axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kelvin Lin <kelvin_q_...@yahoo.com>
Subject Re: How to create a SSL client to support https
Date Mon, 09 Jul 2007 08:18:51 GMT
Hi Dumindu,
   
  Sorry for reply later.
   
  I followed your suggesttion, but it still failed.
   
  1st, I commented the following statement.
   
   //axis2_options_set_soap_version(options, env, AXIOM_SOAP12);
 //axis2_options_set_transport_in_protocol(options, env, AXIS2_TRANSPORT_ENUM_HTTP);
  
so let Axis2/C choose correct protocol automatelly.
   
  2nd, I wrote axis2.xml like:
   
      <transportSender name="https" class="axis2_http_sender">
        <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
    </transportSender>
    <!--<parameter name="SERVER_CERT">E:\Project\VS8\Axis2_prototype\debug\TrustList.pem</parameter>
    <parameter name="KEY_FILE">/path/to/client/certificate/chain/file</parameter>
    <parameter name="SSL_PASSPHRASE">passphrase</parameter>
    -->
   
  3rd, I set the just one parameter of "server_cert" in the codes:
   
   axutil_property_t *ssl_ca_file = axutil_property_create(env);
 axutil_property_set_value(ssl_ca_file, env,
  axutil_strdup(env, "E:\\Project\\VS8\\Axis2_prototype\\debug\\TrustList.pem"));
 axis2_options_set_property(options, env, "SERVER_CERT", ssl_ca_file);
   
  How I judge it failed?
   
  Because I followed the one tutorial to build a web service server by myself, http://publib.boulder.ibm.com/infocenter/wsadhelp/v5r1m2/index.jsp?topic=/com.ibm.etools.webservice.was.creation.ui.doc/samples/sstockq.html,
using WebShpere v5.1, and sent a simple soap message to the server via https protocol. But
there is nothing erroe messages displayed in the server concole. (If the server receives some
soap message (correct or wrong), it will display some error messages in the concole. Pls.
refer to my new reply of my another proplem email, named "How to get ordered namespace sequence,
about the function "axutil_hash_find_entry"")
   
  I used gsoap to create a message which was sent to web service server via https protocol,
and whatever message is correct or not, the concole will display something.
   
  Then I commented the explicitly setting property in the program and set them in the axis2.xml
like:
   
      <transportSender name="https" class="axis2_http_sender">
        <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
    </transportSender>
    <parameter name="SERVER_CERT">E:\Project\VS8\Axis2_prototype\debug\TrustList.pem</parameter>
    <parameter name="KEY_FILE">E:\Project\VS8\Axis2_prototype\debug\TrustList.pem</parameter>
    <parameter name="SSL_PASSPHRASE">passphrase</parameter>
   
  But it still no any effects.
   
  How should I do?
   
  By the way, in this web page: http://people.apache.org/~dumindu/HowToConfigureSSL.html,
I have two suggests,
   
  1st, you still use axis2/c v0.96 api, like:
   

ssl_ca_file = axis2_property_create(env);  AXIS2_PROPERTY_SET_VALUE(ssl_ca_file, env,    axis2_strdup("/home/dumindu/dummyCA/demoCA/cacert.pem",
env));  AXIS2_OPTIONS_SET_PROPERTY(options, env, "SERVER_CERT", ssl_ca_file);
   
  2nd, You can find the complete sample code here. There is no link when clicking "here".
   
  
Dumindu Pallewela <dumindu@wso2.com> wrote:
  Hi Kelvin,

Find my comments inline.

Kelvin Lin wrote:
> Hi all,
> 
> But it failed in my environment, because I can't find some apis and 
> variable name at all, like axis2_property_t and AXIS2_OPTIONS_SET_PROPERTY.

Those instructions were intended for v0.96. Since v1.0 the util 
declarations were renamed with a axutil_ prefix and the macros were 
dropped. Hence these should be axutil_property_t and 
axis2_options_set_property respectively.

> I used official version axis2c-src-1.0.0 and changed axis2.xml like:
> 
> 
> 
HTTP/1.1

> 
> 
/path/to/ca/certificate

> > name="KEY_FILE">/path/to/client/certificate/chain/file

>     
passphrase

>     -->

This is all you need in order to get ssl working, usually. :)

> At the same time, I called following apis in my program:
> 
> axis2_options_set_soap_version(options, env, AXIOM_SOAP12);
> axis2_options_set_transport_in_protocol(options, env, 
> AXIS2_TRANSPORT_ENUM_HTTPS);

Axis2 engine should set the appropriate protocols according to the epr 
that you use. For example for a https endpoint, axis2 engine would look 
at the https://.... uri and understand that the protocol that should be 
used is https. In particular, setting transport_in protocol is not 
useful if you are not using different ports to send and receive messages 
(dual client).

> But the server I built by myself didn't have any response and get error 
> code 82, Input stream is NULL in msg_ctx.

That is because our simple_axis_server is not capable of handling ssl. 
Please refer to the axis2 manual [1] for more information on deploying 
axis2 in apache2 server. Make sure to have mod_ssl installed.

> What apis should I call to support https and how to config axis2.xml to 
> specify pem file both under needing authentication and no needing 
> authentication?

There are three properties that are related to ssl transport, 
SERVER_CERT, KEY_FILE and SSL_PASSPHRASE. Please refer to [2] for more 
information on each.

This is how you set the SERVER_CERT for expample:

axutil_property_t ssl_ca_file = axutil_property_create(env);
axutil_property_set_value(ssl_ca_file, env,
axutil_strdup(env, "/home/dumindu/dummyCA/demoCA/cacert.pem"));
axis2_options_set_property(options, env, "SERVER_CERT", ssl_ca_file);

You can set the other three properties accordingly, too. These 
properties however, are *not needed* to be set in the code, if you can 
set them in axis2.xml.

Tutorial [2] was written a while back, so there can be a few errors. 
Please let me know if you find any :)

Regards,
Dumindu.

[1] http://ws.apache.org/axis2/c/docs/axis2c_manual.html#mod_axis2
[2] http://people.apache.org/~dumindu/HowToConfigureSSL.html

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org



 
---------------------------------
It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar.
       
---------------------------------
Park yourself in front of a world of choices in alternative vehicles.
Visit the Yahoo! Auto Green Center.
Mime
View raw message