2 Replies Latest reply on Dec 14, 2011 6:13 AM by immobilia immobilia

    Jboss 6.0 WebService Client with SSL (Saaj)

    Fabiano Oss Newbie

      Hi,

       

      I'm testing my application in the Jboss 6.0.0.Final. This application, actualy works on jboss 4.2.3. The application call a web service with SSL, using this way:

       

              System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");

              System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");

              Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

              System.setProperty("https.proxySet", "true"); 

              System.setProperty("https.proxyHost", "proxy's ip"); 

              System.setProperty("https.proxyPort", "proxy's port");

              Authenticator.setDefault(new ProxyAuthenticator("proxy's user", "proxy's password"));

              System.setProperty("javax.net.ssl.trustStoreType", "JKS");

              System.setProperty("javax.net.ssl.trustStore", "path of the trust");

              System.setProperty("javax.net.ssl.trustStorePassword", "password");

       

              System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");

              System.setProperty("javax.net.ssl.keyStore", "path of the .p12 file" );

              System.setProperty("javax.net.ssl.keyStorePassword", "password");

      ....

             MessageFactory factory = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL);

             ....

             SOAPConnection con = SOAPConnectionFactory.newInstance().createConnection();

             SOAPMessage res = con.call(message, url);

       

      When I execute my application on Jboss 6, the result is: "The page requires a client certificate". But I execute with Jboss 4.2.3 works fine.

      How do I fix this?

       

      Thank you.

        • 1. Jboss 6.0 WebService Client with SSL (Saaj)
          Fabiano Oss Newbie

          protected ByteArrayOutputStream sendMessage(URL urlWSDL, QName qService, QName qPort, String soapMessage) throws Exception {

                  MessageFactory factory = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL);

                  SOAPMessage message;

                  MimeHeaders header = new MimeHeaders();

                  header.addHeader("Content-Type", "application/soap+xml");

                  message = factory.createMessage(header, new ByteArrayInputStream(soapMessage.toString().getBytes()));

                  Service service = Service.create(urlWSDL, qService);

                  Dispatch<SOAPMessage> dispatch = service.createDispatch(qPort, SOAPMessage.class,Service.Mode.MESSAGE);

                  setSecurity(dispatch);

                  SOAPMessage res = dispatch.invoke(message);

                  ByteArrayOutputStream out = new ByteArrayOutputStream();

                  res.writeTo(out);

                  return out;

          }

           

              private void setSecurity(Dispatch<SOAPMessage> dispatch) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, InvalidKeyException, InvalidKeySpecException, UnrecoverableKeyException {

                  Client client = ((org.apache.cxf.jaxws.DispatchImpl) dispatch).getClient();

                  HTTPConduit http = (HTTPConduit) client.getConduit();

                  HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();

                  setProxy(security, http, httpClientPolicy);

                  http.setClient(httpClientPolicy);

                  TLSClientParameters tlsParams = new TLSClientParameters();

                  TrustManager[] trustMgr = addTrustManagers(security);

                  KeyManager[] keyMgr = addCertificado(security);

                  tlsParams.setKeyManagers(keyMgr);

                  tlsParams.setTrustManagers(trustMgr);

                  http.setTlsClientParameters(tlsParams);

              }

           

              private void setProxy(SegurancaDES security, HTTPConduit http,

                      HTTPClientPolicy httpClientPolicy) {

                  httpClientPolicy.setProxyServer("192.168.1.1");

                  httpClientPolicy.setProxyServerPort("3128");

                  http.getProxyAuthorization().setUserName("proxyUser");

                  http.getProxyAuthorization().setPassword("proxyPassword);

              }

           

              private KeyManager[] addCertificado(SegurancaDES security)

                      throws KeyStoreException, IOException, NoSuchAlgorithmException,

                      CertificateException, FileNotFoundException,

                      UnrecoverableKeyException {

                  KeyStore ks1;

                  ks1 = KeyStore.getInstance("PKCS12");

                  ks1.load(new FileInputStream(new File("file path")),"password".toCharArray());

                  KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

                  keyFactory.init(ks1, "password".toCharArray());

                  KeyManager[] keyMgr = keyFactory.getKeyManagers();

                  return keyMgr;

              }

          • 2. Re: Jboss 6.0 WebService Client with SSL (Saaj)
            immobilia immobilia Newbie

            What is you reply ? the solution for CXF ?

             

            i found similar question :

            WS client SSL Jboss 6 : handshake_failure

            No trusted certificate found - JBossWS Client

            Call web services with different certificates

             

            But i dont want deploy my certificate on Jboss, i need, a dynamic certificate loading for my AXIS webservice client called under Jboss 6.