Re: [Axis2] Using custom SSLSocketFactory or ssl connection
It is all working now, it turned out to be a CipherSuite limitation in Entrust. I restricted the CipherSuite in custom SocketFactory create methods and vioa! It all works!! Thanks again, Aaron! Mahesh
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Figured it out. I thought about it too much. All needed is to create a new Protocol using the custom factory and then call Protocol.registerProtocol. So missed Axis 1.x that handles this with just one simple property :) Thanks. Shaoguang Shaoguang Cong <[EMAIL PROTECTED]> wrote: Thanks, Mahesh. I looked at it and have my test http client talking to the Axis 2 server successfully. How do you plug it into the Axis 2 client? Are you using the WSDL2Java generated stub? Shaoguang Mahesh Rachakonda <[EMAIL PROTECTED]> wrote: Shaoguang, Take a look at this web page, this has three different examples on how to implement your own SecureProtocolSocketFactory. http://jakarta.apache.org/commons/httpclient/sslguide.html Mahesh On 4/6/07, Shaoguang Cong <[EMAIL PROTECTED]> wrote: I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang - Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains. - TV dinner still cooling? Check out "Tonight's Picks" on Yahoo! TV.
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Thanks, Mahesh. I looked at it and have my test http client talking to the Axis 2 server successfully. How do you plug it into the Axis 2 client? Are you using the WSDL2Java generated stub? Shaoguang Mahesh Rachakonda <[EMAIL PROTECTED]> wrote: Shaoguang, Take a look at this web page, this has three different examples on how to implement your own SecureProtocolSocketFactory. http://jakarta.apache.org/commons/httpclient/sslguide.html Mahesh On 4/6/07, Shaoguang Cong <[EMAIL PROTECTED]> wrote: I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang - Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains.
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Shaoguang, Take a look at this web page, this has three different examples on how to implement your own SecureProtocolSocketFactory. http://jakarta.apache.org/commons/httpclient/sslguide.html Mahesh On 4/6/07, Shaoguang Cong <[EMAIL PROTECTED]> wrote: I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Hi Aaron, Thank you for your helpful note. I implemented a custom SecureProtocolSocketFactory, which was very straighforward. I unit-tested it to be creating connections alright. Then I plug it into my Axis2 client code, and I start seeing NullPointerExceptions coming from the stubs (WSDL2Java generated). I am still trying to figure out why with DEBUG and SSL trace options enabled. But it doesn't seem to be directly related to connection creation. Here is the snippet of the logs when I try to invoke an operation named "getProxyNumber". It is printing to debug (not as errors) that providers BC and JuiCE could not be added. I am not sure if they are required, as the same client works just fine without my custom factory. Have you seen anything like this before? Any helpful pointers are sincerely appreciated. Thanks, Mahesh DEBUG - Handler RequestURIBasedDispatcher added to Phase Transport DEBUG - Handler SOAPActionBasedDispatcher added to Phase Transport DEBUG - Handler AddressingBasedDispatcher added to Phase Dispatch DEBUG - Handler SOAPMessageBodyBasedDispatcher added to Phase Dispatch DEBUG - Handler InstanceDispatcher added to Phase Dispatch DEBUG - Handler RequestURIBasedDispatcher added to Phase Dispatch DEBUG - Handler SOAPActionBasedDispatcher added to Phase Dispatch DEBUG - Handler AddressingBasedDispatcher added to Phase Dispatch DEBUG - Handler SOAPMessageBodyBasedDispatcher added to Phase Dispatch DEBUG - Handler InstanceDispatcher added to Phase Dispatch DEBUG - START_DOCUMENT: DEBUG - START_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope DEBUG - Build the OMElelment EnvelopeBy the StaxSOAPModelBuilder DEBUG - START_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Header:Header DEBUG - Build the OMElelment HeaderBy the StaxSOAPModelBuilder DEBUG - END_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Header:Header DEBUG - START_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body DEBUG - Build the OMElelment BodyBy the StaxSOAPModelBuilder DEBUG - START_ELEMENT: { http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber DEBUG - Build the OMElelment getProxyNumberBy the StaxSOAPModelBuilder DEBUG - START_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0 DEBUG - Build the OMElelment in0By the StaxSOAPModelBuilder DEBUG - CHARACTERS: [372] DEBUG - END_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0 DEBUG - END_ELEMENT: { http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber DEBUG - END_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body DEBUG - END_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope DEBUG - START_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope DEBUG - Build the OMElelment EnvelopeBy the StaxSOAPModelBuilder DEBUG - START_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Header:Header DEBUG - Build the OMElelment HeaderBy the StaxSOAPModelBuilder DEBUG - END_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Header:Header DEBUG - START_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body DEBUG - Build the OMElelment BodyBy the StaxSOAPModelBuilder DEBUG - START_ELEMENT: { http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber DEBUG - Build the OMElelment getProxyNumberBy the StaxSOAPModelBuilder DEBUG - START_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0 DEBUG - Build the OMElelment in0By the StaxSOAPModelBuilder DEBUG - CHARACTERS: [372] DEBUG - END_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0 DEBUG - END_ELEMENT: { http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber DEBUG - END_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body DEBUG - END_ELEMENT: { http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope DEBUG - Canonicalizer.register( http://www.w3.org/TR/2001/REC-xml-c14n-20010315, org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments ) DEBUG - Canonicalizer.register( http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments ) DEBUG - Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#, org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments ) DEBUG - Canonicalizer.register( http://www.w3.org/2001/10/xml-exc-c14n#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments ) DEBUG - Transform.register(http://www.w3.org/2000/09/xmldsig#base64, org.apache.xml.security.transforms.implementations.TransformBase64Decode) DEBUG - Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315, org.apache.xml.security.transforms.implementations.TransformC14N) DEBUG - Transform.register( http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, org.apache.xml.security.transforms.implementations.TransformC14NWithComments ) DEBUG - Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#, org.apache.xml.security.transfor
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang aaron aston <[EMAIL PROTECTED]> wrote: I think I just did this to support self-signed certs ... Axis2 uses the Apache HttpClient instead of the 'normal' Java HttpURLConnection. You can configure a new 'https' protocol using the HttpClient API, specifying your own socket factory. Protocol protocol = new Protocol("https", new LenientSslSocketFactory(trustManagers), 443); Protocol.register("https", protocol); where LenientSslSocketFactory implements the HttpClient interface SecureProtocolSocketFactory. er ... SecureProtocolSocketFactory doesn't seem to be related to javax.net.SocketFactory at all though ... Aaron. On 5-Apr-07, at 4:39 PM, Mahesh Rachakonda wrote: I have been using Axis2 client with default JSSE to create ssl connections. Now I have a need to use Entrust certificate stores, so I can provide a JSSE SSLSocketFactory or a socket to Axis2. I am having a hard time figuring out how to go about it. I see that the previous versions (Axis) offered the following approach which is no longer available: org.apache.axis.AxisProperties.setProperty("axis.socketSecureFactory", "mypackage.MySSLSocketFactory"); Any help is sincerely appreciated. Thanks! Mahesh - Now that's room service! Choose from over 150,000 hotels in 45,000 destinations on Yahoo! Travel to find your fit.
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
I think I just did this to support self-signed certs ... Axis2 uses the Apache HttpClient instead of the 'normal' Java HttpURLConnection. You can configure a new 'https' protocol using the HttpClient API, specifying your own socket factory. Protocol protocol = new Protocol("https", new LenientSslSocketFactory (trustManagers), 443); Protocol.register("https", protocol); where LenientSslSocketFactory implements the HttpClient interface SecureProtocolSocketFactory. er ... SecureProtocolSocketFactory doesn't seem to be related to javax.net.SocketFactory at all though ... Aaron. On 5-Apr-07, at 4:39 PM, Mahesh Rachakonda wrote: I have been using Axis2 client with default JSSE to create ssl connections. Now I have a need to use Entrust certificate stores, so I can provide a JSSE SSLSocketFactory or a socket to Axis2. I am having a hard time figuring out how to go about it. I see that the previous versions (Axis) offered the following approach which is no longer available: org.apache.axis.AxisProperties.setProperty ("axis.socketSecureFactory", "mypackage.MySSLSocketFactory"); Any help is sincerely appreciated. Thanks! Mahesh
[Axis2] Using custom SSLSocketFactory or ssl connection
I have been using Axis2 client with default JSSE to create ssl connections. Now I have a need to use Entrust certificate stores, so I can provide a JSSE SSLSocketFactory or a socket to Axis2. I am having a hard time figuring out how to go about it. I see that the previous versions (Axis) offered the following approach which is no longer available: org.apache.axis.AxisProperties.setProperty("axis.socketSecureFactory", " mypackage.MySSLSocketFactory"); Any help is sincerely appreciated. Thanks! Mahesh