开发者

Web service client with Java application and SSL

I am developing a Java desktop application and I want to consume a web service in it. The web service requires two-way SSL connection with message level security using binarysecuritytoken开发者_如何转开发. I am using NetBeans IDE 6.9.1 with JDK 1.6.0.23 and JAX-WS as ws wrapper. How can I communicate with the ws without using any web server on client machine. Most of the stuff I read needs to have tomcat or some other web server on client machine (configuring the keystore in tomcat or so...). Is it possible to do? Please suggest some article for SSL based ws client for Java desktop application.


Here are two ways to deal with WS over SSL http://ws.apache.org/xmlrpc/ssl.html.
Correct way is to configure and use your keystore for both SE and EE solutions.
Next quick solution also works for me:

package client;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.xml.namespace.QName;

import ws.MyService1;
import ws.MyService1ServiceLocator;

public class Client {

    public static void main(String[] args) throws Exception {
        test();
    }

    public static void test() throws Exception {
        // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            public void checkClientTrusted(X509Certificate[] certs, String authType) {
                // Trust always
            }

            public void checkServerTrusted(X509Certificate[] certs, String authType) {
                // Trust always
            }
        } };
        // Install the all-trusting trust manager
        SSLContext sc = SSLContext.getInstance("SSL");
        // Create empty HostnameVerifier
        HostnameVerifier hv = new HostnameVerifier() {
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        };

        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(hv);

        // use secured service
        QName qname = new QName("http://ws", "MyService1Service");
        String url = "https://127.0.0.1:7002/MyService/wsdl/MyService1.wsdl";
        MyService1 service = new MyService1ServiceLocator(url, qname).getMyService1();
        System.out.println(service.getMessage());
    }
}


Consuming web services in JavaSE - see NetBeans tutorial

Use BindingProvider to set your properties before you invoke the service. See example of using BindingProvider here

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜