You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "amit rathi (JIRA)" <ji...@apache.org> on 2010/01/15 15:29:54 UTC
[jira] Created: (CXF-2617) How to call 2 way SSL webservice from
stand alone client with certificate?
How to call 2 way SSL webservice from stand alone client with certificate?
--------------------------------------------------------------------------
Key: CXF-2617
URL: https://issues.apache.org/jira/browse/CXF-2617
Project: CXF
Issue Type: Test
Reporter: amit rathi
Hi,
We have developed a webservice using CXF, & successfuly deployed it.
We need to call a web service operation using 2-Way SSL from stand alone client and from inside our web service from other operation.
We have correct server certificate & trustStore.
We tried a lot of ways but in vain.
Can someone please tell us the excat way with some sample code, that how we can do it?
Thanks & Regards
Amit Rathi
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-2617) How to call 2 way SSL webservice from
stand alone client with certificate?
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12805674#action_12805674 ]
Daniel Kulp commented on CXF-2617:
----------------------------------
Doesn't our wsdl_first_https sample do just this?
http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/wsdl_first_https/
> How to call 2 way SSL webservice from stand alone client with certificate?
> --------------------------------------------------------------------------
>
> Key: CXF-2617
> URL: https://issues.apache.org/jira/browse/CXF-2617
> Project: CXF
> Issue Type: Test
> Reporter: amit rathi
>
> Hi,
> We have developed a webservice using CXF, & successfuly deployed it.
> We need to call a web service operation using 2-Way SSL from stand alone client and from inside our web service from other operation.
> We have correct server certificate & trustStore.
> We tried a lot of ways but in vain.
> Can someone please tell us the excat way with some sample code, that how we can do it?
> Thanks & Regards
> Amit Rathi
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-2617) How to call 2 way SSL webservice from
stand alone client with certificate?
Posted by "amit rathi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12805959#action_12805959 ]
amit rathi commented on CXF-2617:
---------------------------------
Dkulp
we tried sample application which you suggested in this forum.
while creating service like
GetXYZAssetInfoService ss = new GetXYZAssetInfoService(wsdlURL, SERVICE_NAME);
XYZAssetInfoPortType port = ss.getPort(PORT_NAME, XYZAssetInfoPortType.class);
we got below exception. kindly help.
EXCEPTION:
-----------------
IN MAIN start ...........
IN wsdlFile.exists ELSE ...........
wsdlURL is https://YZXsoasit.YZXgroup.net:443/domainservices/services/XYZAssetInfoPortType?WSDL
Setting for mtrksap1d
*** keyStoreLoc **C:/Domain-Dev/TestCases/certs/certs_FromAshwin/mtrksap1d.jks
*** keyStoreLoc 1 **
*** Inside getKeyManagers 1 **SunX509
*** Inside getKeyManagers 2 **javax.net.ssl.KeyManagerFactory@1dd46f7
*** Inside getKeyManagers before return **
*** keyStoreLoc 2 **
Setting for rootCa
*** trustStoreLoc **C:/Domain-Dev/TestCases/certs/certs_FromAshwin/rootCA
*** trustStoreLoc 1 **
*** Inside getTrustManagers 1 **SunX509
*** Inside getTrustManagers 2 **javax.net.ssl.TrustManagerFactory@1b26af3
*** Inside getTrustManagers before return **
*** trustStoreLoc 2 **
*** trustStoreLoc 3 **
log4j:WARN No appenders could be found for logger (org.apache.cxf.bus.spring.BusApplicationContext).
log4j:WARN Please initialize the log4j system properly.
Jan 28, 2010 9:55:42 AM org.apache.cxf.bus.spring.BusApplicationContext getConfigResources
INFO: No cxf.xml configuration file detected, relying on defaults.
Jan 28, 2010 9:55:45 AM org.apache.cxf.transport.https.SSLUtils getCiphersuites
INFO: The cipher suites have not been configured, falling back to cipher suite filters.
Jan 28, 2010 9:55:45 AM org.apache.cxf.transport.https.SSLUtils getCiphersuites
INFO: The cipher suite filters have not been configured, falling back to default filters.
Jan 28, 2010 9:55:45 AM org.apache.cxf.transport.https.SSLUtils getCiphersFromList
INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5.
Jan 28, 2010 9:55:45 AM org.apache.cxf.transport.https.SSLUtils getCiphersuites
INFO: The cipher suites have not been configured, falling back to cipher suite filters.
Jan 28, 2010 9:55:45 AM org.apache.cxf.transport.https.SSLUtils getCiphersuites
INFO: The cipher suite filters have not been configured, falling back to default filters.
Jan 28, 2010 9:55:45 AM org.apache.cxf.transport.https.SSLUtils getCiphersFromList
INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5.
Exception in thread "main" javax.xml.ws.WebServiceException: org.apache.cxf.service.factory.ServiceConstructionException: Failed to create service.
at org.apache.cxf.jaxws.ServiceImpl.<init>(ServiceImpl.java:149)
at org.apache.cxf.jaxws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:65)
at javax.xml.ws.Service.<init>(Service.java:36)
at com.YZXgroup.service.provider.domainservices.assets.software.x2005.XYZAssetInfoPortType.<init>(XYZAssetInfoPortType.java:50)
at src.ClientNonSpring.main(ClientNonSpring.java:71)
Caused by: org.apache.cxf.service.factory.ServiceConstructionException: Failed to create service.
at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:84)
at org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:204)
at org.apache.cxf.jaxws.ServiceImpl.<init>(ServiceImpl.java:147)
... 4 more
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'https://YZXgroupsoasit.YZXgroup.net:443/domainservices/services/XYZAssetInfoPortType?WSDL'.: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2111)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2303)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2335)
at org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:210)
at org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:175)
at org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java:82)
... 6 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
at org.apache.xerces.impl.XMLVersionDetector.determineDocVersion(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2101)
... 11 more
> How to call 2 way SSL webservice from stand alone client with certificate?
> --------------------------------------------------------------------------
>
> Key: CXF-2617
> URL: https://issues.apache.org/jira/browse/CXF-2617
> Project: CXF
> Issue Type: Test
> Reporter: amit rathi
>
> Hi,
> We have developed a webservice using CXF, & successfuly deployed it.
> We need to call a web service operation using 2-Way SSL from stand alone client and from inside our web service from other operation.
> We have correct server certificate & trustStore.
> We tried a lot of ways but in vain.
> Can someone please tell us the excat way with some sample code, that how we can do it?
> Thanks & Regards
> Amit Rathi
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-2617) How to call 2 way SSL webservice from
stand alone client with certificate?
Posted by "amit rathi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12801717#action_12801717 ]
amit rathi commented on CXF-2617:
---------------------------------
any update, anybody?
> How to call 2 way SSL webservice from stand alone client with certificate?
> --------------------------------------------------------------------------
>
> Key: CXF-2617
> URL: https://issues.apache.org/jira/browse/CXF-2617
> Project: CXF
> Issue Type: Test
> Reporter: amit rathi
>
> Hi,
> We have developed a webservice using CXF, & successfuly deployed it.
> We need to call a web service operation using 2-Way SSL from stand alone client and from inside our web service from other operation.
> We have correct server certificate & trustStore.
> We tried a lot of ways but in vain.
> Can someone please tell us the excat way with some sample code, that how we can do it?
> Thanks & Regards
> Amit Rathi
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (CXF-2617) How to call 2 way SSL webservice from
stand alone client with certificate?
Posted by "amit rathi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-2617?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12805968#action_12805968 ]
amit rathi commented on CXF-2617:
---------------------------------
Dkulp,
Initially we wrote standalone client for consuming webservice operations in weblogic 8.1 integration server. where we load certificates, create instance of service class & then port sequentially. using port instance we call webservice operation.
Below code represents standalone client code in weblogic 8.1 integration server:
----------------------------------------------------------------------------------------------------
SSLAdapterFactory factory = SSLAdapterFactory.getDefaultFactory();
WLSSLAdapter adapter = (WLSSLAdapter) factory.getSSLAdapter();
FileInputStream clientCredentialFile = new FileInputStream(
CitraProperties.CLIENT_KEYSTORES);
String pwd = EncryptionUtil.decrypt(CitraProperties.SSL_PWD);
adapter.loadLocalIdentity(clientCredentialFile, pwd.toCharArray());
adapter.setVerbose(true);
adapter.setTrustedCertificatesFile(CitraProperties.SERVER_KEYSTORES);
adapter.setStrictChecking(false);
factory.setDefaultAdapter(adapter);
factory.setUseDefaultAdapter(true);
Now we wrote standalone client in weblogic 10.3 application server. it is causing problems. here in weblogic 10.3, SSLAdapterFactory & WLSSLAdapter classes are deprecated. eventhogh they are deprecated, they must support the above functionality. can you suggest any alternative way to acheive the same functionality in weblogic 10.3?
apart from that, we tried the sample example which you suggested. In that sample code, after creating service, port only, certificates are loaded and
other properties are set to httpConduit.setTlsClientParameters(tlsCP);
is it neccessary to create service, port first before loading certificates & assign other properties?
regards
amit
> How to call 2 way SSL webservice from stand alone client with certificate?
> --------------------------------------------------------------------------
>
> Key: CXF-2617
> URL: https://issues.apache.org/jira/browse/CXF-2617
> Project: CXF
> Issue Type: Test
> Reporter: amit rathi
>
> Hi,
> We have developed a webservice using CXF, & successfuly deployed it.
> We need to call a web service operation using 2-Way SSL from stand alone client and from inside our web service from other operation.
> We have correct server certificate & trustStore.
> We tried a lot of ways but in vain.
> Can someone please tell us the excat way with some sample code, that how we can do it?
> Thanks & Regards
> Amit Rathi
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.