Axis 2 - SSL with Client Authentication

Wed, 27 Aug 2008 05:39:06 -0700 

Hi Everybody!

I am really stuck with the problem below, but I am looking forward that
someone can help me! ;)
(Or give me at least a useful hint on were to search for more
information...)

Basically I have a running webservice based on AXIS 2. 

Now I have to make it secure. Be secure I mean the following to things:
   - Transport via SSL (Https)
   - Client Authentication using a Client Certificate

Basically all messages have to be transferred over https and only "trusted"
clients - whoses certificates reside in the server's .truststore - shall be
worked with.

After one and a half day of browsing the internet, I have no really come
across a solution.

What I did till now is the following:
   - Enable https in Tomcat 6 after generating a server key
   - If I import this server key into the client's .truststore I can call me
webservice by passing a https in the existing endpointreference

The problem I am really stuck with is the part with the client certificates
and I have nearly no clue on which steps are to be performed... :(

I already tried uncommenting the following block in the Axis2.xml, as I
think that this is the part that I need, but I just results in a
NullPointerException when starting my tomcat.

 <!-- the non blocking https transport based on HttpCore + SSL-NIO
extensions -->
    <!--<transportReceiver name="https"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
        <parameter name="port" locked="false">9002</parameter>
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="keystore" locked="false">
            <KeyStore>
                <Location>D:/Apache Tomcat 6.0.18/.keystore</Location>
                <Type>JKS</Type>
                <Password>password</Password>
                <KeyPassword>password</KeyPassword>
            </KeyStore>
        </parameter>
        <parameter name="truststore" locked="false">
            <TrustStore>
                <Location>trust.jks</Location>
                <Type>JKS</Type>
                <Password>password</Password>
            </TrustStore>
        </parameter>-->
        <!-- <parameter name="SSLVerifyClient">require</parameter> -->
         <!-- supports optional|require or defaults to none -->
    <!--</transportReceiver> -->

[INFO]
java.lang.NullPointerException
        at
org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener.getSSLContext(HttpCoreNIOSSLListener.java:9
6)
        at
org.apache.axis2.transport.nhttp.HttpCoreNIOListener.init(HttpCoreNIOListener.java:151)
        at
org.apache.axis2.engine.ListenerManager.start(ListenerManager.java:125)
        at
org.apache.axis2.transport.http.AxisServlet.init(AxisServlet.java:442)
        at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1172)
        at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:992)
        at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4058)
        at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4371)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
        at
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:926)
        at
org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:889)
        at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
        at
org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
        at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
        at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
        at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
        at
org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
        at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
        at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:516)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)

Thanks in Advance for both your time and your knowledge!

Greetings
Stefan
-- 
View this message in context: 
http://www.nabble.com/Axis-2---SSL-with-Client-Authentication-tp19180080p19180080.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to