Re: [Axis2] Using custom SSLSocketFactory or ssl connection
It is all working now, it turned out to be a CipherSuite limitation in Entrust. I restricted the CipherSuite in custom SocketFactory create methods and vioa! It all works!! Thanks again, Aaron! Mahesh
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Figured it out. I thought about it too much. All needed is to create a new Protocol using the custom factory and then call Protocol.registerProtocol. So missed Axis 1.x that handles this with just one simple property :) Thanks. Shaoguang Shaoguang Cong <[EMAIL PROTECTED]> wrote: Thanks, Mahesh. I looked at it and have my test http client talking to the Axis 2 server successfully. How do you plug it into the Axis 2 client? Are you using the WSDL2Java generated stub? Shaoguang Mahesh Rachakonda <[EMAIL PROTECTED]> wrote: Shaoguang, Take a look at this web page, this has three different examples on how to implement your own SecureProtocolSocketFactory. http://jakarta.apache.org/commons/httpclient/sslguide.html Mahesh On 4/6/07, Shaoguang Cong <[EMAIL PROTECTED]> wrote: I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang - Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains. - TV dinner still cooling? Check out "Tonight's Picks" on Yahoo! TV.
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Thanks, Mahesh. I looked at it and have my test http client talking to the Axis 2 server successfully. How do you plug it into the Axis 2 client? Are you using the WSDL2Java generated stub? Shaoguang Mahesh Rachakonda <[EMAIL PROTECTED]> wrote: Shaoguang, Take a look at this web page, this has three different examples on how to implement your own SecureProtocolSocketFactory. http://jakarta.apache.org/commons/httpclient/sslguide.html Mahesh On 4/6/07, Shaoguang Cong <[EMAIL PROTECTED]> wrote: I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang - Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains.
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Shaoguang, Take a look at this web page, this has three different examples on how to implement your own SecureProtocolSocketFactory. http://jakarta.apache.org/commons/httpclient/sslguide.html Mahesh On 4/6/07, Shaoguang Cong <[EMAIL PROTECTED]> wrote: I'm trying to solve the same problem. Could you post your LenientSslSocketFactory class? I'd like to know how you associate it with the trustManagers. Thanks. Shaoguang
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
Hi Aaron,
Thank you for your helpful note. I implemented a custom
SecureProtocolSocketFactory, which was very straighforward. I unit-tested it
to be creating connections alright. Then I plug it into my Axis2 client
code, and I start seeing NullPointerExceptions coming from the stubs
(WSDL2Java generated). I am still trying to figure out why with DEBUG and
SSL trace options enabled. But it doesn't seem to be directly related to
connection creation. Here is the snippet of the logs when I try to invoke an
operation named "getProxyNumber".
It is printing to debug (not as errors) that providers BC and JuiCE could
not be added. I am not sure if they are required, as the same client works
just fine without my custom factory.
Have you seen anything like this before? Any helpful pointers are sincerely
appreciated.
Thanks,
Mahesh
DEBUG - Handler RequestURIBasedDispatcher added to Phase Transport
DEBUG - Handler SOAPActionBasedDispatcher added to Phase Transport
DEBUG - Handler AddressingBasedDispatcher added to Phase Dispatch
DEBUG - Handler SOAPMessageBodyBasedDispatcher added to Phase Dispatch
DEBUG - Handler InstanceDispatcher added to Phase Dispatch
DEBUG - Handler RequestURIBasedDispatcher added to Phase Dispatch
DEBUG - Handler SOAPActionBasedDispatcher added to Phase Dispatch
DEBUG - Handler AddressingBasedDispatcher added to Phase Dispatch
DEBUG - Handler SOAPMessageBodyBasedDispatcher added to Phase Dispatch
DEBUG - Handler InstanceDispatcher added to Phase Dispatch
DEBUG - START_DOCUMENT:
DEBUG - START_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope
DEBUG - Build the OMElelment EnvelopeBy the StaxSOAPModelBuilder
DEBUG - START_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Header:Header
DEBUG - Build the OMElelment HeaderBy the StaxSOAPModelBuilder
DEBUG - END_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Header:Header
DEBUG - START_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body
DEBUG - Build the OMElelment BodyBy the StaxSOAPModelBuilder
DEBUG - START_ELEMENT: {
http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber
DEBUG - Build the OMElelment getProxyNumberBy the StaxSOAPModelBuilder
DEBUG - START_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0
DEBUG - Build the OMElelment in0By the StaxSOAPModelBuilder
DEBUG - CHARACTERS: [372]
DEBUG - END_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0
DEBUG - END_ELEMENT: {
http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber
DEBUG - END_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body
DEBUG - END_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope
DEBUG - START_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope
DEBUG - Build the OMElelment EnvelopeBy the StaxSOAPModelBuilder
DEBUG - START_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Header:Header
DEBUG - Build the OMElelment HeaderBy the StaxSOAPModelBuilder
DEBUG - END_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Header:Header
DEBUG - START_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body
DEBUG - Build the OMElelment BodyBy the StaxSOAPModelBuilder
DEBUG - START_ELEMENT: {
http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber
DEBUG - Build the OMElelment getProxyNumberBy the StaxSOAPModelBuilder
DEBUG - START_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0
DEBUG - Build the OMElelment in0By the StaxSOAPModelBuilder
DEBUG - CHARACTERS: [372]
DEBUG - END_ELEMENT: {http://cc.proxy.mydomain.com}in0:in0
DEBUG - END_ELEMENT: {
http://cc.proxy.mydomain.com}getProxyNumber:getProxyNumber
DEBUG - END_ELEMENT: {http://schemas.xmlsoap.org/soap/envelope/}Body:Body
DEBUG - END_ELEMENT: {
http://schemas.xmlsoap.org/soap/envelope/}Envelope:Envelope
DEBUG - Canonicalizer.register(
http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments
)
DEBUG - Canonicalizer.register(
http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments
)
DEBUG - Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments
)
DEBUG - Canonicalizer.register(
http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments
)
DEBUG - Transform.register(http://www.w3.org/2000/09/xmldsig#base64,
org.apache.xml.security.transforms.implementations.TransformBase64Decode)
DEBUG - Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
org.apache.xml.security.transforms.implementations.TransformC14N)
DEBUG - Transform.register(
http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
org.apache.xml.security.transforms.implementations.TransformC14NWithComments
)
DEBUG - Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#,
org.apache.xml.security.transfor
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
I'm trying to solve the same problem. Could you post your
LenientSslSocketFactory class? I'd like to know how you associate it with the
trustManagers.
Thanks.
Shaoguang
aaron aston <[EMAIL PROTECTED]> wrote:
I think I just did this to support self-signed certs ... Axis2 uses the
Apache HttpClient instead of the 'normal' Java HttpURLConnection. You can
configure a new 'https' protocol using the HttpClient API, specifying your own
socket factory.
Protocol protocol = new Protocol("https", new
LenientSslSocketFactory(trustManagers), 443);
Protocol.register("https", protocol);
where LenientSslSocketFactory implements the HttpClient interface
SecureProtocolSocketFactory.
er ... SecureProtocolSocketFactory doesn't seem to be related to
javax.net.SocketFactory at all though ...
Aaron.
On 5-Apr-07, at 4:39 PM, Mahesh Rachakonda wrote:
I have been using Axis2 client with default JSSE to create ssl connections.
Now I have a need to use Entrust certificate stores, so I can provide a JSSE
SSLSocketFactory or a socket to Axis2. I am having a hard time figuring out how
to go about it. I see that the previous versions (Axis) offered the following
approach which is no longer available:
org.apache.axis.AxisProperties.setProperty("axis.socketSecureFactory",
"mypackage.MySSLSocketFactory");
Any help is sincerely appreciated. Thanks!
Mahesh
-
Now that's room service! Choose from over 150,000 hotels
in 45,000 destinations on Yahoo! Travel to find your fit.
Re: [Axis2] Using custom SSLSocketFactory or ssl connection
I think I just did this to support self-signed certs ... Axis2 uses
the Apache HttpClient instead of the 'normal' Java
HttpURLConnection. You can configure a new 'https' protocol using
the HttpClient API, specifying your own socket factory.
Protocol protocol = new Protocol("https", new LenientSslSocketFactory
(trustManagers), 443);
Protocol.register("https", protocol);
where LenientSslSocketFactory implements the HttpClient interface
SecureProtocolSocketFactory.
er ... SecureProtocolSocketFactory doesn't seem to be related to
javax.net.SocketFactory at all though ...
Aaron.
On 5-Apr-07, at 4:39 PM, Mahesh Rachakonda wrote:
I have been using Axis2 client with default JSSE to create ssl
connections. Now I have a need to use Entrust certificate stores,
so I can provide a JSSE SSLSocketFactory or a socket to Axis2. I am
having a hard time figuring out how to go about it. I see that the
previous versions (Axis) offered the following approach which is no
longer available:
org.apache.axis.AxisProperties.setProperty
("axis.socketSecureFactory", "mypackage.MySSLSocketFactory");
Any help is sincerely appreciated. Thanks!
Mahesh
[Axis2] Using custom SSLSocketFactory or ssl connection
I have been using Axis2 client with default JSSE to create ssl connections.
Now I have a need to use Entrust certificate stores, so I can provide a JSSE
SSLSocketFactory or a socket to Axis2. I am having a hard time figuring out
how to go about it. I see that the previous versions (Axis) offered the
following approach which is no longer available:
org.apache.axis.AxisProperties.setProperty("axis.socketSecureFactory", "
mypackage.MySSLSocketFactory");
Any help is sincerely appreciated. Thanks!
Mahesh
