Anyone ever called protected SOAP web service from Payara/JEE environment?

[J2eeInside J2eeInside]

There seems to be a difference in calling a secure web service, compared to calling from a desktop java application.
The web service call artifacts are created via standard wsimport Java tool.
Then, in order to provide username/pass, I created a

SOAPHandler<SOAPMessageContext> implementation, along with
javax.xml.ws.handler.HandlerResolver implementation

With that code, I am able to call protected SOAP service from Java desktop app.
But, the same code simply does not work in Payara, I am stuck with

java.lang.ClassCastException: class com.sun.xml.ws.message.saaj.SAAJHeader cannot be cast to class com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader (com.sun.xml.ws.message.saaj.SAAJHeader and com.sun.xml.ws.security.opt.impl.outgoing.SecurityHeader

At first I thought it is a Payara bug, but, after reading this:

http://javajeedevelopment.blogspot.com/2011/01/how-to-add-soap-header-using-jax-ws.html

I'm not sure it's a bug anymore . It seems that the service must be called in a different way . from within JEE environment.
Has anyone ever succeeded in this, and in what way?

[Ondro Mihályi]

Hi,

I remember I was able to call a protected SOAP service from Netbeans when I investigated an issue for a Payara Enterprise customer. It required some tweaking of the WSIT descriptors. However, there are so many different variations how to call a secured SOAP service depending on how the service is secured on teh server side that, even if I found my old example project, it would probably still require some research to give you some useful information. Secured SOAP services are unfortunately not standardized and it's also not well documented. I won't have time to do the research but hopefully somebody else in this forum can help you. You may also ask on a general forum about SOAP messages, which isn't specific for the Payara Platform, for example https://accounts.eclipse.org/mailing-list/jaxws-dev.

All the best,

Ondro

Senior engineer at Payara

st 12. 5. 2021 o 9:14 J2eeInside J2eeInside <j2eei...@gmail.com> napísal(a):

--
You received this message because you are subscribed to the Google Groups "Payara Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to payara-forum...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/payara-forum/c496823c-5254-42c5-851c-46f391bd3436n%40googlegroups.com.

[J2eeInside J2eeInside]

HI @Ondro and thanks for response!

After a lot of pain...I found a work-arround, for anyone who encounters the same problem.
What kept me believing it is a Payara bug/problem, is a fact that the same code works without problem in standard Java standalone app.
It was obvious that something  wrong was happening on Payara, which is not happening in the desktop application.
But the question was WHAT, and how to eliminate it.

To cut a long story short, I finally found this thread:
https://github.com/eclipse-ee4j/glassfish/issues/19940

I quote:
" Part of the startup time for GlassFish is to read in the META-INF/services/* files from the OSGi bundles (76 out of the 289 have these) and then to consult the content of these files during certain class loader operations. "

This lead me to try to throw out content of the webservices-osgi.jar\META-INF\services\ folder

After restartng Payara, everything started working like a charm!
So, the contents of this folder have caused various ClassCast/ClassNotFound exceptions.
It seems that he can be kicked out without any consequences!