Wednesday, January 13, 2010

3 Down, 2 to Go

What a difference a day (and a good night's sleep) makes.  The TLS problems of yesterday were solved by adding -Dhttps.protocols=TLSv1 and -Dhttps.cipherSuites=TLS_RSA_WITH_AES_128_CBC_SHA to the startup script.  These two parameters set the default protocols and cipher suites supported by the JVM and are described in more detail in the JSSE Reference Guide.  Setting these two parameters completely eliminates the need for the ATNASocketFactory that I've been using for years.  I updated the ATNA_FAQ just a few minutes ago with this new information, and also added some information about setting the default host name verifier for those who run into that issue.

The fun today was ensuring that I had the right SOAP headers for some of the web service calls.  According to some of the tests, if you are performing a web service call that returns information in XOP/MTOM format, you must make the call using XOP, even though you may not have any need for MTOM.  The way to ensure that you are using XOP with SAAJ is to set the Content-Type header to specify application/xop+xml.

The following Java code will do that and set the action component appropriately for the RetrieveDocumentSet transaction.

MessageFactory mf = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL); 
        SOAPMessage msg = mf.createMessage();
        msg.getMimeHeaders().setHeader("Content-Type", "application/xop+xml;charset=utf-8;action=\"urn:ihe:iti:2007:RetrieveDocumentSet\"");

Getting past that took several hours, because it isn't very well documented anywhere.  Well, now it is.  Of course, if you are using something other than SAAJ, this may not be an issue for you, and if you are using Open Source tools, they've already addressed the issue in most cases.

Remarkably, after yesterday, I expected to end the day today with more homework, but instead I'm very pleased to report that  I'll be working on the CDA book tonight (and this blog posting will already be done before dinner).  This year, even though we have more than 100 actors supporting XDS at connectathon, things have gone a lot more smoothly than prior years.  This is due in part to maturity of the testing tools (they are much better than last year), and of KUDU, which went through serious growing pains last year.

May of the teams I'm working are done or nearly done their testing, and need only to finish group testing on demand.  Others that I've talked to are reporting very similar experiences with their systems, so it's not just us.  I believe that this also represents maturity of the IHE profiles and implementation tools.  Most of the issues cropping up now are in integration of those tools with products, rather than in the tools themselves. 

More tomorrow...


Post a Comment