Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » OHF » Bridge: secured connection forced with public XDS registry
Bridge: secured connection forced with public XDS registry [message #37475] Tue, 20 November 2007 10:22 Go to next message
Takeo Satomi is currently offline Takeo Satomi
Messages: 32
Registered: July 2009
Member
Hi all,

I've been trying to make a query against the public XDS registry for this
year (129.6.24.109) using my bridge client but never been successful. I
always get ssl handshake error though useSecuredConnectionWhenAvailable
flag is set to false (confirmed with Tomcat's stdout log). I can make
non-secured query against 2007 public registry (hcxw2k1.nist.gov). The
log shows following differences (both with
useSecuredConnectionWhenAvailable=false).

========2008 registry=======
[DEBUG][18:46:15][se.ohf.bridge.ihe.XdsResources] Starting Consumer
getNoneStoredQueriesXdsDocumentConsumer() in SessionContext...
[DEBUG][18:46:15][na.audit.messages.AuditMessage] Starting Audit start
messages [1]
========2007 registry=======
[DEBUG][19:02:45][se.ohf.bridge.ihe.XdsResources] Starting Consumer
getNoneStoredQueriesXdsDocumentConsumer() in SessionContext...
[DEBUG][19:02:45][se.ohf.bridge.ihe.XdsResources] creating Consumer with
IheUri (
mUnsecured=[ http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query]

mSecured=[ https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query]
)
[DEBUG][19:02:45][se.ohf.bridge.conf.rhio.IheUri] getting default URI from
IheUri (
mUnsecured=[ http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query]

mSecured=[ https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query]
)
[DEBUG][19:02:45][se.ohf.bridge.conf.rhio.IheUri] returning secured
connection:
http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query
[DEBUG][19:02:45][na.audit.messages.AuditMessage] Starting Audit start
messages [1]
================

And my rhioConfig.xml has entries below.

===============
<rhio>
<name>NIST2007</name>
<description>NIST Public Server for 2007 Connectathon</description>

<publicHealthcareAffinityDomain>false</publicHealthcareAffinityDomain >
<config>
<registryId>hcxw2k1_yr3a</registryId>
<repositoryId>hcxw2k1_yr3a</repositoryId>
<auditId>localhost</auditId>
</config>
</rhio>
<rhio>
<name>NIST2008</name>
<description>NIST Public Server for 2008 Connectathon</description>

<publicHealthcareAffinityDomain>false</publicHealthcareAffinityDomain >
<config>
<registryId>nist_axis2</registryId>
<repositoryId>nist_axis2</repositoryId>
<auditId>localhost</auditId>
</config>
</rhio>
<registry xdsVersion="a">
<id>hcxw2k1_yr3a</id>
<nonStoredQueryUrl>

<unsecured> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query</unsecured>

<secured> https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query</secured>
</nonStoredQueryUrl>
<storedQueryUrl>

<unsecured> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/storedquery</unsecured>

<secured> https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/storedquery</secured>
</storedQueryUrl>
</registry>
<registry xdsVersion="a">
<id>nist_axis2</id>
<nonStoredQueryUrl>

<unsecured>http://129.6.24.109:9080/axis2/services/xdsregistrya</unsecured>

<secured>https://129.6.24.109:9080/axis2/services/xdsregistrya</secured>
</nonStoredQueryUrl>
<storedQueryUrl>

<unsecured>http://129.6.24.109:9080/axis2/services/xdsregistryb</unsecured>

<secured>https://129.6.24.109:9080/axis2/services/xdsregistryb</secured>
</storedQueryUrl>
</registry>
===============

Has anyone made non-secured query against the 2008 server? If only
secured connections are allowed (I guess that's not the case because of
the test #11734 which requires non-tls Retrieve), how can I make my client
authenticated? (currently the keystore/truststore contains
test_sys_1.2008.jks and mesatrusts.2008.jks)

Thanks in advance.
Takeo Satomi
Re: Bridge: secured connection forced with public XDS registry [message #37631 is a reply to message #37475] Tue, 20 November 2007 23:35 Go to previous message
Matthew Davis
Messages: 269
Registered: July 2009
Senior Member
Hi Takeo,

This looks like a bug in the URL selection logic of the Bridge. Please
submit a bug using the Eclipse Bugzilla site:

https://bugs.eclipse.org/bugs/enter_bug.cgi?product=OHF

Thanks a bunch!
-Matt

Takeo Satomi wrote:
> Hi all,
>
> I've been trying to make a query against the public XDS registry for
> this year (129.6.24.109) using my bridge client but never been
> successful. I always get ssl handshake error though
> useSecuredConnectionWhenAvailable flag is set to false (confirmed with
> Tomcat's stdout log). I can make non-secured query against 2007 public
> registry (hcxw2k1.nist.gov). The log shows following differences (both
> with useSecuredConnectionWhenAvailable=false).
>
> ========2008 registry=======
> [DEBUG][18:46:15][se.ohf.bridge.ihe.XdsResources] Starting Consumer
> getNoneStoredQueriesXdsDocumentConsumer() in SessionContext...
> [DEBUG][18:46:15][na.audit.messages.AuditMessage] Starting Audit start
> messages [1]
> ========2007 registry=======
> [DEBUG][19:02:45][se.ohf.bridge.ihe.XdsResources] Starting Consumer
> getNoneStoredQueriesXdsDocumentConsumer() in SessionContext...
> [DEBUG][19:02:45][se.ohf.bridge.ihe.XdsResources] creating Consumer with
> IheUri (
> mUnsecured=[ http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query]
>
> mSecured=[ https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query]
> )
> [DEBUG][19:02:45][se.ohf.bridge.conf.rhio.IheUri] getting default URI
> from IheUri (
> mUnsecured=[ http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query]
>
> mSecured=[ https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query]
> )
> [DEBUG][19:02:45][se.ohf.bridge.conf.rhio.IheUri] returning secured
> connection:
> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query
> [DEBUG][19:02:45][na.audit.messages.AuditMessage] Starting Audit start
> messages [1]
> ================
>
> And my rhioConfig.xml has entries below.
>
> ===============
> <rhio>
> <name>NIST2007</name>
> <description>NIST Public Server for 2007 Connectathon</description>
>
> <publicHealthcareAffinityDomain>false</publicHealthcareAffinityDomain >
> <config>
> <registryId>hcxw2k1_yr3a</registryId>
> <repositoryId>hcxw2k1_yr3a</repositoryId>
> <auditId>localhost</auditId>
> </config>
> </rhio>
> <rhio>
> <name>NIST2008</name>
> <description>NIST Public Server for 2008 Connectathon</description>
>
> <publicHealthcareAffinityDomain>false</publicHealthcareAffinityDomain >
> <config>
> <registryId>nist_axis2</registryId>
> <repositoryId>nist_axis2</repositoryId>
> <auditId>localhost</auditId>
> </config>
> </rhio>
> <registry xdsVersion="a">
> <id>hcxw2k1_yr3a</id>
> <nonStoredQueryUrl>
>
> <unsecured> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query</unsecured>
>
>
> <secured> https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query</secured>
>
> </nonStoredQueryUrl>
> <storedQueryUrl>
>
> <unsecured> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/storedquery</unsecured>
>
>
> <secured> https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/storedquery</secured>
>
> </storedQueryUrl>
> </registry>
> <registry xdsVersion="a">
> <id>nist_axis2</id>
> <nonStoredQueryUrl>
>
> <unsecured>http://129.6.24.109:9080/axis2/services/xdsregistrya</unsecured>
>
>
> <secured>https://129.6.24.109:9080/axis2/services/xdsregistrya</secured>
>
> </nonStoredQueryUrl>
> <storedQueryUrl>
>
> <unsecured>http://129.6.24.109:9080/axis2/services/xdsregistryb</unsecured>
>
>
> <secured>https://129.6.24.109:9080/axis2/services/xdsregistryb</secured>
>
> </storedQueryUrl>
> </registry>
> ===============
>
> Has anyone made non-secured query against the 2008 server? If only
> secured connections are allowed (I guess that's not the case because of
> the test #11734 which requires non-tls Retrieve), how can I make my
> client authenticated? (currently the keystore/truststore contains
> test_sys_1.2008.jks and mesatrusts.2008.jks)
>
> Thanks in advance.
> Takeo Satomi
>
Re: Bridge: secured connection forced with public XDS registry [message #583332 is a reply to message #37475] Tue, 20 November 2007 23:35 Go to previous message
Matthew Davis
Messages: 269
Registered: July 2009
Senior Member
Hi Takeo,

This looks like a bug in the URL selection logic of the Bridge. Please
submit a bug using the Eclipse Bugzilla site:

https://bugs.eclipse.org/bugs/enter_bug.cgi?product=OHF

Thanks a bunch!
-Matt

Takeo Satomi wrote:
> Hi all,
>
> I've been trying to make a query against the public XDS registry for
> this year (129.6.24.109) using my bridge client but never been
> successful. I always get ssl handshake error though
> useSecuredConnectionWhenAvailable flag is set to false (confirmed with
> Tomcat's stdout log). I can make non-secured query against 2007 public
> registry (hcxw2k1.nist.gov). The log shows following differences (both
> with useSecuredConnectionWhenAvailable=false).
>
> ========2008 registry=======
> [DEBUG][18:46:15][se.ohf.bridge.ihe.XdsResources] Starting Consumer
> getNoneStoredQueriesXdsDocumentConsumer() in SessionContext...
> [DEBUG][18:46:15][na.audit.messages.AuditMessage] Starting Audit start
> messages [1]
> ========2007 registry=======
> [DEBUG][19:02:45][se.ohf.bridge.ihe.XdsResources] Starting Consumer
> getNoneStoredQueriesXdsDocumentConsumer() in SessionContext...
> [DEBUG][19:02:45][se.ohf.bridge.ihe.XdsResources] creating Consumer with
> IheUri (
> mUnsecured=[ http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query]
>
> mSecured=[ https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query]
> )
> [DEBUG][19:02:45][se.ohf.bridge.conf.rhio.IheUri] getting default URI
> from IheUri (
> mUnsecured=[ http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query]
>
> mSecured=[ https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query]
> )
> [DEBUG][19:02:45][se.ohf.bridge.conf.rhio.IheUri] returning secured
> connection:
> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query
> [DEBUG][19:02:45][na.audit.messages.AuditMessage] Starting Audit start
> messages [1]
> ================
>
> And my rhioConfig.xml has entries below.
>
> ===============
> <rhio>
> <name>NIST2007</name>
> <description>NIST Public Server for 2007 Connectathon</description>
>
> <publicHealthcareAffinityDomain>false</publicHealthcareAffinityDomain >
> <config>
> <registryId>hcxw2k1_yr3a</registryId>
> <repositoryId>hcxw2k1_yr3a</repositoryId>
> <auditId>localhost</auditId>
> </config>
> </rhio>
> <rhio>
> <name>NIST2008</name>
> <description>NIST Public Server for 2008 Connectathon</description>
>
> <publicHealthcareAffinityDomain>false</publicHealthcareAffinityDomain >
> <config>
> <registryId>nist_axis2</registryId>
> <repositoryId>nist_axis2</repositoryId>
> <auditId>localhost</auditId>
> </config>
> </rhio>
> <registry xdsVersion="a">
> <id>hcxw2k1_yr3a</id>
> <nonStoredQueryUrl>
>
> <unsecured> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/query</unsecured>
>
>
> <secured> https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/query</secured>
>
> </nonStoredQueryUrl>
> <storedQueryUrl>
>
> <unsecured> http://hcxw2k1.nist.gov:8080/xdsServices2/registry/soap/port als/yr3a/storedquery</unsecured>
>
>
> <secured> https://hcxw2k1.nist.gov:8443/xdsServices2/registry/soap/por tals/yr3a/storedquery</secured>
>
> </storedQueryUrl>
> </registry>
> <registry xdsVersion="a">
> <id>nist_axis2</id>
> <nonStoredQueryUrl>
>
> <unsecured>http://129.6.24.109:9080/axis2/services/xdsregistrya</unsecured>
>
>
> <secured>https://129.6.24.109:9080/axis2/services/xdsregistrya</secured>
>
> </nonStoredQueryUrl>
> <storedQueryUrl>
>
> <unsecured>http://129.6.24.109:9080/axis2/services/xdsregistryb</unsecured>
>
>
> <secured>https://129.6.24.109:9080/axis2/services/xdsregistryb</secured>
>
> </storedQueryUrl>
> </registry>
> ===============
>
> Has anyone made non-secured query against the 2008 server? If only
> secured connections are allowed (I guess that's not the case because of
> the test #11734 which requires non-tls Retrieve), how can I make my
> client authenticated? (currently the keystore/truststore contains
> test_sys_1.2008.jks and mesatrusts.2008.jks)
>
> Thanks in advance.
> Takeo Satomi
>
Previous Topic:using bridge build Nov1, log entry about "AuditSourceID"
Next Topic:Hash, Size and URI missing in metadata
Goto Forum:
  


Current Time: Sat Nov 01 05:18:15 GMT 2014

Powered by FUDForum. Page generated in 0.02385 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software