axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stocker, Walter" <Walter.Stoc...@t-systems.com>
Subject AW: ssl connections
Date Thu, 12 Sep 2002 13:09:09 GMT
Hi,

maybe the "Web Services Over SSL - HOW TO" from Pankaj Kumar helps:

	http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html

Also, you can look up the following article in JavaWorld:

	Construct secure networked applications with certificates
	http://www.javaworld.com/javaworld/jw-01-2001/jw-0112-howto_p.html

The following link is not about Axis, but it helped me understanding
SOAP over HTTPS:

	Introduction to SOAP using Apache SOAP 2.1 for Java
	http://www.eneris.com/~pablo/soapintro

cu	

                                                                     
 Dipl. Inform. (FH) Walter Stocker
 T-Systems International GmbH
 Software Developer
 System Integration
 Address: Memmelsdorfer Str. 209a, 96052 Bamberg
 Phone: +49 (09 51) 40 97 - 1 46
 Fax: +49 (09 51) 40 97 - 2 00
 E-Mail: mailto:Walter.Stocker@t-systems.com
 Internet: http://www.t-systems.com
                                                                     


> -----Ursprungliche Nachricht-----
> Von: R.Shimamura [mailto:shimamura@mbg.nifty.com]
> Gesendet am: Donnerstag, 12. September 2002 15:04
> An: axis-user@xml.apache.org
> Betreff: ssl connections
> 
> The method of ssl connection is still looked for.
> 
> Is it good only at change of a java.security file
> 
> Is it what may not add information to cacerts?
> 
> I changed into the following method.
> 
> java.security
> ________________________________________
> 
> security.provider.1=sun.security.provider.Sun
> //security.provider.2=com.sun.net.ssl.internal.ssl.Provider
> //security.provider.3=com.sun.rsajca.Provider
> security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> security.provider.4=com.sun.crypto.provider.SunJCE
> security.provider.5=sun.security.jgss.SunProvider
> 
> Development environment
> java1.4.0_01
> Tomcat 4.0.4
> 
> 
> 
> 
> shimamura
> 
> 
> >thankyou for anser
> 
> >but this is not working tomcat4.04
> 
> >Look for other methods.
> 
> ?thank you for Stocker
> 
> >shimamura
> 
> 
> 
> 
> Hi,
> 
> >
> > security.provider.1=sun.security.provider.Sun
> > security.provider.2=com.sun.net.ssl.internal.ssl.Provider
> > security.provider.3=com.sun.rsajca.Provider
> > security.provider.4=com.sun.crypto.provider.SunJCE
> > security.provider.5=sun.security.jgss.SunProvider
> >
> > Is it that it is good only by changing a number?
> 
> With changing the number you change the order java uses the
> security providers. it should work. be sure, to change the 
> TWO java.security
> files.
> 
> >
> >
> >
> > Hello Shimamura,
> >
> > Change the java.security file in your java runtime
> > environment. Running on
> > Win OS
> > with jdk1.3.1 the default location is
> >
> > C:\Program Files\JavaSoft\Jre\1.3.1\lib\security\java.security
> >
> > Add the following line to the file:
> >
> > security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> >
> > Do the same changes to the java.security of your java
> > development environment
> > JRE. On my
> > OS the location is
> >
> > E:\jdk1.3.1\jre\lib\security\java.security
> >
> > Do not add java.protocol.handler.pkgs =
> > com.sun.net.ssl.internal.www.protocol
> >
> > to the java.security files. I think this doesn't work.
> >
> > Set the system property java.protocol.handler.pkgs with a
> > option to the java
> > virtual machine
> > (e. g. java
> > -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol)
> > or in the initialisation routine of your program
> > (e.g. System.setProperty("java.protocol.handler.pkgs",
> > "com.sun.net.ssl.internal.www.protocol").
> >
> > Now you are able to use https-URLS
> > (e. g.
> > https://www.youraxisserver.com/services/youraxisservice) to invoke
> > methods
> > on your service. Maybe you have to change the service url in
> > your wsdl-file
> > and/or
> > program.
> >
> > Add the jsse-libraries (jsse.jar, jcert.jar, jnet.jar) to
> > your classpath.
> >
> > Normally no more changes are necessary. The above settings do
> > the following:
> >
> > The setting in java.security files make the security 
> provider for jsse
> > available.
> > The setting of the system property installs a handler for the
> > use with https
> > urls.
> > As invoking a service, axis checks if the https protocol in
> > the url is used.
> > If
> > so, it gets a secure socket (by default with JSSE). Otherwise
> > it gets a
> > normal
> > socket connection. So no more changes in the code are necessary.
> >
> > BTW if your using JDK1.4 the settings are little different,
> > because JSSE is
> > included in the jdk and no extra classpath settings etc. are
> > necessary.
> >
> > Hope this answers some of your questions. cya
> >
> >
> >  Dipl. Inform. (FH) Walter Stocker
> >  T-Systems International GmbH
> >  Software Developer
> >  System Integration
> >  Address: Memmelsdorfer Str. 209a, 96052 Bamberg
> >  Phone: +49 (09 51) 40 97 - 1 46
> >  Fax: +49 (09 51) 40 97 - 2 00
> >  E-Mail: mailto:Walter.Stocker@t-systems.com
> >  Internet: http://www.t-systems.com
> >
> >
> >
> > > -----Ursprungliche Nachricht-----
> > > Von: bs-rshimamura@bs.core.nttdata.co.jp
> > > [mailto:bs-rshimamura@bs.core.nttdata.co.jp]
> > > Gesendet am: Mittwoch, 11. September 2002 10:14
> > > An: axis-user@xml.apache.org
> > > Betreff: RE: ssl connections
> > >
> > >
> > >
> > > Please tell me how to use java.security file
> > >
> > > It changed as follows.
> > >
> > > security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> > > java.protocol.handler.pkgs = com.sun.net.ssl.internal.www.protocol
> > >
> > > Are a setup of a server and programming unnecessary?
> > >
> > >
> > > shimamura
> > >
> > > -----Original Message-----
> > > From: ?g?o?eo -3?e
> > > Sent: Monday, September 09, 2002 3:14 PM
> > > To: axis-user@xml.apache.org
> > > Subject: RE: ssl connections
> > >
> > >
> > > thank you for
> > > Stocker and Jayaraman .
> > >
> > > i try to test.
> > >
> > > Try, if a setup of SSL communication finishes.
> > > because it has not finished yet.
> > >
> > >
> > > -----Original Message-----
> > > From: Jayaraman Dorai [mailto:jayaraman@Wellogic.com]
> > > Sent: Saturday, September 07, 2002 7:16 AM
> > > To: axis-user@xml.apache.org
> > > Subject: RE: ssl connections
> > >
> > >
> > > What needs to be done to make sure,  I don't have to set
> > > javax.net.ssl.trustStore  programmatically. What does is 
> it mean by
> > > "environment with non-standard keystores"? I have cacerts in
> > > the security
> > > directory of JRE.
> > >
> > > > BTW You do not have to set the javax.net.ssl.trustStore and
> > > other ssl
> > > related
> > > > system properties unless you have a environment with 
> non-standard
> > > keystores
> > > > (cacerts in security directory of JRE).
> > >
> > > -----Original Message-----
> > > From: Sudhir [mailto:sudhir@infolead.com]
> > > Sent: Friday, September 06, 2002 5:52 PM
> > > To: axis-user@xml.apache.org
> > > Subject: Re: ssl connections
> > >
> > >
> > > Hi Jayaram,
> > > You can set this property in the code as follows
> > >
> > > Add the line java.protocol.handler.pkgs =
> > > com.sun.net.ssl.internal.www.protocol to ur
> > > <JDK_HOME>\jre\lib\security\java.security file.
> > >
> > > Or you can pass the
> > > flag
> > >
> > 
> -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol to
> > > the jvm
> > >
> > > Sudhir
> > >
> > > Hiroshima..45........Tjernobil..86........Windows..95....
> > > ----- Original Message -----
> > > From: "Jayaraman Dorai" <jayaraman@Wellogic.com>
> > > To: <axis-user@xml.apache.org>
> > > Sent: Friday, September 06, 2002 2:26 PM
> > > Subject: RE: ssl connections
> > >
> > >
> > > > Hi Stocker,
> > > >
> > > > Where should this be set
> > > >
> > > > java.protocol.handler.pkgs = 
> com.sun.net.ssl.internal.www.protocol
> > > >
> > > > I have cacerts in the jre\lib\security. How do I get rid of
> > > this and make
> > > the keystores standard.
> > > >
> > > > Thanks
> > > > Jayaraman
> > > >
> > > > -----Original Message-----
> > > > From: Stocker, Walter [mailto:Walter.Stocker@t-systems.com]
> > > > Sent: Friday, September 06, 2002 6:46 AM
> > > > To: axis-user@xml.apache.org
> > > > Subject: AW: ssl connections
> > > >
> > > >
> > > > Install Java Secure Socket Extension JSSE in the CLASSPATH and
> > > > set the following system property:
> > > >
> > > >             java.protocol.handler.pkgs =
> > > com.sun.net.ssl.internal.www.protocol
> > > >
> > > > Edit the java.security property file of the JRE and Java
> > > Sdk and include
> > > the
> > > > following line to activate the Java Security Provider:
> > > >
> > > > security.provider.3=com.sun.net.ssl.internal.ssl.Provider
> > > >
> > > > Now Axis uses the SSL implementation from JSSE when you
> > > connect to the
> > > server
> > > > with the https protocol. If you connect with http no ssl
> > > encryption is
> > > used.
> > > >
> > > > BTW You do not have to set the javax.net.ssl.trustStore and
> > > other ssl
> > > related
> > > > system properties unless you have a environment with 
> non-standard
> > > keystores
> > > > (cacerts in security directory of JRE).
> > > >
> > > >
> > > >  Dipl. Inform. (FH) Walter Stocker
> > > >  T-Systems International GmbH
> > > >  Software Developer
> > > >  System Integration
> > > >  Address: Memmelsdorfer Str. 209a, 96052 Bamberg
> > > >  Phone: +49 (09 51) 40 97 - 1 46
> > > >  Fax: +49 (09 51) 40 97 - 2 00
> > > >  E-Mail: mailto:Walter.Stocker@t-systems.com
> > > >  Internet: http://www.t-systems.com
> > > >
> > > >
> > > >
> > > > > -----Ursprungliche Nachricht-----
> > > > > Von: bs-rshimamura@bs.core.nttdata.co.jp
> > > > > [mailto:bs-rshimamura@bs.core.nttdata.co.jp]
> > > > > Gesendet am: Freitag, 6. September 2002 11:45
> > > > > An: axis-user@xml.apache.org
> > > > > Betreff: ssl connections
> > > > >
> > > > > Hello
> > > > >
> > > > >
> > > > > I want use two sever to use ssl connections at axis soap.
> > > > > please tell me .
> > > > >
> > > > > i don't like chage proguram.
> > > > > but this is only  way to use like this ?
> > > > >
> > > > >
> > > 
> System.setProperty("javax.net.ssl.trustStore","c:\\client.keystore")
> > > > >
> > > > > Is there none of other choices?
> > > > >
> > > > >
> > > > >
> > > > > shimamura
> > > > >
> 
> 
> 
> 
> 

Mime
View raw message