0 Replies Latest reply on Jun 27, 2006 3:27 PM by Scott Jones

    4.0.2 WS4EE:  How to ignore untrusted certs

    Scott Jones Newbie

      I have a web gui that needs to talk to an untrusted webservice. The nodes behind this server could change. So I need a way to ignore self signed, untrusted, certs.

      I used wscompile to gend the client stubs and I am using ws4ee on the client.

      The way to do this in JWSDP is to register your own Trust Manager

      package com.acxiom.german.mover.ejb.mover.test;
      
      
      import java.net.URL;
      import java.net.URLConnection;
      
      import javax.net.ssl.HttpsURLConnection;
      import javax.net.ssl.SSLContext;
      import javax.net.ssl.TrustManager;
      import javax.net.ssl.X509TrustManager;
      
      import java.security.cert.X509Certificate;
      
      import javax.xml.rpc.Stub;
      
      import junit.framework.TestCase;
      
      import org.apache.log4j.Logger;
      
      import com.acxiom.german.mover.ejb.mover.gend.GermanMoverEndpoint;
      import com.acxiom.german.mover.ejb.mover.gend.GermanMoverOutput;
      import com.acxiom.german.mover.ejb.mover.gend.GermanMover_Impl;
      import com.acxiom.german.mover.ejb.mover.gend.NameAddressInput;
      import com.acxiom.german.mover.ejb.mover.gend.UnparsedAddress;
      
      public class GermanMoverHTTPSSoapTest extends TestCase {
       private Logger _log = Logger.getLogger(GermanMoverHTTPSSoapTest.class);
      
       private static class CustomTrustManager implements X509TrustManager
       {
       public X509Certificate[] getAcceptedIssuers()
       {
       return null;
       }
      
       public void checkClientTrusted(X509Certificate[] certs, String authType)
       {
       }
      
       public void checkServerTrusted(X509Certificate[] certs, String authType)
       {
       }
       }
      
       public void testRemoteGetByAddress() {
       try {
       TrustManager[] trustAllCerts = new TrustManager[1];
       trustAllCerts[0] = new CustomTrustManager();
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
      
       System.out.println("Custom trust manager installed...");
      
       GermanMover_Impl loc = new GermanMover_Impl();
       GermanMoverEndpoint endPoint = loc.getGermanMoverEndpointPort();
       Stub stub = (Stub) endPoint;
      
       NameAddressInput input = new NameAddressInput();
       String name = new String();
       UnparsedAddress address = new UnparsedAddress();
       String[] addressLines = new String[4];
       GermanMoverOutput output;
      
       addressLines[0] = "Sachsenkamstr. 17";
      
       name = "Michael Passer";
      
       address.setAddressLines(addressLines);
       address.setCity("München");
       address.setCountry("Germany");
       address.setPostalCode("80333");
      
       input.setAddress(address);
       input.setName(name);
       input.setUserID("123");
       input.setDataSource("111");
      
       stub._setProperty(Stub.USERNAME_PROPERTY, "XXX");
       stub._setProperty(Stub.PASSWORD_PROPERTY, "YYY");
       stub._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://server.someplace.net:8443/germanMover/1.0");
       output = endPoint.selectByNameAddress (input);
       System.out.println("The Web Service said: " + output);
       }
       catch (Exception e) {
       System.out.println(e);
       }
      
       }
      
      }
      

      We are using JDK 1.4, JBoss 4.0.2, JWSDP 1.6

      Any help would be great