Question

How to use digital certificate in a java web service?

Asked by: jolly_rog

I'm creating a java web service using axis 1.4. I've already generated a client and service from a 3rd party provided wsdl.

The 3rd party server requires authentication and I have their certificate and keystore. When I test the client, the response tells me I'm not trusted, so I need to get the certificate (or a reference) put into the request. Or should I be using the keystore?

I've researched this and can't determine whether I should pass the location of the keystore or the the .cer file as a string with addBodyElement or addParameter or what? Or am I completely lost in the weeds?

I'm under time pressure on this, so max points. Thanks in advance.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-08-01 at 06:43:40ID24618825
Tags

JWS

,

SSL

Topics

Java Programming Language

,

Web Services

,

WebApplications

Participating Experts
1
Points
500
Comments
11

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Digital certification
    I have Word documents .And I want to make digital certification to them .Maybe,somebody have code how to make this "electronic signature" ,which receive as input Word document. Thanks
  2. Creating digital certificates
    Hi, I've been all up and down this internet and now my brain is fried from all the information overload. I did make attempts to create these, but nothing worked. Let me give a quick run down as to why I want these digital certificates: I have a Java application that export...
  3. digital certificates?
    what is "digital certificates" from the following? thanks SSL –Uses public-key technology and digital certificates to authenticate the server in a transaction –Protects information as it travels over Internet •Does not protect once stored on receivers server –...
  4. Digital Certificates
    Experts, I am new to using digital certificates. I develop software using MS Access 2003. I would like to include a digital certificate with my software so my customers don't have to lower their macro security settings. I am kinda confused when it comes to digital certificat...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: mwvisa1Posted on 2009-08-01 at 08:42:43ID: 24995715

 

by: jolly_rogPosted on 2009-08-01 at 10:59:58ID: 24996101

My client has to be authenticated on the third party service using the certificate they provided. And the code in the link is to fool java security into accepting a fake certificate. I can't be doing that.

 

by: mwvisa1Posted on 2009-08-01 at 12:59:11ID: 24996431

Sorry I must have misread the page.  When I find the code I did where I used a valid 3rd party certificate, I will post.  Thought the information in that link looked like what I used though.  Know definitely, I imported using keytool then used the TrustManager.  I know the topic is slightly different, but I was pointing you there for the API used.  Probably wrong of me, so as I said I know I have some code I used to connect a driver code I wrote to a remote web service via HTTPS and worked great.

Was back in 2004 on older JRE, so may be outdated approach but still works to this day.  Have only had to import new certificates as they expire.

 

by: jolly_rogPosted on 2009-08-01 at 16:56:18ID: 24997110

Since I'm using axis 1.4, that probably isn't too old. If you can find the code, that would be great.

 

by: mwvisa1Posted on 2009-08-02 at 08:31:35ID: 24999135

Apparently, the version I had on my flash drive is with HTTP, so must be on my machine that is currently 'toast' that I am recovering.   Will continue to look, but these look like references for same approach:

Using SSL with Axis
http://www.informit.com/articles/article.aspx?p=24604

Web Services Over SSL
http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html

(and referred link from Web Services Over SSL)
Use HTTPS in your Java client code
http://www.javaworld.com/javaworld/javatips/jw-javatip96.html

The gist of what I remember seems to be covered in the 1st and 3rd especially.

Hope that helps.

 

by: jolly_rogPosted on 2009-08-03 at 09:09:30ID: 25005737

Thanks, I think that has me going the right direction as far as the SSL stuff.

What I'm still having real trouble with is in my code, actually putting guts into my concrete class for my requests to work.

I've got my stubbed request methods that return null generated from the wsdl by axis. I'm spinning my wheels trying to figure out how to get reference to my endpoint or a Call instance or something to tell it, "OK, make the request."

I'm missing something (probably several somethings) and nothing I've been able to find is giving me any idea what to do.

The 3rd party service url has obviously been changed, but the one I'm using was provided by the 3rd party.

/*from my web service Member_Impl implements Member
  Member implements java.rmi.Remote*/
 
public RetrieveByCardResponse retrieveByCard(RetrieveByCardRequest params) throws java.rmi.RemoteException {
    	Member_ServiceLocator locator = null;
    	javax.xml.rpc.Call call = null;
    	Member_Service service = null;
 
    	try {
	locator = new Member_ServiceLocator("https://extwebservices-si.xxx.com/eProxy/member",new QName("RetrieveByCardRequest"));		
	} catch (ServiceException e) {
//500 from the service URL takes us here:
		loger.error(e.getMessage());
	}
		
    	RetrieveByCardResponse cardResponse = null;//Need to make a //call here, but no documentation from the 3rd party API to tell me //what returns this type.
    	return creditCardResponseType;
    }

                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:

Select allOpen in new window

 

by: jolly_rogPosted on 2009-08-11 at 12:47:01ID: 25072621

OK, never mind the previous code. I've started over using axis2 v 1.4. I'm sent a request and got a response, but when I tried to add a signature to the message, I got:

 org.apache.axis2.AxisFault: Missing wsse:Security header in request
      at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:517)
      at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:371)
      at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
      at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
      at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
      at com.tibco.www.secure.client.HelloPTSecureStub.sayHello(HelloPTSecureStub.java:161)
      at com.tibco.www.secure.client.HelloPTSecureClient.main(HelloPTSecureClient.java:42)

My wsdl:
 
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="HelloPTSecure" targetNamespace="http://www.tibco.com/secure" 
	xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
	xmlns:tns="http://www.tibco.com/secure" 
	xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
	xmlns:xs="http://www.w3.org/2001/XMLSchema" 
	xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
	xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
	xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
	<wsp:Policy wsu:Id="p1">
		<sp:AsymmetricBinding>
			<wsp:Policy>
				<sp:InitiatorToken>
					<wsp:Policy>
						<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
							<wsp:Policy>
								<sp:WssX509V3Token10/>
							</wsp:Policy>
						</sp:X509Token>
					</wsp:Policy>
				</sp:InitiatorToken>
				<sp:RecipientToken>
					<wsp:Policy>
						<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
							<wsp:Policy>
								<sp:WssX509V3Token10/>
							</wsp:Policy>
						</sp:X509Token>
					</wsp:Policy>
				</sp:RecipientToken>
				<sp:AlgorithmSuite>
					<wsp:Policy>
						<sp:TripleDesRsa15 />
					</wsp:Policy>
				</sp:AlgorithmSuite>
			</wsp:Policy>
		</sp:AsymmetricBinding>
		<sp:Wss10>
			<wsp:Policy>
				<sp:MustSupportRefEmbeddedToken />
				<sp:MustSupportRefIssuerSerial />
			</wsp:Policy>
		</sp:Wss10>
		<sp:SignedParts>
			<sp:Body />
		</sp:SignedParts>
  	</wsp:Policy>
  <wsdl:types>
    <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://www.tibco.com/secure" >
			<xs:element name="sayHelloFault">
				<xs:complexType>
					<xs:sequence>
						<xs:element form="unqualified" name="HelloFault" type="xs:string"/>
					</xs:sequence>
				</xs:complexType>
			</xs:element>
			<xs:element name="sayHello">
				<xs:complexType>
					<xs:sequence>
						<xs:element form="unqualified" name="HelloRequest" type="xs:string"/>
					</xs:sequence>
				</xs:complexType>
			</xs:element>
			<xs:element name="sayHelloResponse">
				<xs:complexType>
					<xs:sequence>
						<xs:element form="unqualified" name="HelloResponse" type="xs:string"/>
					</xs:sequence>
				</xs:complexType>
			</xs:element>
	</xs:schema>
  </wsdl:types>
  <wsdl:message name="sayHelloResponse">
    <wsdl:part name="sayHelloResponse" element="tns:sayHelloResponse">
    </wsdl:part>
  </wsdl:message>
  <wsdl:message name="sayHelloFaultMsg">
    <wsdl:part name="sayHelloFault" element="tns:sayHelloFault">
    </wsdl:part>
  </wsdl:message>
  <wsdl:message name="sayHelloRequest">
    <wsdl:part name="sayHelloRequest" element="tns:sayHello">
    </wsdl:part>
  </wsdl:message>
  <wsdl:portType name="HelloPTSecure">
    <wsdl:operation name="sayHello">
      <wsdl:input message="tns:sayHelloRequest"/>
      <wsdl:output message="tns:sayHelloResponse"/>
      <wsdl:fault name="fault" message="tns:sayHelloFaultMsg"/>
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="HelloPTSecureSOAP" type="tns:HelloPTSecure">
    <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
    <wsp:PolicyReference URI="#p1" wsdl:required="true" />
    <wsdl:operation name="sayHello">	    
		<soap:operation soapAction="sayHello" style="document" />
		<wsdl:input>
			<soap:body parts="sayHelloRequest" use="literal" />
		</wsdl:input>
		<wsdl:output>
			<soap:body parts="sayHelloResponse" use="literal" />
		</wsdl:output>
		<wsdl:fault name="fault">
			<soap:fault name="fault" use="literal" />
		</wsdl:fault>
    </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="HelloPTSecure">
    <wsdl:port name="HelloPTSecureSOAP" binding="tns:HelloPTSecureSOAP">
      <soap:address location="http://localhost:8080/axis2/services/HelloPTSecure"/>
    	<apwsdl:targetWSDL xmlns:ap="http://namespace.amberpoint.com/amf" 
    		xmlns:apwsdl="urn:com.amberpoint.wsdl" 
    		xmlns:xsd="http://www.w3.org/2001/XMLSchema">
				<apwsdl:URL>
					ARECQVBBRVMCX2FwXzEyOANbojNm8l03ILlTMrCUUgt8TZn7OlBZtjsUuAyYSX95HouzUU8sVohliHS2L68Q8kObxv0HyMsFroLjulOD9KHHY4Wq63IwRp+bY5JqgXmCbA==
				</apwsdl:URL>
				<apwsdl:agentID>uuid:06AA836A-3685-11DE-8E06-6914D26DAA77
				</apwsdl:agentID>
				<apwsdl:uwsID>uuid:FA53EF80-4583-11DE-8BAF-BAFA03E9AA77
				</apwsdl:uwsID>
				<apwsdl:uwsLocalname>HelloProxy1</apwsdl:uwsLocalname>
		</apwsdl:targetWSDL>
    </wsdl:port>
  </wsdl:service>
</wsdl:definitions>
 
 
-------
 
My services.xml:
 
<?xml version="1.0" encoding="UTF-8"?>
 
<serviceGroup>
	<service name="HelloPTSecure">
		<messageReceivers>
			<messageReceiver mep="http://www.w3.org/ns/wsdl/in-out"
				class="com.tibco.www.secure.HelloPTMessageReceiverInOut" />
		</messageReceivers>
		<parameter name="ServiceClass">com.tibco.www.secure.HelloPTSecureImpl</parameter>
		<parameter name="useOriginalwsdl">true</parameter>
		<parameter name="modifyUserWSDLPortAddress">true</parameter>
		<operation name="sayHello" 
			mep="http://www.w3.org/ns/wsdl/in-out"
			namespace="http://www.tibco.com/secure">
			<actionMapping>sayHello</actionMapping>
			<outputActionMapping>
				http://www.tibco.com/secure/HelloPTSecure/sayHelloResponse
			</outputActionMapping>
			<faultActionMapping faultName="fault">
				http://www.tibco.com/secure/HelloPTSecure/sayHello/Fault/fault
			</faultActionMapping>
			<faultActionMapping faultName="sayHelloFaultMsg">
				urn:sayHellosayHelloFaultMsg
			</faultActionMapping>
		</operation>
		<module ref="rampart" />
		<wsp:Policy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
			xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
			xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
			wsu:Id="p1">
			<sp:AsymmetricBinding>
				<wsp:Policy>
					<sp:InitiatorToken>
						<wsp:Policy>
							<sp:X509Token
								sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
								<wsp:Policy>
									<sp:WssX509V3Token10 />
								</wsp:Policy>
							</sp:X509Token>
						</wsp:Policy>
					</sp:InitiatorToken>
					<sp:RecipientToken>
						<wsp:Policy>
							<sp:X509Token
								sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
								<wsp:Policy>
									<sp:WssX509V3Token10 />
								</wsp:Policy>
							</sp:X509Token>
						</wsp:Policy>
					</sp:RecipientToken>
					<sp:AlgorithmSuite>
						<wsp:Policy>
							<sp:TripleDesRsa15 />
						</wsp:Policy>
					</sp:AlgorithmSuite>
				</wsp:Policy>
			</sp:AsymmetricBinding>
			<sp:Wss10>
				<wsp:Policy>
					<sp:MustSupportRefEmbeddedToken />
					<sp:MustSupportRefIssuerSerial />
				</wsp:Policy>
			</sp:Wss10>
			<sp:SignedParts>
				<sp:Body />
			</sp:SignedParts>
			<RampartConfig xmlns="http://ws.apache.org/rampart/policy">
				<user>user</user>
				<passwordCallbackClass>
					com.tibco.www.secure.client.PasswordCallbackHandler
				</passwordCallbackClass>
				<signatureCrypto>
					<crypto provider="org.apache.ws.security.components.crypto.Merlin">
						<property name="org.apache.ws.security.crypto.merlin.keystore.type">
							JKS
						</property>
						<property name="org.apache.ws.security.crypto.merlin.file">
							C:/Projects/workspace/HelloAxis2Secure/security/keystore.ks
						</property>
						<property name="org.apache.ws.security.crypto.merlin.keystore.password">
							pwd
						</property>
					</crypto>
				</signatureCrypto>
			</RampartConfig>
		</wsp:Policy>
	</service>
</serviceGroup>
 
-------
 
My rampart-config.xml:
 
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
	xmlns="http://ws.apache.org/rampart/policy">
	<RampartConfig>
		<user>dtaktst</user>
		<userCertAlias>dtaktst</userCertAlias>
		<passwordCallbackClass>
			com.ttdev.secure.client.PasswordCallbackHandler
		</passwordCallbackClass>
		<signatureCrypto>
			<crypto provider="org.apache.ws.security.components.crypto.Merlin">
				<property name="org.apache.ws.security.crypto.merlin.keystore.type">
					JKS
				</property>
				<property name="org.apache.ws.security.crypto.merlin.file">
					C:/Projects/workspace/HelloAxis2Secure/security/keystore.ks
				</property>
				<property name="org.apache.ws.security.crypto.merlin.keystore.password">
					pwd
				</property>
			</crypto>
		</signatureCrypto>
	</RampartConfig>
</wsp:Policy>
 
-----
 
My client:
 
import java.io.FileNotFoundException;
import java.rmi.RemoteException;
 
import javax.xml.stream.XMLStreamException;
 
import org.apache.axiom.om.OMElement;
import org.apache.axis2.client.Options;
 
import com.tibco.www.secure.SayHelloFaultMsg;
import com.tibco.www.secure.client.HelloPTSecureStub.SayHelloRequest;
import com.tibco.www.secure.client.HelloPTSecureStub.SayHelloResponse;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
//import org.apache.axis2.description.PolicyInclude;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
 
public class HelloPTSecureClient {
	
	Options options = null;
	
	public static void  main(String[] args) throws RemoteException, FileNotFoundException, XMLStreamException, SayHelloFaultMsg {
		/*Tell the Axis client to load configurations
		from the "repository" folder in the current
		folder (project root). Here it will find the
		module archive for rampart.*/
		ConfigurationContext context = ConfigurationContextFactory.createConfigurationContextFromFileSystem("C:/AXIS2/axis2-1.5/repository/services/HelloPTSecure/repository");
		HelloPTSecureStub stub = new HelloPTSecureStub(context,"http://localhost:1234/axis2/services/HelloPTSecure");
		stub._getServiceClient().engageModule("rampart");
		StAXOMBuilder builder = new StAXOMBuilder("rampart-config.xml");
		OMElement configElement = builder.getDocumentElement();
		Policy rampartConfig = PolicyEngine.getPolicy(configElement);
		//deprecated:
		//stub._getServiceClient().getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.SERVICE_POLICY, rampartConfig);
		//replaced with:
		stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(rampartConfig);
		SayHelloRequest request = new SayHelloRequest();
		request.setHelloRequest("Dummy");
		SayHelloResponse result = stub.sayHello(request);
		System.out.println(result);
	}
 
	public void setOptions(Options options) {
		this.options = options;		
	}
 
	public OMElement sendReceive(OMElement request) {
		//FIXME
		return request;
	}
}
 
---------
 
My PasswordCallbackHandler:
 
public class PasswordCallbackHandler implements CallbackHandler {
 
	public void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException {
		for (int i = 0; i < callbacks.length; i++) {
			WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i];
			String id = pwcb.getIdentifer();
			if (id.equals("user")) {
				pwcb.setPassword("pwd");//BAD PRACTICE - refer to a property
			}else {
				throw new UnsupportedCallbackException(callbacks[i],"check failed!");
			}
			
		}
	}
}
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:

Select allOpen in new window

 

by: mwvisa1Posted on 2009-08-11 at 13:09:47ID: 25072824

 

by: jolly_rogPosted on 2009-08-13 at 08:22:36ID: 25089400

I'm looking at my axis2.xml settings. I wasn't aware from any of my reference/tutorials I've been looking at that I had to do much there.  I'm getting AxisFault: InvalidSecurity errors now, so I'm looking at the security description in my axis2.xml. Should I just reference the services.xml and/or rampart-config.xml from there?

 

by: mwvisa1Posted on 2009-08-13 at 08:36:37ID: 25089579

Yes, it should be referenced as a module from my understanding albeit limited.

http://ws.apache.org/rampart/c/docs/configurations.html
(the above should have most of the information you need)
http://ws.apache.org/axis2/1_0/axis2config.html

Regards,
Kevin

 

by: jolly_rogPosted on 2009-08-25 at 16:29:47ID: 31610487

I had my keystore and a couple of classes in the wrong place, plus some older versions of the same jars in my lib file.

Thanks.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...