ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Hoegg <>
Subject Re: https
Date Sun, 10 Nov 2002 18:18:30 GMT
Martin Redington wrote:

> On Saturday, November 9, 2002, at 08:08 PM, Devon E Bowen wrote:
>> I need to run a simple XML-RPC server and I like the Apache XML-RPC
>> approach since it lets me write in Java. The fact that it includes
>> a lightweight HTTP server is also nice since I have no need for any
>> other web services on this machine. However, I need SSL and I don't
>> see a way to easily make HTTPS work.
> The SecureWebServer class should support ssl, but I haven't found any 
> useful documentation, and I can't get it to work. See my previous 
> posts in the archives 
> ( for 
> more details. If you look further back in the archives, someone posted 
> a code snippet how to get some secure functionality working, but it 
> looks far fiddlier than it should be.

Martin is right, the SSL documentation is scanty on the client and the 
server side.  We are currently working on a branch to separate the 
transport layer stuff (HTTP, HTTPS, authentication, who knows what else) 
so I don't think I want to take the time to document this version.  As 
we don't have a release date for the new version, any documentation for 
SSL in 1.1 would be appreciated!  Please reference Martin's bug at if you decide to 
take this on.

I will make sure that documentation is a deliverable for the 2.x 
transport layer code we are working on now.

> Personally, I would scrap apache (not that I'm not a huge fan), and go 
> with standalone tomcat, with a servlet to handle the xmlrpc requests.
> I've got a neat generic little servlet that can register a list of 
> handlers whose names and classes are specified in a properties file, 
> and that uses Echo as a handler by default. I took the ProxyServlet 
> class from apache-xml as a starting point, and it took about 10 
> minutes from there (I might be able to release this back to the 
> project, if you're interested).
> Let tomcat handle the ssl for you (I haven't got round to that bit 
> yet, but I would hope that its fairly simple, robust, and 
> well-documented in tomcat) ...

This is an excellent suggestion.

Ryan Hoegg
ISIS Networks

View raw message