You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by Apache Wiki <wi...@apache.org> on 2006/11/25 18:06:06 UTC

[Ws Wiki] Update of "FrontPage/Axis/AxisClientConfiguration/SSLConfig" by CharlesWicksteed

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Ws Wiki" for change notification.

The following page has been changed by CharlesWicksteed:
http://wiki.apache.org/ws/FrontPage/Axis/AxisClientConfiguration/SSLConfig

The comment on the change is:
New page.  It took me ages to work out how to do this! I hope it is some help.

New page:
'''Configuring SSL with Axis Client'''

(Note: sorry I can't get the inter-page links working.  I will come back later and fix them when I have worked out how.  CW)

If you want more control over the configuration of Axis client SSL {{{(FrontPage/Axis/AxisClientConfiguration/Ssl)}}}, you can use {{{SunJSSESocketFactory}}} as the secure socket factory.  {{{SunJSSESocketFactory}}} is a sub-class of {{{JSSESocketFactory}}}.  To tell Axis to use this class, create in your classpath, under {{{META-INF/services/}}} a file called {{{org.apache.axis.components.net.SecureSocketFactory}}} with the content :
{{{
org.apache.axis.components.net.SunJSSESocketFactory
}}} 

To pass the configuration data to the {{{SunJSSESocketFactory}}} at run time, make a custom engine configuration, similar to that described in "How do I setup handlers in Axis clients?" {{{(FrontPage/Axis/AxisClientConfiguration)}}}.

Here is an example engine configuration which is equivalent to the default client-config.wsdd, with one additional parameter (keystore) for the SSL configuration. The JSSE library always uses the first certificate that it finds in the key store, so this is the way to make it use different certificates for connections to different services. Any option set on the {{{HTTPSender}}} is copied, by the Axis code, to the attributes hash table passed to the {{{SunJSSESocketFactory}}} constructor.

{{{
import org.apache.axis.AxisEngine;
import org.apache.axis.configuration.SimpleProvider;
import org.apache.axis.EngineConfiguration;
import org.apache.axis.Handler;
import org.apache.axis.SimpleTargetedChain;
import org.apache.axis.transport.http.HTTPSender;
import org.apache.axis.transport.http.HTTPTransport;
import java.util.Hashtable;
...
    public static EngineConfiguration createClientConfig(String keystoreName) {
        SimpleProvider clientConfig = new SimpleProvider();
        // set global properties to match org/apache/axis/client/client-config.wsdd
        Hashtable opts = new Hashtable();
        opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML, Boolean.TRUE);
        opts.put(AxisEngine.PROP_ENABLE_NAMESPACE_PREFIX_OPTIMIZATION,
                Boolean.FALSE);
        clientConfig.setGlobalOptions(opts);
        Handler pivot = (Handler) new HTTPSender();
        pivot.setOption("keystore", keystoreName);
        Handler transport = new SimpleTargetedChain(pivot);
        clientConfig.deployTransport(HTTPTransport.DEFAULT_TRANSPORT_NAME, transport);
        return clientConfig;
    }
}}}

This engine configuration is used when making the SOAP call as follows (in this example the interface is called {{{GatewaySoapPortal}}}).

{{{
    EngineConfiguration engineConfiguration = createClientConfig(myKeystoreName);
    GatewaySoapPortalLocator locator = new GatewaySoapPortalLocator(engineConfiguration);
    locator.getEngine().refreshGlobalOptions();
    ggPortalPortType = locator.getGatewaySoapPortalSoap();
}}}

The call to {{{refreshGlobalOptions()}}} is necessary to make the global options (PROP_DISABLE_PRETTY_XML and PROP_ENABLE_NAMESPACE_PREFIX_OPTIMIZATION) take effect. That is the same as what {{{org.apache.axis.configuration.FileProvider}}} does.

'''Cleaner Solution'''

A cleaner solution, which avoids the explicit call to {{{refreshGlobalOptions()}}} on every use, would be to make a new class say {{{MyEngineConfig}}} which is a sub-class of {{{SimpleProvider}}}. The {{{createClientConfig()}}} code above goes in the constructor, with modifications. Then override the {{{configureEngine()}}} method so that it calls {{{SimpleProvider.configureEngine()}}} and then calls {{{refreshGlobalOptions()}}}. (This has not been tested, because it was an afterthought.)

{{{
    public void configureEngine(AxisEngine engine) throws ConfigurationException
    {
        super.configureEngine(engine);
        engine.refreshGlobalOptions();
    }
}}}

Then the call to get the Port``Type becomes much simpler:

{{{
    ggPortalPortType = new GatewaySoapPortalLocator(
        new MyEngineConfig(myKeystoreName)).getGatewaySoapPortalSoap();
}}}

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@ws.apache.org
For additional commands, e-mail: general-help@ws.apache.org