"
              method="TestCalculation" refreshwsdl="true"
              returnvariable="response">
              <cfinvokeargument name="number1" value="5"/>
              <cfinvokeargument name="number2" value="6"/>
                                </cfinvoke>
  <cfdump var="#response#">
  Doing this, I can run the CFM program and it will come back with 11.  This works great on my local CF server.  When I try and run it on my dev machine I get the 401 unauthorized error. (yes I change the path of the wsdl to the path that the WSDL is on my dev web server.)
  So it looks like some type of permission problem.  My question is where do I look?
  thanks for all replys,
  BJ
  Here is my WSDL file.  If you notice the bold line at the bottom, that is the server where my service is.
  <!-- 
  Automatically generated 09/23/2011 by Hyperservice Business Platform, NextAxiom Technology, Inc.
  -->
  <definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"xmlns:tns="http://www.nextaxiom.com/soapservice/TrainingBJ.TestCalc.TestCalculation/wsdl" xmlns:xsd="http://www.w3.org/2001/XMLSchema"xmlns:xsd1="http://www.nextaxiom.com/soapservice/xsd1" name="TrainingBJ.TestCalc.TestCalculation"targetNamespace="http://www.nextaxiom.com/soapservice/TrainingBJ.TestCalc.TestCalculation/wsdl"> 
  <types> 
  <schema xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified"targetNamespace="http://www.nextaxiom.com/soapservice/xsd1"> 
  <element name="TestCalculation"> 
  <complexType> 
  <sequence> 
  <element name="number1" type="long"/> 
  <element name="number2" type="long"/>
  </sequence>
  </complexType>
  </element>
  <element name="TestCalculationResult"> 
  <complexType> 
  <sequence> 
  <element name="result" type="long"/> 
  </sequence>
  </complexType>
  </element>
  </schema>
  </types>
  <message name="TestCalculationRequest"> 
  <part element="xsd1:TestCalculation" name="TestCalculation"/> 
  </message>
  <message name="TestCalculationResponse"> 
  <part element="xsd1:TestCalculationResult" name="TestCalculationResult"/> 
  </message>
  <portType name="TrainingBJ.TestCalc.TestCalculationSoapPort"> 
  <operation name="TestCalculation"> 
  <input message="tns:TestCalculationRequest"/> 
  <output message="tns:TestCalculationResponse"/>
  </operation>
  </portType>
  <binding name="TrainingBJ.TestCalc.TestCalculationSoapBinding" type="tns:TrainingBJ.TestCalc.TestCalculationSoapPort"> 
  <soap:binding xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" style="document" transport="http://schemas.xmlsoap.org/soap/http"/> 
  <operation name="TestCalculation"> 
  <soap:operation xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" soapAction="urn:doc?in=TestCalculation?out=TestCalculationResult?path=TrainingBJ.TestCalc.TestCalculat ion"/> 
  <input> 
  <soap:body use="literal"/> 
  </input>
  <output> 
  <soap:body use="literal"/> 
  </output>
  </operation>
  </binding>
  <service name="TrainingBJ.TestCalc.TestCalculation"> 
  <port binding="tns:TrainingBJ.TestCalc.TestCalculationSoapBinding" name="TrainingBJ.TestCalc.TestCalculationPort"> 
  <soap:address xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" location="http://nextaxb:7777/NXAServer/NextAxiomServer"/> 
  </port>
  </service>
  </definitions>