Hello,
I am trying to deploy a Restlet application as a Servlet to weblogic using SSL
for authentication and authorization. I have successfully gotten the SSL
authentication to work with my Restlet, running it as a Java application using
the default Jetty
container. Now I'm trying to deploy it to weblogic.
I am trying to use mutual authentication.
I have client and server keystores and a trustore for each. I used OpenSSL to
create a certificate authority and have signed
client and server certificates correctly imported into their respective
truststores.
I have the SSL code used for the class that extends org.restlet.Application.
That class gets associated with the necessary
org.restlet.application context-param in the web.xml when trying to configure
the servlet(see it below the code).
Besides
A)The code in the class below that extends Application
B)The content of the web.xml that follows the class
C)Adding a user with a username that matches that of the distinguished name of
the client certificate
Should I have to do anything else?
I have a client(using the HttpsUrlConnection class) that successfully connects
when running it as a Java Application in the
default Jetty Container, but it doesn't connect to what I am trying to deploy
in Weblogic. I get the old "connection refused"
message using the -Djava.net.debug=all switch at the command like (for the
client) and it doesn't looking like it's getting
into the server side of the handshake.
Is There anything else I am missing that anyone on here can think of or can you
provide a link to any tutorials deploying
Restlets as a Servlet on any web container(Tomcat?) using SSL (besides the
default Jetty setup).
Thanks!
public class ServiceApplication extends org.restlet.Application
{
.
.
.
//This all works fine running it as a Java Application using the built in Jetty
container.
Properties properies = getConfiguredProperties():
Server server = getServers().add(Protocol.HTTPS, port);
Context context = server.getContext();
context.getParameters()
.add("keystorePath",
properties.getProperty("serverKeystorePath"));
context.getParameters()
.add("keystorePassword",
properties.getProperty("serverKeystorePassword"));
context.getParameters()
.add("keystoreType",
properties.getProperty("keystoreType"));
context.getParameters()
.add("keyPassword",
properties.getProperty("serverKeystorePassword"));
context.getParameters().add("needClientAuthentication", "true");
System.setProperty("javax.net.ssl.trustStoreType",
properties.getProperty("javax.net.ssl.trustStoreType"));
System.setProperty("javax.net.ssl.trustStore",
properties.getProperty("serverTrustStore"));
System.setProperty("javax.net.ssl.trustStorePassword",
properties.getProperty("javax.net.ssl.trustStorePassword"));
.
.
.
}
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";>
<display-name>Data Services</display-name>
<context-param>
<param-name>org.restlet.application</param-name>
<param-value>
com.mycompany.service.ServicesApplication
</param-value>
</context-param>
<!-- Restlet adapter -->
<servlet>
<servlet-name>DataServices</servlet-name>
<servlet-class>com.noelios.restlet.ext.servlet.ServerServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>DataServices</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Data Services</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
<security-role>
<role-name>
user
</role-name>
</security-role>
</security-constraint>
</web-app>
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2371843
