Re: java client code to https service under tomcat
On 08/06/10 16:19, p Nut wrote: > Thanks for your reply bruno. > > One thing i didnt mention in my earlier post was that my client app runs as a > portlet under liferay portal framework. So I am looking into the possibility > of liferay messing things up, but i doubt it. > > I have tried your code in standalone java application and I get the > following error. > Exception in thread "main" Bad Request (400) - Bad Request > at org.restlet.resource.ClientResource.get(ClientResource.java:452) > > here is the code from the app > " > String uri = "https://www.google.com/";; > ClientResource clientResource = new ClientResource(new > Context(), new Reference(uri)); > //clientResource.setProtocol(Protocol.HTTPS); > clientResource.get(); > if (clientResource.getStatus().isSuccess() > && clientResource.getResponseEntity().isAvailable()) { >Representation rep = clientResource.getResponseEntity(); >try { > rep.write(System.out); > } catch (IOException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > " > > > Also regarding the security certificate. Here is the error. > " > https://xyz.com uses an invalid security certificate. > The certificate is not trusted because the issuer certificate has expired. > (Error code: sec_error_expired_issuer_certificate) > " I'm a bit surprised this gives you 400 or 505 status codes, but I'm not surprised this gives you an error. It sounds the problem comes from your certificate rather than anything else (check its notBefore and notAfter dates). Just to check whether it comes from Restlet or not, perhaps it's worth trying something like this (again, standalone app): URL url = new URL("https://./";); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); System.out.println("Response code: " + connection.getResponseCode()); // Read the input stream and close if you want You might also be able to see more details regarding what's going wrong using the debug system properties: -Djavax.net.debug=SSL,trustmanager I suspect this will give you too much information regarding certificates that are not relevant for this. As far as I remember there's about 120 CA certificates by default in the cacerts files on the Mac. Of course you'd only be interested in yours or its issuer. (It might be easier to have a local truststore containing just that certificate for better debugging.) Best wishes, Bruno. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2618829
RE: Re: java client code to https service under tomcat
Thanks for your reply bruno. One thing i didnt mention in my earlier post was that my client app runs as a portlet under liferay portal framework. So I am looking into the possibility of liferay messing things up, but i doubt it. I have tried your code in standalone java application and I get the following error. Exception in thread "main" Bad Request (400) - Bad Request at org.restlet.resource.ClientResource.get(ClientResource.java:452) here is the code from the app " String uri = "https://www.google.com/";; ClientResource clientResource = new ClientResource(new Context(), new Reference(uri)); //clientResource.setProtocol(Protocol.HTTPS); clientResource.get(); if (clientResource.getStatus().isSuccess() && clientResource.getResponseEntity().isAvailable()) { Representation rep = clientResource.getResponseEntity(); try { rep.write(System.out); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } " Also regarding the security certificate. Here is the error. " https://xyz.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate has expired. (Error code: sec_error_expired_issuer_certificate) " Thanks pNut -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2618503
Re: java client code to https service under tomcat
Hi, On 07/06/2010 22:45, p Nut wrote: > I am trying to write a java client which calls the web service. all the > following circumstances work. > -access service using browser using http and also https. Using https, I can > access my service using a browser. I will have to accept the exception in > firefox tough. > > -java client using http. > But i am not able to have my java client call the service using https > > So i followed the instructions in "configuring https " > http://wiki.restlet.org/docs_2.0/13-restlet/27-restlet/46-restlet/213-restlet.pdf > and also followed the thread HTTP over SSL. > http://restlet.tigris.org/ds/viewMessage.do?dsMessageId=2610413&dsForumId=4447 > > I have imported the cert into my client jvm cacerts using keytool as > mentioned in the instructions in the above link. You don't really need to set the system property to point to this cacerts file, since that would be the default value anyway. In addition, I wouldn't recommend to change the JRE's cacerts by hand (at least when experimenting), I tend to prefer to use another file. In this case you'd have to configure it to be a trust store, which I would do via the context's trustStore parameter rather than the global system property. > Here is the code which I am using on my client side. > System.setProperty("javax.net.ssl.trustStore", > "/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/lib/security/cacerts"); > String uri = "https://xyz:8443/webservice/get";; > ClientResource clientResource = new ClientResource(new Context(), new > Reference(uri)); > clientResource.setProtocol(Protocol.HTTPS); > clientResource.get(); > if (clientResource.getStatus().isSuccess() > && clientResource.getResponseEntity().isAvailable()) { > Representation rep = clientResource.getResponseEntity(); > } > > I am getting the following error > at this step: clientResource.get(); > Version Not Supported (505) - HTTP Version Not Supported > at org.restlet.resource.ClientResource.get(ClientResource.java:452) Can you try it outside Tomcat as a standalone application? I've just tried the following and it worked fine: String uri = "https://www.google.com/";; ClientResource clientResource = new ClientResource(new Context(), new Reference(uri)); // clientResource.setProtocol(Protocol.HTTPS); clientResource.get(); if (clientResource.getStatus().isSuccess() && clientResource.getResponseEntity().isAvailable()) { Representation rep = clientResource.getResponseEntity(); rep.write(System.out); } Would this work for you on your service? You mentioned an error message with Firefox, is it just a warning about the certificate not being trusted, or something else (does the server cert have the appropriate host name too, for example)? Best wishes, Bruno. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2618385
java client code to https service under tomcat
This is my first reslet service-client app. My service responds to a get request, and is running under a tomcat instance which accepts only https. I am trying to write a java client which calls the web service. all the following circumstances work. -access service using browser using http and also https. Using https, I can access my service using a browser. I will have to accept the exception in firefox tough. -java client using http. But i am not able to have my java client call the service using https So i followed the instructions in "configuring https " http://wiki.restlet.org/docs_2.0/13-restlet/27-restlet/46-restlet/213-restlet.pdf and also followed the thread HTTP over SSL. http://restlet.tigris.org/ds/viewMessage.do?dsMessageId=2610413&dsForumId=4447 I have imported the cert into my client jvm cacerts using keytool as mentioned in the instructions in the above link. Here is the code which I am using on my client side. System.setProperty("javax.net.ssl.trustStore", "/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/lib/security/cacerts"); String uri = "https://xyz:8443/webservice/get";; ClientResource clientResource = new ClientResource(new Context(), new Reference(uri)); clientResource.setProtocol(Protocol.HTTPS); clientResource.get(); if (clientResource.getStatus().isSuccess() && clientResource.getResponseEntity().isAvailable()) { Representation rep = clientResource.getResponseEntity(); } I am getting the following error at this step: clientResource.get(); Version Not Supported (505) - HTTP Version Not Supported at org.restlet.resource.ClientResource.get(ClientResource.java:452) Not sure what the error means. any help is appreciated. Also earlier today I have posted a topic without logging, it never made it to the discussion topics, wondering if its awaiting approval. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2618093