Hi Chris -
> Can you post the relevant parts of your code?
I used WSDL2Java to create stubs for the Web Service I am connecting to.
Here is my code that wraps around the generated stubs:
try
{
writer = new BufferedWriter(new FileWriter(outFile));
loc = new SDXWSLocator(xmlns, serviceProvider, soapAddress, username,
password);
soap = loc.getSDXWSSoap();
MISO2007-10-152007-10-16Daily");
ioBuff =
soap.sendData("MISO");
MISO2007-10-151");
//Log.log("ioBuff="+ioBuff);
if(StringTools.isStringNull(ioBuff) == false)
writer.write(ioBuff);
writer.close();
}
catch(IOException ioe)
...
The only method in the stubs that I modified was sendData() to include the
username/password in the soap header. Here is that code:
public java.lang.String sendData(java.lang.String szXMLRequest) throws
java.rmi.RemoteException
{
if (super.cachedEndpoint == null)
{
throw new org.apache.axis.NoEndPointException();
}
org.apache.axis.client.Call _call = createCall();
_call.setOperation(_operations[1]);
_call.setUseSOAPAction(true);
_call.setSOAPActionURI("SDX:SendData");
_call.setEncodingStyle(null);
_call.setProperty(org.apache.axis.client.Call.SEND_TYPE_ATTR,
Boolean.FALSE);
_call.setProperty(org.apache.axis.AxisEngine.PROP_DOMULTIREFS,
Boolean.FALSE);
_call.setSOAPVersion(org.apache.axis.soap.SOAPConstants.SOAP12_CONSTANTS);
_call.setOperationName(new
javax.xml.namespace.QName("http://ws.sdx.net";, "SendData"));
/*
* Add the authentication information to the Header.
*
* Added manually by FLB.
*/
SOAPHeaderElement header = new SOAPHeaderElement(sXmlns,
"AuthenticationXML");
SOAPElement node;
try
{
node = header.addChildElement("User");
node.addTextNode(sUser);
node = header.addChildElement("Password");
node.addTextNode(sPassword);
}
catch (SOAPException ex)
{
ex.printStackTrace();
}
_call.addHeader(header);
setRequestHeaders(_call);
setAttachments(_call);
try
{
log("szXMLRequest.size="+szXMLRequest.length()+" "+szXMLRequest);
java.lang.Object _resp = _call.invoke(new java.lang.Object[]
{szXMLRequest});
if (_resp instanceof java.rmi.RemoteException)
{
throw (java.rmi.RemoteException)_resp;
}
else
{
extractAttachments(_call);
try
{
return (java.lang.String) _resp;
}
catch (java.lang.Exception _exception)
{
return (java.lang.String)
org.apache.axis.utils.JavaUtils.convert(_resp, java.lang.String.class);
}
}
}
catch (org.apache.axis.AxisFault axisFaultException)
{
throw axisFaultException;
}
}
> Your code may have to become a lot more complicated in order
> to make a connecting using a client certificate while running
> within Tomcat.
I hope not ... it seems like I'm so close.
> Or, you may have to override the keystore on
> Tomcat's command-line so that these system properties are set
> /before/ Tomcat tried to load anything itself.
I added the following to the Tomcat startup command:
-Djavax.net.ssl.trustStore="C:/certs/datahub.keystore"
-Djavax.net.ssl.trustStorePassword="wintwins"
-Djavax.net.ssl.keyStore="C:/certs/SDXWebservice.pfx"
-Djavax.net.ssl.keyStorePassword="137246?82"
-Djavax.net.ssl.keyStoreType="PKCS12"
with no difference in the way things are running. I think my truststore
file is being used because if I don't define the truststore, the
communication process traps out much sooner.
I hope this helps you help me!
- Frank.
> -Original Message-
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: Monday, June 22, 2009 3:03 PM
> To: Tomcat Users List
> Subject: Re: Trouble calling a secure Web Service requiring
> client certificate
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Frank,
>
> On 6/22/2009 3:53 PM, frank.bowar wrote:
> > I've got a TOMCAT application that pulls data from a Web
> Service and
> > just recently the Web Service was hardened to require
> client certificates.
> >
> > I debugged all my certificate issues and got my Java class
> that talks
> > to the Web Service working just fine as a stand-alone app.
> However,
> > I'm having trouble getting it to work within Tomcat. My
> certificate
> > is not being sent to the Web Service.
>
> Can you post the relevant parts of your code?
>
> > This is how I initialize my keystore and truststore:
> >
> > System.setProperty("javax.net.ssl.trustStore