Java Web Services: SOAP over SSL - CXF Framework

CXF Service Interface – CalculationServerIfc.java

package test.calculationserver;

import javax.jws.WebService;

@WebService
public interface CalculationServerIfc {
 public int add(int a, int b);
 public int subtract(int a, int b);
}

Let’s assume that the wsdl is accessible @ https://localhost:8443/calculationserver/CalculationServerImpl?wsdl

CXF Client Implementation

client-config.xml

<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schema/jaxws.xsd">

 <bean id="client" factory-bean="clientFactory"
 factory-method="create" />

 <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
 <property name="serviceClass" value="test.calculationserver.CalculationServerIfc" />
 <property name="address" value="https://localhost:8443/calculationserver/CalculationServerImpl?wsdl" />
 </bean>

</beans>

TestCXFCalcService.java

import org.springframework.context.support.ClassPathXmlApplicationContext;

import test.calculationserver.CalculationServerIfc; //Generated Stub

public class TestCXFCalcService{
 public static void main(String a[]){
 ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("client-beans.xml");
 CalculationServerIfc client = (CalculationServerIfc) context.getBean("client");
 System.out.println("Adding 5 and 4: " + client.add(5,4));
 }
}

Now, if we run this program, it’ll throw an exception.

What’s the quick solution for this issue?

1. We’ve to disable CN (Server Certificate’s Common Name) check in the code
2. We’ve to trust all certificates from server

How to do this programatically?

import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.frontend.ClientProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.springframework.context.support.ClassPathXmlApplicationContext;

import test.calculationserver.CalculationServerIfc; //Generated Stub

public class TestCXFCalcService{
 public static void main(String a[]){
 ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("client-beans.xml");
 CalculationServerIfc client = (CalculationServerIfc) context.getBean("client");

 ClientProxyFactoryBean factory = new ClientProxyFactoryBean();
 Client proxy = ClientProxy.getClient(client);

 HTTPConduit conduit = (HTTPConduit) proxy.getConduit();

 TLSClientParameters tcp = new TLSClientParameters();
 tcp.setDisableCNCheck(true);
 // Creating Trust Manager
 TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
 public java.security.cert.X509Certificate[] getAcceptedIssuers() {
 return null;
 }

 public void checkClientTrusted(
 java.security.cert.X509Certificate[] certs, String authType) {
 }

 public void checkServerTrusted(
 java.security.cert.X509Certificate[] certs, String authType) {
 }
 } };

 tcp.setTrustManagers(trustAllCerts);
 conduit.setTlsClientParameters(tcp);

 System.out.println("Adding 5 and 4: " + client.add(5,4));
 }
}

About these ads