Hi,
i research the web and cant find anything to solve my problem, using Axis2
client.
The problem: a Servlet that receives many requests from different users that
need to connect with many other servers that have client authentication with
certificates and this certificates is one by user, then for each user my
servlet need to use different certificates.
My solution without Axis2 client:
public void createSSLContextForUser(String loginName,String password) throws
Exception {
KeyStore ksClient = KeyStore.getInstance("PKCS12");
char[] passwordClient = password.toCharArray();
java.io.FileInputStream fis = null;
try {
fis = new
java.io.FileInputStream("/opt/users/"+loginName+"/certificate.pfx");
ksClient.load(fis, passwordClient);
} finally {
if (fis != null) {
fis.close();
}
}
KeyStore ksTrust = KeyStore.getInstance("JKS");
char[] passwordTrust = "changeit".toCharArray();
java.io.FileInputStream fisTrust = null;
try {
fisTrust = new
java.io.FileInputStream("/opt/java/procution/jre/lib/security/cacerts");
ksTrust.load(fisTrust, passwordTrust);
} finally {
if (fisTrust != null) {
fisTrust.close();
}
}
KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ksClient, passwordClient);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ksTrust);
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
session.put("wsCertificate",ctx);
}
private void callWebService() throws Exception{
HttpsURLConnection wsConnection =
(HttpsURLConnection)wsURL.openConnection();
//get SSLContext for user session.
SSLContext ctx = (SSLContext)session.get("wsCertificate");
wsConnection.setSSLSocketFactory(ctx.getSocketFactory());
wsConnection.setDoInput(true);
wsConnection.setDoOutput(true);
wsConnection.setRequestProperty("Content-type",contentType.getTextString());
wsConnection.setRequestProperty("SOAPAction",soapAction.getTextString());
wsConnection.setRequestMethod(method.getTextString());
//send
byte stream[] = envMessage.getBytes();
wsConnection.setRequestProperty("Content-length",Integer.toString(stream.length));
OutputStream os = wsConnection.getOutputStream();
BufferedOutputStream bos = new
BufferedOutputStream(os,stream.length);
bos.write(stream,0,stream.length);
bos.flush();
bos.close();
//receive
InputStream is = wsConnection.getInputStream();
BufferedInputStream bis = new BufferedInputStream(is);
byte buffer[] = new byte[1514];
int byteCount = 0;
while ((byteCount = bis.read(buffer)) > 0) {
//create XML from reply on the fly.
}
bis.close();
}
at login on my servlet the metthod createSSLContextForUser is called, and
SSLContext is put in the user session, later in other request when i need to
call a webService that need client certificate by user session the
callWebService is executed.
i research Axis2 documentation and cant find a way to set SSLContext in any
method, all finds tell to use
System.setProperty("javax.net.ssl.keyStore",keyStore), but i need this per
session, not per system. and appears that using HttpClient solution i cant
set what SSLContext to use on request.
any trick?
best regards
Clóvis
