How to use webservices with SSL? (Tomcat and axis)
0 posts in topic
Flat View  Flat View

Posted By:   Fredrik_Andersson
Posted On:   Thursday, April 28, 2005 09:38 AM

Apache Tomcat/5.5.9 - Error report kground-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;c olor:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Aria l,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-fa mily:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family :Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:T ahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : b lack;}A.name {color : black;}HR {color : #525D76;}--> ]]> ]]> Hello! I have some problems with axis and SSL. I have set up my Tomcat 5.5.9 for SSL like: maxThreads   More>>
Apache Tomcat/5.5.9 - Error report


I have some problems with axis and SSL.

I have set up my Tomcat 5.5.9 for SSL like:


maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />

I can access it like https://localhost:8443, to me that sound like the tomcat is OK.

I have put the WebService file into the axis webappsaxis like a jws
import java.util.*;
public class SSLSoapWsdlServer
public String getPrime(String strangeString)
Calendar rightNow = Calendar.getInstance();
return "Prime time is: " + rightNow.getTime().toString();

It responds to a call from a webbrowser like https://localhost:8443/axis/SSLSoapWsdlServer.jws to me that sounds that the WebService is available. Correct me if I'm wrong!!

I have wrote a client that tries to connect to the SSLSoapWsdlServer looking like:
import java.net.*;
import org.apache.axis.client.*;
import javax.xml.namespace.*;
import javax.net.ssl.*;
import java.security.*;

public class SSLSoapWsdlClient
public SSLSoapWsdlClient()
System.setProperty("javax.net.ssl.keyStore", "client.ks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStore", "client.ts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

System.setProperty( "java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol" );
Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );

String endPointAddress = "https://localhost:8443/axis/services/SSLSoapWsdlServer";
Service service = new Service();
Call call = ( Call )service.createCall();
call.setTargetEndpointAddress( endPointAddress );
call.setOperationName( new QName("SSLSoapWsdlServer", "getPrime") );
String returned = ( String )call.invoke( new Object[] { "2isAnOddPrime" } );
System.out.println( "Soap returned: " + returned );

catch (Exception e)

public static void main(String[] args)
SSLSoapWsdlClient sslSoapWsdlClient = new SSLSoapWsdlClient();

I have created my keystores and truststores like below that seems alright to me:
set SERVER_DN="CN=Server, OU=Fredrik Andersson, O=x, L=y, S=sverige, C=se"
set CLIENT_DN="CN=Server, OU=Fredrik Andersson, O=x, L=y, S=sverige, C=se"
set KSDEFAULTS=-storepass changeit -storetype JKS
set KEYINFO=-keyalg RSA

keytool -genkey -dname %SERVER_DN% %KSDEFAULTS% -keystore server.ks %KEYINFO% -keypass changeit
keytool -export -file temp$.cer %KSDEFAULTS% -keystore server.ks
keytool -import -file temp$.cer %KSDEFAULTS% -keystore client.ts -alias serverkey -noprompt
keytool -genkey -dname %CLIENT_DN% %KSDEFAULTS% -keystore client.ks %KEYINFO% -keypass changeit
keytool -export -file temp$.cer %KSDEFAULTS% -keystore client.ks
keytool -import -file temp$.cer %KSDEFAULTS% -keystore server.ts -alias clientkey -noprompt

The error I get when I try to execute the client looks like:
log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
log4j:WARN Please initialize the log4j system properly.
faultCode: {http://xml.apache.org/axis/}HTTP
faultString: (401)Unauthorized
{}:return code: 401


HTTP Status 401 -


type Status report&l


t; description This request requires HTTP authenticat
ion ().


Apache Tomcat/5.5.9


at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:693)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:141)

at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2754)
at org.apache.axis.client.Call.invoke(Call.java:2737)
at org.apache.axis.client.Call.invoke(Call.java:2413)
at org.apache.axis.client.Call.invoke(Call.java:2336)
at org.apache.axis.client.Call.invoke(Call.java:1793)
at SSLSoapWsdlClient. (SSLSoapWsdlClient.java:27)
at SSLSoapWsdlClient.main(SSLSoapWsdlClient.java:39)
Tryck på en valfri tangent för att fortsätta...

To me this looks like I need to add some sort of login? Because when I try to access https://localhost:8443/axis/services/SSLSoapWsdlServer trough a web browser I get an login popup. I guess this means that I need som user and password set in the Tomcat config some where or what do you think? You can see how the popup looks like at: http://www.dsv.su.se/~fr-ander/loginpopup.JPG

So if you got any ideas how to solve this please let me know.

Best regards
Fredrik    <<Less
About | Sitemap | Contact