Java Web Services: SOAP over SSL – CXF Framework


CXF Service Interface – CalculationServerIfc.java

package test.calculationserver;

import javax.jws.WebService;

@WebService
public interface CalculationServerIfc {
 public int add(int a, int b);
 public int subtract(int a, int b);
}

Let’s assume that the wsdl is accessible @ https://localhost:8443/calculationserver/CalculationServerImpl?wsdl

CXF Client Implementation

client-config.xml


<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schema/jaxws.xsd">

 <bean id="client" factory-bean="clientFactory"
 factory-method="create" />

 <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
 <property name="serviceClass" value="test.calculationserver.CalculationServerIfc" />
 <property name="address" value="https://localhost:8443/calculationserver/CalculationServerImpl?wsdl" />
 </bean>

</beans>

TestCXFCalcService.java

import org.springframework.context.support.ClassPathXmlApplicationContext;

import test.calculationserver.CalculationServerIfc; //Generated Stub

public class TestCXFCalcService{
 public static void main(String a[]){
 ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("client-beans.xml");
 CalculationServerIfc client = (CalculationServerIfc) context.getBean("client");
 System.out.println("Adding 5 and 4: " + client.add(5,4));
 }
}

Now, if we run this program, it’ll throw an exception.

What’s the quick solution for this issue?

1. We’ve to disable CN (Server Certificate’s Common Name) check in the code
2. We’ve to trust all certificates from server

How to do this programatically?

import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.frontend.ClientProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.springframework.context.support.ClassPathXmlApplicationContext;

import test.calculationserver.CalculationServerIfc; //Generated Stub

public class TestCXFCalcService{
 public static void main(String a[]){
 ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("client-beans.xml");
 CalculationServerIfc client = (CalculationServerIfc) context.getBean("client");

 ClientProxyFactoryBean factory = new ClientProxyFactoryBean();
 Client proxy = ClientProxy.getClient(client);

 HTTPConduit conduit = (HTTPConduit) proxy.getConduit();

 TLSClientParameters tcp = new TLSClientParameters();
 tcp.setDisableCNCheck(true);
 // Creating Trust Manager
 TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
 public java.security.cert.X509Certificate[] getAcceptedIssuers() {
 return null;
 }

 public void checkClientTrusted(
 java.security.cert.X509Certificate[] certs, String authType) {
 }

 public void checkServerTrusted(
 java.security.cert.X509Certificate[] certs, String authType) {
 }
 } };

 tcp.setTrustManagers(trustAllCerts);
 conduit.setTlsClientParameters(tcp);

 System.out.println("Adding 5 and 4: " + client.add(5,4));
 }
}
About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 26 other followers

%d bloggers like this: