You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Joaco <fi...@adinet.com.uy> on 2005/02/04 16:37:35 UTC

Client Certificates in Axis

Hi 
I need Client Certificate, to authentic a Client.
 I know how to set up a certificate in Server side to authentic a Server
, but I don´t know how to use a client certificate to authentic Client.
It is possible in axis ? 
There are an other options to authentic a Client but not whit password ?
Someone can help me pls?

Thanks
Joaquin

RE: Client Certificates in Axis

Posted by Ephemeris Lappis <ep...@tiscali.fr>.

Nice !
What if i want to choose the certificate (alias) in the client application
before calling the web service ?
On the server side, also using Axis, with a POJO implementation, how can i
retrieve the client identity ?

Thanks for more help !

>>> -----Message d'origine-----
>>> De : Christopher Johnson [mailto:johnsocs@clarkson.edu]
>>> Envoyé : vendredi 4 février 2005 19:27
>>> À : axis-user@ws.apache.org
>>> Objet : Re: Client Certificates in Axis
>>>
>>>
>>> /* Gives applications knowledge of client certificate */
>>> System.setProperty("javax.net.ssl.keyStore", mycert.p12);
>>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>>> System.setProperty("javax.net.ssl.keyStorePassword", password);
>>>
>>> Make sure you have the server ask for the Client cert.
>>>
>>> On Fri, 4 Feb 2005, Joaco wrote:
>>>
>>> > Hi
>>> > I need Client Certificate, to authentic a Client.
>>> >  I know how to set up a certificate in Server side to
>>> authentic a Server
>>> > , but I don´t know how to use a client certificate to
>>> authentic Client.
>>> > It is possible in axis ?
>>> > There are an other options to authentic a Client but not whit
>>> password ?
>>> > Someone can help me pls?
>>> >
>>> > Thanks
>>> > Joaquin
>>> >
>>> >
>>> >
>>> >

Re: Client Certificates in Axis

Posted by Christopher Johnson <jo...@clarkson.edu>.

/* Gives applications knowledge of client certificate */
System.setProperty("javax.net.ssl.keyStore", mycert.p12);
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.keyStorePassword", password);

Make sure you have the server ask for the Client cert.

On Fri, 4 Feb 2005, Joaco wrote:

> Hi
> I need Client Certificate, to authentic a Client.
>  I know how to set up a certificate in Server side to authentic a Server
> , but I don´t know how to use a client certificate to authentic Client.
> It is possible in axis ?
> There are an other options to authentic a Client but not whit password ?
> Someone can help me pls?
>
> Thanks
> Joaquin
>
>
>
>

RE: Client Certificates in Axis

Posted by Joaco <fi...@adinet.com.uy>.

Thanks for your fast answer kees van Dieren  !!!!!


>-- Mensaje original --
>Reply-To: axis-user@ws.apache.org
>From: "Kees van Dieren" <ke...@mp-objects.com>
>To: <ax...@ws.apache.org>
>Subject: RE: Client Certificates in Axis
>Date: Fri, 4 Feb 2005 17:00:21 +0100
>
>
>Hi,
>
>Set the reference to the client in the system properties, e.g.:
> 
>System.setProperty("javax.net.ssl.trustStore",
>"/location/to/your/clientcert.keystore");
>
>If the client is axis, it should use your certificate now
>
>Kind regards,
>
>Kees van Dieren
>Senior Software Engineer
>
>MP Objects Software for E-logistics
>Stationsplein 45
>3013 AK Rotterdam
>The Netherlands
>
>Post address:
>Postbus 29126
>3001 GC Rotterdam
>
>Mobile: +31 (0)6-43068619
>Phone: +31 (0)10-2900304
>Fax: +31 (0)10-2900305
>
>
>-----Original Message-----
>From: Joaco [mailto:figueire@adinet.com.uy] 
>Sent: Friday, February 04, 2005 4:38 PM
>To: axis-user@ws.apache.org
>Subject: Client Certificates in Axis
>
>Hi 
>I need Client Certificate, to authentic a Client.
> I know how to set up a certificate in Server side to authentic a Server
>, but I don´t know how to use a client certificate to authentic Client.
>It is possible in axis ? 
>There are an other options to authentic a Client but not whit password
?
>Someone can help me pls?
>
>Thanks
>Joaquin
>
>
>
>
>
>
>

RE: Client Certificates in Axis

Posted by Kees van Dieren <ke...@mp-objects.com>.

Hi,

Set the reference to the client in the system properties, e.g.:
 
System.setProperty("javax.net.ssl.trustStore",
"/location/to/your/clientcert.keystore");

If the client is axis, it should use your certificate now

Kind regards,

Kees van Dieren
Senior Software Engineer

MP Objects Software for E-logistics
Stationsplein 45
3013 AK Rotterdam
The Netherlands

Post address:
Postbus 29126
3001 GC Rotterdam

Mobile: +31 (0)6-43068619
Phone: +31 (0)10-2900304
Fax: +31 (0)10-2900305


-----Original Message-----
From: Joaco [mailto:figueire@adinet.com.uy] 
Sent: Friday, February 04, 2005 4:38 PM
To: axis-user@ws.apache.org
Subject: Client Certificates in Axis

Hi 
I need Client Certificate, to authentic a Client.
 I know how to set up a certificate in Server side to authentic a Server
, but I don´t know how to use a client certificate to authentic Client.
It is possible in axis ? 
There are an other options to authentic a Client but not whit password ?
Someone can help me pls?

Thanks
Joaquin

RE: Client Certificates in Axis

Posted by Ephemeris Lappis <ep...@tiscali.fr>.

On the server side, using the standard J2EE authentication scheme, you just
set up a trust certificate store, with the accepted client certificates, and
configure your web application to use it for authentication. I did it with
Tomcat (alone) or Tomcat+Jonas without any problem for simple web
applications, not for web services. In a plain web service server
implementation, i don't know how you can retrieve the client subject. I had
always plan to use EJB endpoint web services to let the application server
forward me the user's identity by the EJB context, using HTTP or certificate
authentication scheme.

I don't know how do it on the client side, since you must first activate SSL
client authentication (changing the socket factory to use SSL and providing
a defined certificate), and tell the web service client to use this
transport. I suppose you should look first for help about simple SSL web
service client, and then extend the solution to activate mutual
authentication and provide the client certifcate. I'll also be waitaing for
an idea for such a solution.

>>> -----Message d'origine-----
>>> De : Joaco [mailto:figueire@adinet.com.uy]
>>> Envoyé : vendredi 4 février 2005 16:38
>>> À : axis-user@ws.apache.org
>>> Objet : Client Certificates in Axis
>>>
>>>
>>> Hi
>>> I need Client Certificate, to authentic a Client.
>>>  I know how to set up a certificate in Server side to authentic a Server
>>> , but I don´t know how to use a client certificate to authentic Client.
>>> It is possible in axis ?
>>> There are an other options to authentic a Client but not whit password ?
>>> Someone can help me pls?
>>>
>>> Thanks
>>> Joaquin
>>>
>>>
>>>