Introduction
In previous Blog (http://thejaka-amila.blogspot.com/2012/04/tomcat-axis2-and-https.html) we learnt how to deploy a service with HTTPS transport. Now my requirement is to call HTTPS secured service using a Java client.
Steps
1. Configure SSL for Tomcat and Axis 2. Follow instructions in [1]
2. Deploy "AddService.aar", i.e. place AddService.aar in $TOMCAT_HOME/webapps/axis2/WEB-INF/services directory
3. Write client program
Writing the client program
So what is the difference between writing a Java client for a normal web service and writing a Java client for HTTPS secure web service ?
The difference is, we need to make our client program prepared for HTTPS handshake and we need to make our client program trust the certificate provided by the server (Tomcat in this case). The Java code which handles SSL connections already capable of handling handshake. But we need to specify where to look for trusted certificate within the client program.
For that we need to specify following bit of code to our client program,
/**
* Set SSL trust store parameters.
*/
System.setProperty("javax.net.ssl.trustStore", "/home/amila/development/apache/rampart-v2-tests/jks/client-jks/client.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "client");
javax.net.ssl.trustStore points to actual trust store and with javax.net.ssl.trustStorePassword we need to specify the password.
You may find complete code snippet in [2].
References
[1] http://thejaka-amila.blogspot.com/2012/04/tomcat-axis2-and-https.html
[2] Client and Server code - http://people.apache.org/~amilaj/ws-scenarios/https-call/raw-https.zip
In previous Blog (http://thejaka-amila.blogspot.com/2012/04/tomcat-axis2-and-https.html) we learnt how to deploy a service with HTTPS transport. Now my requirement is to call HTTPS secured service using a Java client.
Steps
1. Configure SSL for Tomcat and Axis 2. Follow instructions in [1]
2. Deploy "AddService.aar", i.e. place AddService.aar in $TOMCAT_HOME/webapps/axis2/WEB-INF/services directory
3. Write client program
Writing the client program
So what is the difference between writing a Java client for a normal web service and writing a Java client for HTTPS secure web service ?
The difference is, we need to make our client program prepared for HTTPS handshake and we need to make our client program trust the certificate provided by the server (Tomcat in this case). The Java code which handles SSL connections already capable of handling handshake. But we need to specify where to look for trusted certificate within the client program.
For that we need to specify following bit of code to our client program,
/**
* Set SSL trust store parameters.
*/
System.setProperty("javax.net.ssl.trustStore", "/home/amila/development/apache/rampart-v2-tests/jks/client-jks/client.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "client");
javax.net.ssl.trustStore points to actual trust store and with javax.net.ssl.trustStorePassword we need to specify the password.
You may find complete code snippet in [2].
References
[1] http://thejaka-amila.blogspot.com/2012/04/tomcat-axis2-and-https.html
[2] Client and Server code - http://people.apache.org/~amilaj/ws-scenarios/https-call/raw-https.zip
No comments:
Post a Comment