You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Xinjun Chen <xj...@gmail.com> on 2006/05/08 08:29:17 UTC
HTTPS web services
I have deployed a sample web service in Axis 1.2.1 in Tomcat 5.5.
The HTTPS configuration of Tomcat 5.5 is already in place. The client cert
is already imported into the server's trust store, and the server cert is
already imported into the client's truststore.
As long as I set
// currently run the client and server on the same machine.
// currently both client and server share the same keystore.
System.setProperty("javax.net.ssl.keyStore",
"D:\\software\\Tomcat5.5\\conf\\keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
// client uses the standard trust store in JRE.
System.setProperty("javax.net.ssl.trustStore",
"C:\\j2sdk1.4.2_11\\jre\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
The client will work without any fault.
However, I am not allowed the set system property because there are other
clients share the same JVM which may use those system properties
concurrently.
So I tried to change the default SSLSocketFactory using the following code
snippet.
/******************* SSL configuration in the client ************/
String keystorePath = "D:\\software\\Tomcat5.5\\conf\\keystore.jks";
String keystorePass = "changeit";
String truststorePath = "C:\\j2sdk1.4.2_11\\jre\\lib\\security\\cacerts";
String truststorePass = "changeit";
SSLSocketFactory factory = null;
SSLContext ctx = null;
KeyManagerFactory kmf = null;
TrustManagerFactory tmf = null;
KeyStore ks = null;
KeyStore ts = null;
try {
char[] pass = keystorePass.toCharArray();
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystorePath), pass);
kmf.init(ks, pass);
ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(truststorePath), pass);
// tmf = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
// tmf.init(ts);
TrustManager[] trustAllCerts = new TrustManager[] { new
X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs,
String authType) {
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs,
String authType) {
}
} };
ctx.init(kmf.getKeyManagers(), trustAllCerts, null);
factory = ctx.getSocketFactory();
} catch (Exception e) {
log.error(e.getMessage());
}
HttpsURLConnection.setDefaultSSLSocketFactory(factory);
/*******************END of SSL configuration in the client ************/
String url = "https://sg0137a-xinjun:8443/axis/services/SampleService1DocSSL
";
SampleService1ServiceLocator locator = new SampleService1ServiceLocator();
SampleService1_PortType stub = locator.getSampleService1(new URL(url));
String ret = stub.echo("AxisClientRequest");
System.out.println("Return: " + ret);
I get the following error message:
AxisFault
faultCode: {*http://schemas.xmlsoap.org/soap/envelope/}Server.userException*
faultSubcode:
faultString: *java.net.SocketException*: Software caused connection abort:
recv failed
faultActor:
faultNode:
faultDetail:
{*http://xml.apache.org/axis/}stackTrace:java.net.SocketException*: Software
caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(*Native Method*)
at java.net.SocketInputStream.read(*SocketInputStream.java:129*)
at com.sun.net.ssl.internal.ssl.InputRecord.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
at org.apache.axis.components.net.JSSESocketFactory.create(*
JSSESocketFactory.java:186*)
at org.apache.axis.transport.http.HTTPSender.getSocket(*HTTPSender.java:191*
)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(*HTTPSender.java
:404*)
at org.apache.axis.transport.http.HTTPSender.invoke(*HTTPSender.java:138*)
at org.apache.axis.strategies.InvocationStrategy.visit(*
InvocationStrategy.java:32*)
at org.apache.axis.SimpleChain.doVisiting(*SimpleChain.java:118*)
at org.apache.axis.SimpleChain.invoke(*SimpleChain.java:83*)
at org.apache.axis.client.AxisClient.invoke(*AxisClient.java:165*)
at org.apache.axis.client.Call.invokeEngine(*Call.java:2765*)
at org.apache.axis.client.Call.invoke(*Call.java:2748*)
at org.apache.axis.client.Call.invoke(*Call.java:2424*)
at org.apache.axis.client.Call.invoke(*Call.java:2347*)
at org.apache.axis.client.Call.invoke(*Call.java:1804*)
at wsg.sample.service1docssl.SampleService1SoapBindingStub.echo(*
SampleService1SoapBindingStub.java:106*)
at wsg.sample.service1.testClient.Service1AxisClient.main(*
Service1AxisClient.java:178*)
{http://xml.apache.org/axis/}hostname:SG0137A-XinJun
Could anyone suggest me how to fix this problem?
Thank you very much.
Regards,
Xinjun