1 Reply Latest reply on Jun 16, 2011 2:10 PM by dongenar

    Using JBoss 4.2.3 as a webservice client, and signing it

    dongenar

      Hi,

       

      I'm using JBoss 4.2.3.GA with java 5.

       

      I created a webservice client which I generated the source code for from a wsdl with the next command in the bin folder:

      wsconsume -k -o target -s source wsdlname.wsdl

       

      I put this code in a generated jar which I am using in my client jar. I package my client jar in a war file and and package this war file in an ear.

      When I deploy the ear in my container my client works as it should be. So far so good.

       

      Now I need to implement that the soap message that is being send needs to be signed.

       

      I've found the following "tutorial on the web which I followed":

      http://www.developer.com/java/other/article.php/10936_3802631_4/Securing-Web-Services-in-JBoss-Application-Server-with-WS-Security.htm

       

      What I did is the following:

      1. used keytool to create the client certificate ( I did not generate a server certificate, because I receaved it form the server)

      2. added a JBoss-wsse-client.xml file to the META-INF folder

      3. added a standard-jaxws-client-config.xml to the META-INF folder

       

      I created a client and run it from the jboss/bin folder with wsrunclient.bat, this works fine.

       

      Trying in in the container:

      Now I packaged this all in my ear and tried to run it but it looks like the container does not see the configuration files in the META-INF folder. The webservice still works, but no security signature is added when it is send.

       

      Could anyone help me what am I doing wrong? Should these files be placed in another location (not in the META-INF form the client.jar? Should anything else be configured, or should some jars be included in the classpath for this to work?

       

      Thanks in advance.

        • 1. Re: Using JBoss 4.2.3 as a webservice client, and signing it
          dongenar

          Well, I've found what was the issue.

           

          When I followed the manual I ran it all in the bin folder. This uses the client folder and that all worked well

           

          When I created an ear I first created the client sources and put them in my mvn project, the problem here was that I added the wrong dependencies in my mvn pom. because of this everything build well but It did not have the JBoss specifics to get the security working.

          For the generated client I nw use the following jars from the jbossws-3.0.1-native-2.0.4.GA (not in mvn repo so needs to be downloaded manually and put in local repo) :

          - jbossws-core.jar

          - jboss-jaxws.jar

          - jaxb-api

          All with scope provided.

           

          Then I created my client. The dependencies I used here are also the ones from jbossws-3.0.1-native-2.0.4.GA.

          - jbossws-core.jar

          - jboss-jaxws.jar

          - jboss-saaj.jar

          - jaxb-api

          All with scope provided.

           

          Now the client worked well.

          In my container I added an endorsed folder to my lib folder of the instance I was running (and updated the runconfiguration so it also saw this endorsed folder as the folder to look in, normally only jboss\lib\endorsed folder). So now I have the endorsed folder at the location jboss\server\<instance name>\lib\endorsed.

          In this endorsed folder I added the following files from jbossws-3.0.1-native-2.0.4.GA:

          - jbossws-core.jar

          - jboss-jaxws.jar

          - jboss-saaj.jar

          - jboss-jaxws-ext.jar

           

          Now it all worked fine.