Originally I was using the ant task to call wsdl2java. After flailing
around trying to get SSL to work with that, I backed up and started
from the command line. I got that working and implemented it in Ant
using the java task. Everything works now.
To summarize...
1) Setup SSL in the app server (see app server docs for info - the
certficate common name must be the host name your SOAP client will use
to access the service)
2) Export the server-side certificate (see jdk keytool docs for info)
3) Import the certificate into a separate keystore that the wsdl2java
will use (see jdk keytool docs for info)
4) Call wsdl2java with (see axis docs for info)
-Djavax.net.ssl.trustStore=<clientKeystoreLocation>
-Djavax.net.ssl.trustStorePassword=<clientKeystorePassword>
-Djavax.net.ssl.keyStore=<clientKeystoreLocation>
-Djavax.net.ssl.keyStorePassword=<clientKeystorePassword>
any options for wsdl2java
the URL of the wsdl (https://<host>:<securePort>/...?wsdl)
5) In Ant, use a forked java task calling wsdl2java with jvmarg (for
the SSL properties) and arg (for wsdl2java options) subelements
6) In the code that calls the wsdl2java generated client
System.setProperty("javax.net.ssl.trustStore", <keystorePath>);
System.setProperty("javax.net.ssl.trustStorePassword", <keystorePass>);
System.setProperty("javax.net.ssl.keyStore", <keystorePath>);
System.setProperty("javax.net.ssl.keyStorePassword", <keystorePass>);
java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
If you are doing client authentication, I think there's steps missing
between 3 & 4 where you have to create/export a client-side
certificate and import that into the server keystore (but I didn't
need to do that here so I haven't documented it).
If there's an easier way to get the wsdl2java Ant task to work (like
some way to pass the SSL info to the jvm so that the java task isn't
needed) that'd be cool - otherwise it all works now and I hope this
info will help the next person to come along.
thx
On 6/7/05, Nathaniel A. Johnson <[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Andy Kriger wrote:
> > Thanks - I manage to get it working once I stopped using Ant to run
> > wsdl2java - is there a way to pass in those Java properties to the Ant
> > wsdl2java task? Or do I have to use a java task that calls wsdl2java?
>
> are you asking for help using the command line wsdl2java?
>
> http://ws.apache.org/axis/java/user-guide.html#WSDL2JavaBuildingStubsSkeletonsAndDataTypesFromWSDL
>
> or do you want help on the ant task?
>
> http://ws.apache.org/axis/java/ant/axis-wsdl2java.html
>
> nate
>
> >
> > On 6/7/05, Nathaniel A. Johnson <[EMAIL PROTECTED]> wrote:
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.0 (MingW32)
>
> iD8DBQFCpe30gj8ksIjnb2wRAvibAKCjIaoz+p4F32nq7/544bcO4hC9wgCcCNXH
> X410ALx0Lp+bDOB+0Y/X+1Y=
> =Ne2C
> -----END PGP SIGNATURE-----
>
