You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by rouble <r....@gmail.com> on 2012/01/19 19:48:31 UTC

Retrieve WSDL over https with authentication

CXF Gurus,

I can write a web client that can communicates with a secure web
service using authentication:
fooWebServiceUrl =
"https://example.com:8443/webapp/fooWebService?wsdl<https://exampel.com:8443/webapp/fooWebService?wsdl>
";
fooWebService_ss = new FooWebService_Service();
fooWebService_ss.addPort(FooWebService_Service.FooWebServiceImplPort,
                         javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING,
                         fooWebServiceUrl);
fooWebService = fooWebService_ss.getPort(
                         FooWebService_Service.FooWebServiceImplPort,
                          FooWebService.class);

After this I get an http conduit, from fooWebService, and configure
authentication and tls. However, this above code assumes that the WSDL
exists on the file system. That is, by default this line:
fooWebService_ss = new FooWebService_Service();

will look for the WSDL, where the wsdl2java command found the wsdl.

What if I want to retrieve the WSDL from the URL as follows:
 fooWebService_ss = new FooWebService_Service(new URL(fooWebServiceUrl));

This won't work, as written, because there is no authentication or tls
configured at the time the WSDL is retrieved.

How can this be done? Is it even possible?

tia,
rouble

Re: Retrieve WSDL over https with authentication

Posted by Glen Mazza <gm...@talend.com>.
I have not done this before but I think subclassing 
java.net.Authenticator might allow you to provide the username and 
password:  
http://cxf.547215.n5.nabble.com/Accessing-WebService-that-requires-username-password-tp555772p555776.html 
.  Googling java.net.authenticator and CXF together may bring up more 
possibilities.

HTH,
Glen

On 01/19/2012 01:48 PM, rouble wrote:
> CXF Gurus,
>
> I can write a web client that can communicates with a secure web
> service using authentication:
> fooWebServiceUrl =
> "https://example.com:8443/webapp/fooWebService?wsdl<https://exampel.com:8443/webapp/fooWebService?wsdl>
> ";
> fooWebService_ss = new FooWebService_Service();
> fooWebService_ss.addPort(FooWebService_Service.FooWebServiceImplPort,
>                           javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING,
>                           fooWebServiceUrl);
> fooWebService = fooWebService_ss.getPort(
>                           FooWebService_Service.FooWebServiceImplPort,
>                            FooWebService.class);
>
> After this I get an http conduit, from fooWebService, and configure
> authentication and tls. However, this above code assumes that the WSDL
> exists on the file system. That is, by default this line:
> fooWebService_ss = new FooWebService_Service();
>
> will look for the WSDL, where the wsdl2java command found the wsdl.
>
> What if I want to retrieve the WSDL from the URL as follows:
>   fooWebService_ss = new FooWebService_Service(new URL(fooWebServiceUrl));
>
> This won't work, as written, because there is no authentication or tls
> configured at the time the WSDL is retrieved.
>
> How can this be done? Is it even possible?
>
> tia,
> rouble
>


-- 
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza

Re: Retrieve WSDL over https with authentication

Posted by Mark Streit <mc...@gmail.com>.
Not sure this addresses your specific issue, but if you can "localize" the
WSDL/XSDs files used to generate the client proxy service and interface
(and method wrapper classes, etc)  into a JAR file where they are copied
into the *META-INF/wsdl* location of *that JAR*, then use the -*wsdlLocation
*attribute to specify this at generation time.

We did something like this below in an Ant build.xml that creates the
"client" JAR...  (this project is not using Maven as many do):

    <!-- JAX-WS task definitions for CXF -->
    <target name="cxfWSDLToJava" depends="init, copy-wsdl-local">
        <java classname="org.apache.cxf.tools.wsdlto.WSDLToJava"
fork="true">
            <arg value="-wsdlLocation" />
            <arg value="/META-INF/wsdl/${ws.endpointName}.wsdl" />
            <arg value="-d" />
            <arg value="${src}" />
            <arg value="-client" />
            <arg value="-verbose" />
            <arg value="${src}/META-INF/wsdl/${ws.endpointName}.wsdl" />
            <classpath>
                <path refid="cxf.classpath" />
                <path refid="project.classpath" />
            </classpath>
        </java>
    </target>


There was a recent change in the wsdl2java tool
https://issues.apache.org/jira/browse/CXF-4039 based on something I had
reported here:
http://cxf.547215.n5.nabble.com/Generated-Service-proxy-client-side-CXF-Tools-td5128342.html#a5146480


We have always run our JAX-WS client applications with WSDL and any
imported XSD files *localized* like this  (which means any XSD imports the
WSDL has must also use the relative location),

For this example test project we were using to evaluate CXF, we generated
the WSDL/XSD files first and the <types> section looks like this:

  <wsdl:types>
    <schema xmlns="http://www.w3.org/2001/XMLSchema">
        <import namespace="http://webservices.book.acme.com/"
schemaLocation="BookOrderManagerService_schema1.xsd"/>
        <import namespace="http://util.book.acme.com/"
schemaLocation="BookOrderManagerService_schema2.xsd"/>
        <import namespace="http://dvo.services.book.acme.com/"
schemaLocation="BookOrderManagerService_schema3.xsd"/>
    </schema>
  </wsdl:types>

The WSDL and the 3 XSDs are all in the same location (locally) in the
/META-INF/wsdl location so they can be found.

Doing this insures the generated artifacts and the files from which they
were generated are in sync.

Running the client program with the JAR in the classpath worked.

We are *not* using *https *so this may still be problematic for you, I
don't know.  Just putting it out there in case it might be of any help as
it pulls the WSDL from the location relative to the packaged JAR file.

There are far more experienced CXF folks out there (ie: Daniel Kulp, Glen
Mazza - www.jroller.com/gmazza) who will likely have more/better info.

Mark

On Thu, Jan 19, 2012 at 1:48 PM, rouble <r....@gmail.com> wrote:

> CXF Gurus,
>
> I can write a web client that can communicates with a secure web
> service using authentication:
> fooWebServiceUrl =
> "https://example.com:8443/webapp/fooWebService?wsdl<
> https://exampel.com:8443/webapp/fooWebService?wsdl>
> ";
> fooWebService_ss = new FooWebService_Service();
> fooWebService_ss.addPort(FooWebService_Service.FooWebServiceImplPort,
>                         javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING,
>                         fooWebServiceUrl);
> fooWebService = fooWebService_ss.getPort(
>                         FooWebService_Service.FooWebServiceImplPort,
>                          FooWebService.class);
>
> After this I get an http conduit, from fooWebService, and configure
> authentication and tls. However, this above code assumes that the WSDL
> exists on the file system. That is, by default this line:
> fooWebService_ss = new FooWebService_Service();
>
> will look for the WSDL, where the wsdl2java command found the wsdl.
>
> What if I want to retrieve the WSDL from the URL as follows:
>  fooWebService_ss = new FooWebService_Service(new URL(fooWebServiceUrl));
>
> This won't work, as written, because there is no authentication or tls
> configured at the time the WSDL is retrieved.
>
> How can this be done? Is it even possible?
>
> tia,
> rouble
>



*
*