Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

how to call web services from Struts framework 1.1

Posted on 2013-06-13
14
Medium Priority
?
520 Views
Last Modified: 2013-11-12
Dear Team,

We created a test project (Java project and Server is Tomcat Apache)  to call a web services using axis client and its running perfectly. .

But the same code is not working into our development scenario( i.e. web based project -having Framework -Struts 1.1 and server-IBM Web sphere V8.0 ) where we are trying to call the same web services using Axis client. We are getting an error.
"Exception in thread "main" java.lang.NoClassDefFoundError: sun.security.provider.Sun" .

What extra jar files we imported in Java project the same we imported here in our development application.

Please find the attached sample code and guide us ASAP.

Regards,
Kalpana
Need-Help-Web-services.zip
0
Comment
Question by:vbalajittl
  • 9
  • 5
14 Comments
 
LVL 36

Expert Comment

by:mccarl
ID: 39246474
The problem is that the SocketFactory that you are trying to use (org.apache.axis.components.net.SunFakeTrustSocketFactory) refers to the class in question (sun.security.provider.Sun) explicitly. Now that class is available in the JRE that you are using with Tomcat but under IBM Websphere it isn't.


Have you tried writing your own SocketFactory implementation, to ignore certificates but not using specific Sun classes. The below is one that I found on a quick Google search...
import java.io.IOException;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;

public class FakeSSLSocketFactory extends SSLSocketFactory {
    SSLContext sslContext = SSLContext.getInstance("TLS");

   public FakeSSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(truststore);

       TrustManager tm = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

           public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

           public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        };

       sslContext.init(null, new TrustManager[] {
            tm }, null);
    }

   public static SSLSocketFactory getInstance() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        return new SSLSocketFactory(new TrustStrategy() {
            public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
                return true;
            }
       }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    }

   @Override
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException {
        return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose);
    }

   @Override
    public Socket createSocket() throws IOException {
        return sslContext.getSocketFactory().createSocket();
    }
}

Open in new window

0
 

Author Comment

by:vbalajittl
ID: 39247199
Dear User,
Thanks for you immediate reply on our issue.
We copied this program and pasted into our development. We added one jar
 apache-httpcomponents-httpclient.jar but still giving some errors.
Pls go thro' the attached and guide us, refer both sub sheet(Error and Program we used)

Regards,
Kalpana
Error-we-got.xlsx
0
 
LVL 36

Expert Comment

by:mccarl
ID: 39247804
The code I gave you is correct, those errors are due to the changes that you have made. Make sure that you add the apache httpclient jar that is at least version 4.1 (and it's dependencies)
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:vbalajittl
ID: 39250986
Hi,
We removed the comments from the original code and updated the jar as you suggested.
But still facing the same issue. Pls refer the attached and guide us.
Is there any other way to call web service?FYI, We don't have IBM HTTP Server.


Regards,
Kalpana
Error-we-got-15-Jun-2013.xlsx
0
 
LVL 36

Expert Comment

by:mccarl
ID: 39251114
Again, still NOT the code that I gave you.... And again, the errors are the result. Just Copy and Paste the ENTIRE code that I have you into a file called FakeSSLSocketFactory.java (and set your package correctly if you want in a specific package)

As just one example, your code has some TODO lines but if you look above, no where will you find the word TODO.
0
 

Author Comment

by:vbalajittl
ID: 39252730
Hi,
Your current class working properly, we don't want to use SSL certificate and its still showing error about the SSL Certificate. Is there any method so we can access this web service without any client authentication or without SSL certificate?

Please help us and refer the attached.

Regards,
Kalpana
Error-and-code-17-jun-2013.xlsx
0
 
LVL 36

Accepted Solution

by:
mccarl earned 1500 total points
ID: 39253099
You have a few setProperty lines in your client (most commented out), are you still using the one where you set "axis.socketSecureFactory"? Try the lines where you set System.setProperty for "ssl.SocketFactory.provider" and "ssl.ServerSocketFactory.provider" (the second one there is probably not really necessary, but try it anyway).
0
 

Author Comment

by:vbalajittl
ID: 39256471
Hi,

We already tried these commented lines of code, same error message displayed that I already share you on yesterday. I already tried to set those system properties but it wont work.


Thanks,
Kalpana
0
 
LVL 36

Expert Comment

by:mccarl
ID: 39258439
Are you sure when you tried setting the other system properties that the changes were properly applied? Because at worst you should have received a "different" error message. If you received the same AxisProperties error "XXXX doesn't implement YYYY" then the code mustn't have changed because it was still trying to set the AxisProperties.

Oh, unless I wasn't clear, I meant to use ONLY the System.setProperty lines ie. have the AxisProperties.setProperty line commented out, you don't need that one!

Otherwise, I am at a loss... And I can't really debug further as I don't have YOUR actual environment!
0
 

Author Comment

by:vbalajittl
ID: 39269250
Hi,

Thanks for your replay,

See, when we set AxisProperties.setProperty then it gives error message like "XXXX doesn't implement YYYY" but if we set System.setProperty then it just give SSL certificate error. We use your above code with AxisProperties.setProperty and it works properly because this time it not give error like "XXXX doesn't implement YYYY".

I have read about IBM WAS server, they have there own Jre means they customize the whole jre, they dont support some security classes that default provided by Oracle Jre.

Thats why I also tried the IBM Class that they are used in AXIS jar.

---> AxisProperties.setProperty("axis.socketSecureFactory",
                              "org.apache.axis.components.net.IBMFakeTrustSocketFactory");

But its didn't work its also display SSL Certificate error.

At the end, when any program executes properly it will ask for SSL Certificate.

Is there any way, we can run our program without any SSL Certificate, because we are using IBM Web application server not IBM HTTP server.

On the net I have read all the SSL configuration/settings is available for the IBM HTTP server and not for the IBM application server.


Thanks,
Kalpana
0
 

Author Comment

by:vbalajittl
ID: 39643718
I've requested that this question be closed as follows:

Accepted answer: 0 points for vbalajittl's comment #a39269250

for the following reason:

This solution helped us
0
 

Author Comment

by:vbalajittl
ID: 39640997
Hello team,
With the help of last suggestion and we did some configuration setting in WAS for certificate we got the expected solution.




Regards,
Kalpana
0
 

Author Comment

by:vbalajittl
ID: 39640999
Thanks

Regards,
Kalpana
0
 

Author Closing Comment

by:vbalajittl
ID: 39643719
It helped us to achieve the solution.


Regards,
Kalpana
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since I am currently running into this issue right now as I type this, I though I would share my experiences with moving a ModX Revolution site from one server to another.  It is not an easy task, but can be accomplished rather easily. The first …
Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses
Course of the Month10 days, 18 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question