SOAP SSL + UserNameToken (Java JAX-WS)

SOAPHandler<SOAPMessageContext>
SOAPMessage soapMsg = context.getMessage();
 SOAPEnvelope soapEnv = soapMsg.getSOAPPart().getEnvelope();
 SOAPHeader soapHeader = soapEnv.getHeader();
// if no header, add one
 if (soapHeader == null) {
 soapHeader = soapEnv.addHeader();
 }
 SOAPFactory soapFactory = SOAPFactory.newInstance();
// WSSecurity <Security> header
 SOAPElement wsSecHeaderElm = soapFactory.createElement(
 SOAP_ENV_HEADER_LOCAL_NAME,
 SOAP_ENV_HEADER_PRE,
 SOAP_ENV_HEADER_XML_NS);

 SOAPElement userNameTokenElm = soapFactory.createElement(SOAP_ENV_HEADER_USERNAME_TOKEN,
 SOAP_ENV_HEADER_PRE,
 SOAP_ENV_HEADER_XML_NS);

 SOAPElement userNameElm = soapFactory.createElement(SOAP_ENV_HEADER_USERNAME_ELEMENT,
 SOAP_ENV_HEADER_PRE,
 SOAP_ENV_HEADER_XML_NS);

 userNameElm.addTextNode("UserName");
SOAPElement passwdElm = soapFactory.createElement(SOAP_ENV_HEADER_PASSWORD_ELEMENT,
 SOAP_ENV_HEADER_PRE,
 SOAP_ENV_HEADER_XML_NS);
 passwdElm.addTextNode("Password");
userNameTokenElm.addChildElement(userNameElm);
 userNameTokenElm.addChildElement(passwdElm);
// add child elements to the root element
wsSecHeaderElm.addChildElement(userNameTokenElm);
// add SOAP element for header to SOAP header object
soapHeader.addChildElement(wsSecHeaderElm);
soapMsg.saveChanges();
soapMsg.writeTo(System.out);
public final static String SOAP_ENV_HEADER_XML_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
public final static String SOAP_ENV_HEADER_LOCAL_NAME = "Security";
public final static String SOAP_ENV_HEADER_PRE = "wsse";
public final static String SOAP_ENV_HEADER_USERNAME_TOKEN = "UsernameToken";
public final static String SOAP_ENV_HEADER_USERNAME_ELEMENT = "Username";
public final static String SOAP_ENV_HEADER_PASSWORD_ELEMENT = "Password";

import javax.xml.namespace.QName;
import javax.xml.soap.SOAPElement;
 import javax.xml.soap.SOAPEnvelope;
 import javax.xml.soap.SOAPException;
 import javax.xml.soap.SOAPFactory;
 import javax.xml.soap.SOAPHeader;
 import javax.xml.soap.SOAPMessage;
 import javax.xml.ws.handler.MessageContext;
 import javax.xml.ws.handler.soap.SOAPHandler;
 import javax.xml.ws.handler.soap.SOAPMessageContext;
import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

@WebServiceClient(name = "XMLWayService",
 wsdlLocation = "xmls.wsdl",
 targetNamespace = "http://xmlservice.com")
 @HandlerChain(file = "handler-chain.xml")
 public class XMLService extends Service {
// this doesn't work with jboss eap 6.1
//System.setProperty("javax.xml.bind.JAXBContext",
// "com.sun.xml.internal.bind.v2.ContextFactory");  
 System.setProperty("javax.net.ssl.keyStore", SOAP_KEYSTORE);
 System.setProperty("javax.net.ssl.keyStorePassword", SOAP_KEYSTORE_PASSWORD);
 System.setProperty("javax.net.ssl.trustStore", SOAP_KEYSTORE);
 System.setProperty("javax.net.ssl.trustStorePassword", SOAP_KEYSTORE_PASSWORD);

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <javaee:handler-chains
 xmlns:javaee="http://java.sun.com/xml/ns/javaee"
 xmlns:xsd="http://www.w3.org/2001/XMLSchema">
 <javaee:handler-chain>
 <javaee:handler>
 <javaee:handler-class>UserNameTokenInjectHandler</javaee:handler-class>
 </javaee:handler>
 </javaee:handler-chain>
 </javaee:handler-chains>
mvn dependency:tree

 

 

keytool -genkey -alias svs -keyalg RSA -keystore keystore.jks -keysize 2048
Run as JVM parameter in JUnit eclipse
 -Djavax.net.debug=ssl,trustmanager -Djava.net.preferIPv4Stack=true

 

Notes:
-Djavax.net.ssl.keyStore=keystore.jks

http://stackoverflow.com/questions/6908948/java-sun-security-provider-certpath-suncertpathbuilderexception-unable-to-find

maybe cert changed?

http://code.naishe.in/2011/07/looks-like-article-no-more-unable-to.html
http://magicmonster.com/kb/prg/java/ssl/pkix_path_building_failed.html
keytool -list -v -keystore keystore.jks > java_cacerts.txt

keytool -list -v -keystore keystore.jks > java_cacerts.txt

keytool -import -alias example -keystore keystore.jks -file site.der
keytool -import -alias example -keystore keystore.jks -file root.cer

http://stackoverflow.com/questions/14162159/supplying-a-different-version-of-jaxb-for-jax-ws-in-java-1-6

with jaxws-api.jar added to lib/endorsed
System.setProperty(“javax.xml.bind.JAXBContext”,
“com.sun.xml.internal.bind.v2.ContextFactory”);
https://jaxb.java.net/guide/Migrating_JAXB_2_0_applications_to_JavaSE_6.html

-Djavax.net.debug=ssl,trustmanager

 

http://anonsvn.jboss.org/repos/jbossws/stack/cxf/branches/wstrust/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustTestCase.java
http://docs.jboss.org/jbossweb/7.0.x/ssl-howto.html#Download and Install JSSE
https://confluence.atlassian.com/display/JIRAKB/Unable+to+Connect+to+SSL+Services+due+to+PKIX+Path+Building+Failed+sun.security.provider.certpath.SunCertPathBuilderException

standalone.bat

jboss/standalone.conf

https://community.jboss.org/wiki/JBossWS-AS7FAQ
https://community.jboss.org/thread/169148?tstart=0
http://middlewaremagic.com/jboss/?tag=cxf
https://docs.jboss.org/author/display/JBWS/JAX-WS+Tools

jboss-eap-6binwsconsume -k myservice.wsdl

May want:
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.1.2</version>
</dependency>

<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.1</version>
</dependency>

Leave a Reply