You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Lenden <ro...@gmail.com> on 2012/11/16 11:18:45 UTC
SSL Connection before consuming WS
Hi guys, there is some points in Web Services that i'm missing.
I generated a web Service java project using cxf's tool "WSDLTOJAVA" from
wsdl file that i have on my hard drive. But there is also online version of
this wsdl file on my server.
So now I want to consume this web service, but my server uses SSL protocol,
so I need to establish SSL connection, OKAY.
For that I created a new Class which will return me my service interface,
here is the code:
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
public class MainService<T> {
private String S_LOCATON;
private Class<T> S_CLASS;
public MainService(String ad, Class<T> sClass){
this.S_LOCATON = ad;
this.S_CLASS = sClass;
}
public T getService(){
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(this.SERVICE_CLASS);
factory.setAddress(this.SERVICE_ADDRESS);
return (T) factory.create();
}
}
I also created new class for SSL connection:
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.transport.http.HTTPConduit;
public class secureConnection{
public secureConnection(Object service, KeyStore keyStore, String keyPass,
KeyStore trustedStore){
this.setConnection(service, keyStore, keyPass, trustedStore);
}
public secureConnection(Object service, KeyManager[] p_keyManager,
TrustManager[] p_trustedManager){
this.setConnection(service, p_keyManager, p_trustedManager);
}
private void setConnection(Object service, KeyStore keyStore, String
keyPass, KeyStore trustedStore){
KeyManager[] myKeyManagers = getKeyManagers(keyStore,
keyPass);
TrustManager[] myTrustStoreKeyManagers =
getTrustManagers(trustedStore);
this.setConnection(service, myKeyManagers,
myTrustStoreKeyManagers);
}
private void setConnection(Object service, KeyManager[] p_keyManager,
TrustManager[] p_trustedManager){
HTTPConduit httpConduit = (HTTPConduit)
ClientProxy.getClient(service).getConduit();
TLSClientParameters tlsCP = new TLSClientParameters();
tlsCP.setKeyManagers(p_keyManager);
tlsCP.setTrustManagers(p_trustedManager);
tlsCP.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsCP);
}
private static TrustManager[] getTrustManagers(KeyStore trustStore)
throws NoSuchAlgorithmException, KeyStoreException {
String alg = KeyManagerFactory.getDefaultAlgorithm();
TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
fac.init(trustStore);
return fac.getTrustManagers();
}
private static KeyManager[] getKeyManagers(KeyStore keyStore, String
keyPassword)
throws GeneralSecurityException, IOException {
String alg = KeyManagerFactory.getDefaultAlgorithm();
char[] keyPass = keyPassword != null
? keyPassword.toCharArray()
: null;
KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
fac.init(keyStore, keyPass);
return fac.getKeyManagers();
}
}
In my test class i'm doing something like this:
String wsAdresse = "https://myserver.com/myWebServiceSOAP";
MainService<MyService> myServiceFactory = new
MainService<MyService>(wsAdresse, MyService.class);
MyService aService = myServiceFactory.getService();
... I create all key stores and trusted store that I need... and I do this:
new secureConnection(aService , keyStore, keyPassword, trustStore);
... and after that i'm consumming my WS without problems.
But I realized that my MainService class is useless, becase what WsdlToJava
generates contains already some method to return myService.
So I tried something like this:
URL WSDL_LOC = new URL("https://myserver.com/myWebServiceSOAP?wsdl");
MyService_Service myWs = new MyService_Service (WSDL_LOC);
MyService aService = myWs.getMyServiceSoap();
At this point I have SSL issues. And to be able to use secureConnection
method, I need aService instance..
So I don't get it....
If anyone can explain me, thanks?
--
View this message in context: http://cxf.547215.n5.nabble.com/SSL-Connection-before-consuming-WS-tp5718587.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: SSL Connection before consuming WS
Posted by Glen Mazza <gm...@talend.com>.
Can you just download a copy of the WSDL from a browser and reference it
locally?
Providing you do not need to provide a basic auth username and password,
if you put the public cert of the server into your cacerts file or
client truststore (what you need to do anyway to make the SSL SOAP
calls: http://www.jroller.com/gmazza/entry/ssl_for_web_services, also
see the next-to-last bullet in this article), the wsdl fetch should
work. Else, search the CXF user's list on Nabble for other solutions,
as this matter comes up periodically.
HTH,
Glen
On 11/16/2012 05:18 AM, Lenden wrote:
> Hi guys, there is some points in Web Services that i'm missing.
>
> I generated a web Service java project using cxf's tool "WSDLTOJAVA" from
> wsdl file that i have on my hard drive. But there is also online version of
> this wsdl file on my server.
>
> So now I want to consume this web service, but my server uses SSL protocol,
> so I need to establish SSL connection, OKAY.
>
> For that I created a new Class which will return me my service interface,
> here is the code:
>
> import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
>
> public class MainService<T> {
>
> private String S_LOCATON;
>
> private Class<T> S_CLASS;
>
> public MainService(String ad, Class<T> sClass){
> this.S_LOCATON = ad;
> this.S_CLASS = sClass;
> }
>
> public T getService(){
> JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
> factory.setServiceClass(this.SERVICE_CLASS);
> factory.setAddress(this.SERVICE_ADDRESS);
> return (T) factory.create();
> }
>
> }
>
> I also created new class for SSL connection:
>
> import java.io.IOException;
> import java.security.GeneralSecurityException;
> import java.security.KeyStore;
> import java.security.KeyStoreException;
> import java.security.NoSuchAlgorithmException;
>
> import javax.net.ssl.KeyManager;
> import javax.net.ssl.KeyManagerFactory;
> import javax.net.ssl.TrustManager;
> import javax.net.ssl.TrustManagerFactory;
>
> import org.apache.cxf.configuration.jsse.TLSClientParameters;
> import org.apache.cxf.frontend.ClientProxy;
> import org.apache.cxf.transport.http.HTTPConduit;
>
> public class secureConnection{
>
> public secureConnection(Object service, KeyStore keyStore, String keyPass,
> KeyStore trustedStore){
>
> this.setConnection(service, keyStore, keyPass, trustedStore);
>
> }
>
> public secureConnection(Object service, KeyManager[] p_keyManager,
> TrustManager[] p_trustedManager){
>
> this.setConnection(service, p_keyManager, p_trustedManager);
>
> }
>
> private void setConnection(Object service, KeyStore keyStore, String
> keyPass, KeyStore trustedStore){
>
> KeyManager[] myKeyManagers = getKeyManagers(keyStore,
> keyPass);
> TrustManager[] myTrustStoreKeyManagers =
> getTrustManagers(trustedStore);
>
> this.setConnection(service, myKeyManagers,
> myTrustStoreKeyManagers);
>
> }
> private void setConnection(Object service, KeyManager[] p_keyManager,
> TrustManager[] p_trustedManager){
> HTTPConduit httpConduit = (HTTPConduit)
> ClientProxy.getClient(service).getConduit();
>
> TLSClientParameters tlsCP = new TLSClientParameters();
>
> tlsCP.setKeyManagers(p_keyManager);
> tlsCP.setTrustManagers(p_trustedManager);
>
> tlsCP.setDisableCNCheck(true);
>
> httpConduit.setTlsClientParameters(tlsCP);
>
> }
> private static TrustManager[] getTrustManagers(KeyStore trustStore)
> throws NoSuchAlgorithmException, KeyStoreException {
> String alg = KeyManagerFactory.getDefaultAlgorithm();
> TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
> fac.init(trustStore);
> return fac.getTrustManagers();
> }
>
> private static KeyManager[] getKeyManagers(KeyStore keyStore, String
> keyPassword)
> throws GeneralSecurityException, IOException {
> String alg = KeyManagerFactory.getDefaultAlgorithm();
> char[] keyPass = keyPassword != null
> ? keyPassword.toCharArray()
> : null;
> KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
> fac.init(keyStore, keyPass);
> return fac.getKeyManagers();
> }
> }
>
> In my test class i'm doing something like this:
>
> String wsAdresse = "https://myserver.com/myWebServiceSOAP";
> MainService<MyService> myServiceFactory = new
> MainService<MyService>(wsAdresse, MyService.class);
> MyService aService = myServiceFactory.getService();
>
> ... I create all key stores and trusted store that I need... and I do this:
>
> new secureConnection(aService , keyStore, keyPassword, trustStore);
>
> ... and after that i'm consumming my WS without problems.
>
> But I realized that my MainService class is useless, becase what WsdlToJava
> generates contains already some method to return myService.
>
> So I tried something like this:
>
> URL WSDL_LOC = new URL("https://myserver.com/myWebServiceSOAP?wsdl");
> MyService_Service myWs = new MyService_Service (WSDL_LOC);
> MyService aService = myWs.getMyServiceSoap();
>
> At this point I have SSL issues. And to be able to use secureConnection
> method, I need aService instance..
>
> So I don't get it....
> If anyone can explain me, thanks?
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/SSL-Connection-before-consuming-WS-tp5718587.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza