i am using the following Spring Security 1.0.2.RELEASE sample code to get my SAML Assertion from Spring in a JSP (last code sample below). I am trying to do it just like in the SAMPLE app. I can see that my sp.xml and idp.xml are working correctly with PingIdentity which shows a well formed SAML Assertion in the logs (see Ping log assertions below). But when I look at the "token" variable below (see Spring code sample below), the signature value and the digest value are missing. ...the tags are still there in what otherwise looks like an OK SAML2 Assertion... ...but there are some essential values, like signature, missing even though ping actually did deliver these values. Strange, the IDs match, and also not included below, lots of roles from Ping to Spring are correctly displayed in the SAML Assertion "token" vaiable...
from ping:
2017-10-05 12:43:58,119 tid:fv0iEyiXUF5yhlB_-cZnExX0YTc DEBUG [org.sourceid.saml20.bindings.LoggingInterceptor] Transported Response. OutMessageContext:
OutMessageContext
XML: <samlp:Response Version="2.0" ID="F5FQ26j6o6VT0zNdZ4r87pDw8NT" IssueInstant="2017-10-05T10:43:58.072Z" InResponseTo="a1786b4f3g394b812f9edd3ca26c80g" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">app1</saml:Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<saml:Assertion ID="VmzXJoyk.9mxifAuyt4.WWi3F1O" IssueInstant="2017-10-05T10:43:58.103Z" Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>app1</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#VmzXJoyk.9mxifAuyt4.WWi3F1O">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>ZnT3MW5R1Nm9y/Pe8Br5m1BXXbXTc0VWeIIkUGyJaOI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>bHPhuD09Q2az7TxBvJo2LavF2N5YaroZoCNZzG17iJmSVycv0Gfq3liSKb2yIPhY0I9WVr8WwM/N
dw720okdsEuIbzuy/NYOlOCB3sFaZ6GmmU0FruUHyqjTjGOxHA6504KpvVQjEg3D5iJeNTovKtQR
tICvKjT4Hv9qTE3tg1viWTnih3xFM++gPffHhfKwWHjXMJTpyy5oQaviYUlQw7Elgv0cyN9ni/jJ
lFWC0QJJYXK8BwDdyY4MOqvTz8F4DgBnkwAQ+TnPUwuCRDL0ckW84knrWAh4qz18bQzVjSBpT+AI
7i6NiQ/1L/YnoRvRJ3EttAKUTEO3YrtkJPxcxQ==</ds:SignatureValue>
</ds:Signature>
<saml:Subject>
from spring (value of "token" below):
<?xml version="1.0" encoding="UTF-8"?>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="VmzXJoyk.9mxifAuyt4.WWi3F1O" IssueInstant="2017-10-05T10:43:58.103Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<saml:Issuer>app1</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#VmzXJoyk.9mxifAuyt4.WWi3F1O">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue/>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue/>
</ds:Signature>
spring security code:
<%# page import="org.springframework.security.saml.SAMLCredential"%>
<%# page import="org.springframework.security.core.context.SecurityContextHolder"%>
<%# page import="org.springframework.security.core.Authentication"%>
<%# page import="org.opensaml.saml2.core.Attribute"%>
<%# page import="org.springframework.security.saml.util.SAMLUtil"%>
<%# page import="org.opensaml.xml.util.XMLHelper"%>
(...)
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
SAMLCredential credential = (SAMLCredential) authentication.getCredentials();
(...)
String token = XMLHelper.nodeToString(SAMLUtil.marshallMessage(credential.getAuthenticationAssertion()));
added this and got my signature back. what sayest thou who knoweth mein user errors?
<bean id="webSSOprofileConsumer" class="org.springframework.security.saml.websso.WebSSOProfileConsumerImpl">
<property name="releaseDOM" value="false" />
</bean>
..added to Spring Security SAML Extenion file "securityContext.xml"
Related
I've set up TSUNG (v1.7) to test my application, but I'm facing some problem using a dynamic variable on my http request. To be more precise I need to retrieve some data from a CSV file and inserting it in my request.
Reading the documentation it seems that I don't really need to write any sort of functions, since I'm using a version above the 1.3, so to achieve that I just need to specify the file path on the 'option' tag and use the 'setdynvars', but unfortunately it doesn't seems works (the web server response says that the content is empty). Any idea why?
<?xml version="1.0"?>
<!DOCTYPE tsung SYSTEM "/home/Desktop/tsung-1.7.0/tsung-1.0.dtd">
<tsung loglevel="warning">
<clients>
<client host="localhost" use_controller_vm="true"/>
</clients>
<servers>
<server host="127.0.0.1" port="8000" type="tcp"/>
</servers>
<load>
<arrivalphase phase="1" duration="2" unit="minute">
<users interarrival="45" unit="second"/>
</arrivalphase>
</load>
<options>
<option name="file_server" id="transactions" value="/home/Desktop/transactions.csv"/>
</options>
<sessions>
<session name="dummy" weight="1" type="ts_http">
<setdynvars sourcetype="file" fileid="transactions" delimiter=";" order="iter">
<var name="number_transaction"/>
</setdynvars>
<request>
<http url="...path..." method="GET" version="1.1"></http>
</request>
<request subst="true">
<http url='...path...' version='1.1' contents='transaction_id=%%_number_transaction%%' content_type='application/x-www-fomr-urlencoded' method='POST'></http>
</request>
</session>
</sessions>
</tsung>
After some attempt I've figure out that by simply removing the attribute content_type from the request it will make the whole configuration works!
I'm using SSOCircle and have my metadata imported and a valid redirect request executing. I am not getting any errors in my AuthnRequest (I was, but I corrected that). However, when I execute the redirect I receive the error:
Reason: Destination is invalid.
Not sure what I am missing.
My Authn looks like this:
<samlp:AuthnRequest ID="_ID_" Version="2.0" IssueInstant="2016-02-25T16:20:04.869Z" Destination="http://localhost:9000/saml/service" ForceAuthn="false" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:9000/saml/assert" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">MY_ISSUER_ID</saml:Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="_ID_">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="#default samlp saml ds xs xsi" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>_DIGEST_</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>_SIGNATURE_VALUE_</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>_CERTIFICATE_STRING_</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" SPNameQualifier="MY_ISSUER_ID" AllowCreate="true" />
<samlp:RequestedAuthnContext Comparison="exact">
<saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext>
</samlp:AuthnRequest>
I am sending the redirect to:
https://idp.ssocircle.com:443/sso/SSORedirect/metaAlias/ssocircle
The library I am using is from ComponentPro (which I am pretty happy with).
The problem is that your Destination attribute in the AuthnRequest is set to http://localhost:9000/saml/service and your are actually sending it to https://idp.ssocircle.com:443/sso/SSORedirect/metaAlias/ssocircle.
The destination attribute must be the same as the actual destination.
How to parse a response SAML 2.0 using openAM.Could anybody point to any useful link or code.
Here is my Response SAML,
<saml2p:Response Destination="https://www.google.com/a/squaresquare.biz/acs"
IssueInstant="2010-08-04T17:47:20.956Z"
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
InResponseTo="djfnhepndikoonjjkeomgplmkjofobhdbdieihpa" Version="2.0"
ID="_bd24b4a3514fd93800d2a43cafc98edb">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
Format="urn:oasis:names:tc:SAML:2.0:nameid-
format:entity">http://my.ssodemo.url.demo.google.com/idp/shibboleth</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#_bd24b4a3514fd93800d2a43cafc98edb">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="dssaml2saml2p"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>m/lUCS3nvfGuSJFKAtIz+ZrfxTU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>PLdYgU9u5KirVrMHNSwYvk6fQ401dMbpuiDXpapKf0eOKC6pN3g7tnTEzvfOaXhkDNXVmGN+lXQ6iUDppWpdO2MbvPVZabOBPU1aAO+CWI53ciC0rYsxpFzQLLMC/7x9Wk7VFFmYEecxAJV+lTWvp8ZKXvwqZbhiTO/23EC0xconGhnwSvKjJWQuLnMMaFWSjDFYyzgsp34cR7aX/eqhhJyA/rr2uFdmgEdagAl+/17ppgHgthgK+PJtX16AALtsoXonv6uybRCX/YiDRvM1VsdwusVq5tXh9V+bTMZcgi/3Eh+Em/OZp0En8pqOngvL19U4LfqG0yJZjoDGkpHuhA==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDgjCCAmqgAwIBAgIVAKgIqbzZl7+0p2qjxJFVJs3DE/jxMA0GCSqGSIb3DQEBBQUAMDAxLjAsBgNVBAMTJWh0dHA6Ly93cGgtdWJpcTI3LmhvdC5jb3JwLmdvb2dsZS5jb20wHhcNMTAwNzIxMTcxNTA5WhcNMzAwNzIxMTcxNTA5WjAwMS4wLAYDVQQDEyVodHRwOi8vd3BoLXViaXEyNy5ob3QuY29ycC5nb29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioQsJycRmjPjB2xlH0iSGn14lNbO/jIVgiGIlzZwlPkH1s2TTdwoTKKQBSe2s8AnJ4LliXlne/qWun3peYht0+RhejtB20L+Bw/I+iKQBGpHzgIKdkPGZnemWl9KqWQ/ZYKnY2x6qMEBmhUfYZcawzs26em5a+iaYlrTJNVEZ+QwWvg2/EOJvJNyBkSfXyxia5eAHV38Uy7xn0G5Zc9ge4ckCYj6b8a/UxpPJM61KztzY5coDwReQsDBq+DciGALJPbFk4783TW...etc.etc</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success">
</saml2p:StatusCode>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0"
IssueInstant="2010-08-04T17:47:20.956Z" ID="_73fe28bcbb68e93df954d8e2f25097b1">
<saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-
format:entity">http://my.ssodemo.url.demo.google.com/idp/shibboleth</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-
format:unspecified">my_username</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData NotOnOrAfter="2010-08-04T17:52:20.956Z" InResponseTo="djfnhepndikoonjjkeomgplmkjofobhdbdieihpa" Recipient="https://www.google.com/a/squaresquare.biz/acs" Address="172.24.6.38"></saml2:SubjectConfirmationData>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotOnOrAfter="2010-08-04T17:52:20.956Z" NotBefore="2010-08-04T17:47:20.956Z">
<saml2:AudienceRestriction>
<saml2:Audience>google.com</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement
SessionIndex="f306dd2bff4e9b3ba9218bd70fbaa87404d38a4c79547ac1edc9436a9f222213"
AuthnInstant="2010-08-04T17:47:20.953Z">
<saml2:SubjectLocality Address="172.24.6.38"></saml2:SubjectLocality>
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
</saml2p:Response>
Here i want to extract the signatureValue and certificate.and how should i verify the signature and certificate after extracting.
Ok, you dont want to use OpenAM for this. For this I suggest using the OpenSAML library which is build for more manual low-level processing of SAML messages. More information about OpenSAML https://wiki.shibboleth.net/confluence/display/OpenSAML/Home
I also have a blog where I have written a few guides and tips https://blog.samlsecurity.com/categories/opensaml/
I have created a standalone email model and generated a web service based on the email model. I followed the same steps as described in the Cordys documentation ( https://wiki.cordys.com/display/bop41/Creating+an+E-mail+Model ) but when I try to invoke the web service I am getting a fault like "Do not understand method TAT_Email_Model_WebserviceOperation of type NSCUST".
I have linked my WebServiceInterface to an Email service container ( correct me if I am done wrong over here).
The complete description of the fault is as below. Any suggestions.
<ErrorDetails>
<Request>
<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP:Header xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<header xmlns="http://schemas.cordys.com/General/1.0/">
<Logger xmlns="http://schemas.cordys.com/General/1.0/" />
</header>
<i18n:international xmlns:i18n="http://www.w3.org/2005/09/ws-i18n">
<locale xmlns="http://www.w3.org/2005/09/ws-i18n">en-US</locale>
</i18n:international>
</SOAP:Header>
<SOAP:Body>
<TAT_Email_Model_WebserviceOperation xmlns="http://schemas.cordys.com/1.0/email">
<SOURCE>Notification Custom Method</SOURCE>
<MESSAGE_DATA>
<Application>
<data>
<message_data />
<message_metadata />
</data>
</Application>
</MESSAGE_DATA>
<SUBJECT>PARAMETER</SUBJECT>
<attachments>
<attachment name="" encoded="false">PARAMETER</attachment>
</attachments>
<SENDER_ADDRESS>
<MAIL_ID>PARAMETER</MAIL_ID>
<DISPLAY_NAME>PARAMETER</DISPLAY_NAME>
</SENDER_ADDRESS>
<RECEIVERS>
<MAILING_LIST>
<to>
<address>
<displayName>PARAMETER</displayName>
<emailAddress>PARAMETER</emailAddress>
</address>
</to>
<cc>
<address>
<displayName>PARAMETER</displayName>
<emailAddress>PARAMETER</emailAddress>
</address>
</cc>
<bcc>
<address>
<displayName>PARAMETER</displayName>
<emailAddress>PARAMETER</emailAddress>
</address>
</bcc>
</MAILING_LIST>
</RECEIVERS>
</TAT_Email_Model_WebserviceOperation>
</SOAP:Body>
</SOAP:Envelope>
</Request>
<Response>
<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP:Header xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<header xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://schemas.cordys.com/General/1.0/">
<msg-id>000C297F-0536-11E3-E944-DF0951D0118E</msg-id>
<license>License has expired since 138 day(s)</license>
</header>
</SOAP:Header>
<SOAP:Body>
<SOAP:Fault>
<faultcode>MustUnderstand</faultcode>
<faultstring xml:lang="en-US">Do not understand method TAT_Email_Model_WebserviceOperation of type NSCUST</faultstring>
<faultactor>http://schemas.cordys.com/1.0/email</faultactor>
<detail>
<cordys:FaultDetails xmlns:cordys="http://schemas.cordys.com/General/1.0/">
<cordys:LocalizableMessage xmlns:cordys="http://schemas.cordys.com/General/1.0/">
<cordys:MessageCode xmlns:cordys="http://schemas.cordys.com/General/1.0/" />
</cordys:LocalizableMessage>
</cordys:FaultDetails>
</detail>
</SOAP:Fault>
</SOAP:Body>
</SOAP:Envelope>
</Response>
</ErrorDetails>
You have bound it to the wrong service container, you have to attach it to the Notification Service Container.
The error tells you that the current handling service container cannot handle requests of type NSCUST. This is available in the implementation of the webservice.
NOTE: you license has been expired on that server. With the License Manager in Cordys you can update it.
In MULE CE 3.3.0, I have this Configuration XML file(I copied it below)
<mule xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:spring="http://www.springframework.org/schema/beans" xmlns:core="http://www.mulesoft.org/schema/mule/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="CE-3.3.0"
xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd ">
<configuration>
<expression-language>
<global-functions>
def parseIp(fullIp) {
return
fullIp.substring(fullIp.indexOf('/') + 1, fullIp.indexOf(':'))
}
</global-functions>
</expression-language>
</configuration>
<cxf:configuration enableMuleSoapHeaders="false"
doc:name="CXF Configuration" />
<flow name="soapservice" doc:name="soapservice">
<http:inbound-endpoint exchange-pattern="request-response"
address="http://localhost:8089/services/Echo">
<cxf:proxy-service service="Weather" payload="envelope"
wsdlLocation="classpath:myWS.wsdl"
namespace="http://ws.cdyne.com/WeatherWS/">
<cxf:inInterceptors>
<spring:bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxf:inInterceptors>
<cxf:outInterceptors>
<spring:bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxf:outInterceptors>
</cxf:proxy-service>
</http:inbound-endpoint>
<copy-properties propertyName="SOAPAction" />
<set-variable variableName="remoteClientAddress"
value="#[parseIp(message.inboundProperties['MULE_REMOTE_CLIENT_ADDRESS'])]" />
<component doc:name="classTest" class="com.subu.mule.IpClient" />
<http:outbound-endpoint address="http://wsf.cdyne.com/WeatherWS/Weather.asmx"
encoding="UTF-8" responseTimeout="1000000" exchange-pattern="request-response">
<cxf:proxy-client payload="envelope">
<cxf:inInterceptors>
<spring:bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxf:inInterceptors>
<cxf:outInterceptors>
<spring:bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxf:outInterceptors>
</cxf:proxy-client>
</http:outbound-endpoint>
</flow>
</mule>
After that I run my mule project in browser,I enter http://localhost:8089/services/Echo?wsdl then I can see wsdl's code.
But sometimes, my mule project is stop for some reason so when I enter http://localhost:8089/services/Echo?wsdl I see this message in browser could not connect to localhost:8089 OR page could not find.
I want to control this message, actually when my service(mule project) is down I publish out my custom message that I set it. for example I display this message in browser to clients: At this time service is down, Try Later !!!!
In a production environment, that can be achieved by putting a frontend (i.e. a load balancer) that know what to do when the backend server is down.
Instead when you try to connect directly to the backend (i.e. your project running in studio) and this backend is down, is up to the client (i.e. your browser) to display the error message associated with a 404 http error code.
You can find informations about how the 404 http status works here