Use the Commons HttpClients and It will works.
On Thu, 02 Sep 2004 10:08:35 +0100, Steve Webbo <[EMAIL PROTECTED]> wrote:
> Hi All,
>
> This is driving me insane....I have a java web-service based on Axis running
> under Websphere v4 and IBM HTTP Server (aka Apache).
>
> I have configured SSL on the web server and this works fine. I now want to
> go one step further and configure the web-server for client certification
> based authentication. I have confuigured the web-server to require a client
> certificate and proven this to be working by querying my web-service via my
> browser, passing the appropriate certificate.
>
> Now I want to code my java client application to do the same thing. I
> started out the same way, got the Axis client working under plain old SSL -
> No problem. But I cannot get the client to pass the certificate to the
> web-server. This means I keep getting 403 forbidden errors. To further
> prove this I can see "Client did not supply a certificate" in the web server
> error log.
>
> I have read lots of posts around setting System properties to define
> keystores and passwords etc but still cannot get it to work. Based on the 2
> examples below I have come to the conclussion that it is the process of
> telling Axis where to look for the keystore is the problem as I did a basic
> URL reader application that just uses java.net.URL to read the results of
> the web-service and that works fine.
>
> Please help...I really don't have any clues left.
>
> I'm using the IBM JSSE implementation as to try and overide that with the
> Sun JSSE within websphere is also near on impossible.
>
> Thanks in advance,
>
> WEBBO
>
> Code snippets:
>
> ==== THIS WORKS =====
>
>
> System.setProperty("javax.net.ssl.keyStore","c:\\client-keys.jks");
>
> System.setProperty("javax.net.ssl.keyStorePassword","mypassword");
>
> System.setProperty("java.protocol.handler.pkgs",
> "com.ibm.net.ssl.internal.www.protocol");
> Security.addProvider(new com.ibm.jsse.JSSEProvider());
>
> URL url = new
> URL("https://myserver.com/servlet/myService?method=test";);
> BufferedReader in = new BufferedReader(
> new InputStreamReader(
> url.openStream()));
>
> String inputLine;
>
> while ((inputLine = in.readLine()) != null)
> System.out.println(inputLine);
>
> in.close();
>
> ==== THIS DOESN'T ====
>
> String endpoint =
> "https://myserver.com/service/myService?method=test";;
>
>
> System.setProperty("javax.net.ssl.keyStore","c:\\client-keys.jks");
>
> System.setProperty("javax.net.ssl.keyStorePassword","mypassword");
> System.setProperty("java.protocol.handler.pkgs",
> "com.ibm.net.ssl.internal.www.protocol");
> Security.addProvider(new com.ibm.jsse.JSSEProvider());
>
> System.out.println("Creating my temp URL Object");
> URL tURL = new URL (endpoint);
> System.out.println ("Done");
>
> Service service = new Service();
> Call call = (Call) service.createCall();
>
> call.setTargetEndpointAddress(tURL);
>
> QName qn = new QName( "http://me.com";, "myType" );
> call.registerTypeMapping(WebspherePlatform.class, qn,
> new
> org.apache.axis.encoding.ser.BeanSerializerFactory
> (WebspherePlatform.class, qn),
> new
> org.apache.axis.encoding.ser.BeanDeserializerFactory
> (WebspherePlatform.class, qn));
> call.setOperationName("getMyDetails");
>
> myType ty = (myType) call.invoke(new Object[] {});
>
> _________________________________________________________________
> Want to block unwanted pop-ups? Download the free MSN Toolbar now!
> http://toolbar.msn.co.uk/
>
>
