Need help: Errors during SSL connection
Hi,
I'm using Seam 2.0.2.SP1 on JBossAS 4.2.2.GA and want to publish some web services. Communication shall be encrypted using SSL. So I'm trying to follow the instructions at http://jbws.dyndns.org/mediawiki/index.php?title=Secure_transport.
After finally getting the server running with SSL, my client is now unable to connect.
If I configure the SSL connector in the server.xml as suggested in the article:
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="want"
keystoreFile="C:\Entwicklung\jboss-4.2.2.GA\server\default\conf\keystores\wsse.keystore"
keystorePass="symtaweb"
truststoreFile="C:\Entwicklung\jboss-4.2.2.GA\server\default\conf\keystores\wsse.keystore"
truststorePass="symtaweb"
sslProtocol = "TLS" />the result is:
Exception in thread "main" com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:119) at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:128) at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:74) at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Fiber.java:581) at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Fiber.java:540) at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Fiber.java:525) at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Fiber.java:422) at com.sun.xml.internal.ws.client.Stub.process(Stub.java:235) at com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(SEIStub.java:120) at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:230) at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:210) at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:103) at $Proxy29.login(Unknown Source) at com.symtavision.test.jbossws.Test.main(Test.java:32) Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:808) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:832) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230) at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:107) ... 13 more Caused by: java.io.EOFException: SSL peer shut down incorrectly at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:333) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789) ... 21 more
And when using the default configuration:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:\Entwicklung\jboss-4.2.2.GA\server\default\conf\keystores\.keystore" keystorePass="symtaweb" />
I get this:
Exception in thread "main" com.sun.xml.internal.ws.client.ClientTransportException: request requires HTTP authentication: Unauthorized at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.checkResponseCode(HttpClientTransport.java:197) at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:137) at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:74) at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Fiber.java:581) at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Fiber.java:540) at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Fiber.java:525) at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Fiber.java:422) at com.sun.xml.internal.ws.client.Stub.process(Stub.java:235) at com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(SEIStub.java:120) at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:230) at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:210) at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:103) at $Proxy29.login(Unknown Source) at com.symtavision.test.jbossws.Test.main(Test.java:32)
I'm setting the required system properties programmatically instead of using XML configuration:
public static void main(String[] args) {
System.setProperty("javax.net.ssl.keyStore", "C:/Entwicklung/jboss-4.2.2.GA/server/default/conf/keystores/.keystore");
System.setProperty("javax.net.ssl.trustStore", "C:/Entwicklung/jboss-4.2.2.GA/server/default/conf/keystores/.keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "symtaweb");
System.setProperty("javax.net.ssl.trustStorePassword", "symtaweb");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
System.setProperty("javax.net.ssl.trustStoreType", "jks");
// obtain proxy
LoginService loginService = new LoginServiceService()
.getLoginServicePort();
// maintain Session
((BindingProvider) loginService).getRequestContext().put(
BindingProvider.SESSION_MAINTAIN_PROPERTY, true);
// *** regular method calls *** //
System.out.println("logging in... \n \t success: "
+ loginService.login("daniel", ""));
System.out.println("still logged in?\n\t" + loginService.isLoggedin());
System.out.println("logging out... \n \t success: "
+ loginService.logout());
System.out.println("still logged in?\n\t" + loginService.isLoggedin());
}And I was not able to set the @SecurityDomain("JBossWS") annotation in the server class. (I don't know which jar to import ...)
Tanks for any help!
