This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.

Bug 239390 - Test Resource Uri fails when https is enforced through web.xml
Summary: Test Resource Uri fails when https is enforced through web.xml
Status: REOPENED
Alias: None
Product: webservices
Classification: Unclassified
Component: REST (show other bugs)
Version: 8.0.2
Hardware: Macintosh (x86) Mac OS X
: P3 normal (vote)
Assignee: Milan Kuchtiak
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-11 21:45 UTC by retset
Modified: 2016-01-23 07:25 UTC (History)
1 user (show)

See Also:
Issue Type: DEFECT
Exception Reporter: 80:80


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description retset 2013-12-11 21:45:34 UTC
I created a J2EE 7 empty web application for Glassfish 4.0. Then I created new "Restful web services from Database". Then I added a "New standard deployment descriptor (web.xml)" in order to apply user authentication using a jdbc realm end enforce data exchange between client and server over https. The content of the web.xml file is given in the end of the message. Everything works fine when I test the web service in my browser by entering the url:
http://localhost:8080/GL3/webresources/en.users

But when I press the "Test resource uri" button that appears when I right-click on any of the created Restful web services facades Netbeans throws the following error message:
Unable to open resource url:
http://localhost:8080/GL3/webresources/en.users
Make sure the project has been deployed successfully, and the server is running. 

If I deactivate the following part from my web.xml, i.e. disable https functionality the "Test resource uri" works fine for http urls.

Please let me know if there is a workaround to this problem.

Thanks in advance.

<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
	 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	 xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
	 version="3.1">
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>USERS</web-resource-name>
            <url-pattern>/webresources/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>u</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>jdbc</realm-name>
    </login-config>
    <security-role>
        <role-name>u</role-name>
    </security-role>
</web-app>
Comment 1 Milan Kuchtiak 2013-12-12 12:48:05 UTC
Currently, there is no workaround to make URL start with https.

The only workaround is to comment out the <security-constraint> in web.xml (or change the <url-pattern> value) during development phase, then uncomment for production.

I agree this is not ideal.
Comment 2 retset 2013-12-13 10:19:20 UTC
(In reply to Milan Kuchtiak from comment #1)
> Currently, there is no workaround to make URL start with https.
> 
> The only workaround is to comment out the <security-constraint> in web.xml
> (or change the <url-pattern> value) during development phase, then uncomment
> for production.
> 
> I agree this is not ideal.

Thanks, I am already applying this workaround. Can you fix this in the next Netbeans update?
Comment 3 Milan Kuchtiak 2013-12-16 15:54:17 UTC
Fixed.

See:
http://hg.netbeans.org/web-main/rev/3e4c88fdfa60
Comment 4 Milan Kuchtiak 2013-12-16 15:59:08 UTC
One more (cosmetic) change:
http://hg.netbeans.org/web-main/rev/5dd2f3490fee
Comment 5 retset 2013-12-16 17:55:17 UTC
Thanks! I will be waiting for the next Netbeans version.
Comment 6 Milan Kuchtiak 2013-12-17 07:57:11 UTC
The fix is based on checking if server redirects the response (response code 302). If yes, the new url location from response header (e.g. https://localhost:8443/...) is used to open in browser. 

The fix was tested with Tomcat 7.0.

You may check the nightly builds. 
(not sure if the change had already been included in today's build)
Check rather the builds at the end of this week.

See:
http://bits.netbeans.org/download/trunk/nightly/latest/
Comment 7 abratchik 2016-01-23 07:16:34 UTC
The issue seems to be still open in IDE 8.0.2 release - test URI is using http protocol/port instead of https.