File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Services and the fly likes Need to block GET requests for a WebService Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Need to block GET requests for a WebService" Watch "Need to block GET requests for a WebService" New topic
Author

Need to block GET requests for a WebService

Hemant B. Kumar
Greenhorn

Joined: Nov 22, 2011
Posts: 11

Hi All,

I have a JaxWS WebService and I want the WebService URL to be available only for HTTP POST method.

What I understand after little bit googling and writing a sample code is that normally a JaxWS WebService can be invoked only through HTTP POST request. When I try HTTP GET request on the same URL I get HTTP (200 OK) response having links to all Endpoints/wsdl provided by the WebService.

I want to hide even the wsdl information from unknown client and on getting GET request I want to send "405 Method not Allowed" HTTP response to Client.

Please let me know if anyone has any details to share. I am using Glassfish application Server.

Thanks,
Naive
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
The WSDL can be disabled by some setting in the web.xml (depending on which SOAP stack you're using).
Hemant B. Kumar
Greenhorn

Joined: Nov 22, 2011
Posts: 11

depending on which SOAP stack you're using


I'm sorry (I'm very new to WebServices), what do you mean by which SOAP stack? If you mean SOAP spec version then its 1.1.

Just to clarify what I need is not just restricting access to wsdl but also to send 405 response everytime a GET request is used to access the WebService URL.

Thanks.
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Hi!
Try this in your web.xml deployment descriptor:

The above will only allow POST requests with a user in the role "user" to the specified URL pattern.
This should not depend on which web service stack you use.
Best wishes!


My free books and tutorials: http://www.slideshare.net/krizsan
Hemant B. Kumar
Greenhorn

Joined: Nov 22, 2011
Posts: 11

Thanks for the suggestions.

For me a filter on WebService URL worked. This filter is to allow only POST requests and rejects other HTTP requests.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Need to block GET requests for a WebService
 
Similar Threads
JAXWS Problem with WSDL and WebService on WebSphere using RAD
Help with WebService on RAD and WebSphere
Response Contained No Data Exception
WSDL
axis and axis 2