axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cyrille Le Clerc" <cyrille.lecl...@pobox.com>
Subject Re: Axis client with SSL
Date Wed, 19 Apr 2006 13:53:08 GMT
   Hello Xinjun,

   Did you look at the wiki ?
http://wiki.apache.org/ws/FrontPage/Axis/AxisClientConfiguration/Ssl

   Did you try to use the
org.apache.axis.components.net.SunFakeTrustSocketFactory ?

   Cyrille

--
Cyrille Le Clerc
cyrille.leclerc@pobox.com
cyrille.leclerc@fr.ibm.com

On 4/17/06, Xinjun Chen <xjchen001@gmail.com> wrote:
>
>
> Could anyone help me with that.
> I found that the stub client in fact does not work with HTTPS either. The SSLHandshakeException
happens in the stub client too.
>
>
> Regards,
>
> Xinjun
>
>
>
> On 4/17/06, Xinjun Chen <xjchen001@gmail.com> wrote:
> > I am trying to invoke a web service (TraderService) deployed in web
> > logic server 8.1 using Axis client. It works fine whether I use stub
> > or dynamic invocation. Then I try to invoke the service using HTTPS. I
> > have already configured web logic server to enable HTTPS.
> > I tried the stub client using HTTPS, it works. But it failed when I
> > use dynamic invocation.
> > In both the stub client and dynamic invocation client, I have inserted
> > the following code snippet to by pass the cert validation.
> >
> > // Create a trust manager that does not validate certificate chains
> > TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
> >       public java.security.cert.X509Certificate[] getAcceptedIssuers() {
> >               return null;
> >       }
> >
> >       public void checkClientTrusted(
> >       java.security.cert.X509Certificate[] certs, String authType)
> >               { }
> >       public void checkServerTrusted(
> > java.security.cert.X509Certificate[]
> > certs, String authType) {               }
> > } };
> > // Install the all-trusting trust manager
> > try {
> >       SSLContext sc =  SSLContext.getInstance("SSL");
> >       sc.init(null, trustAllCerts, new java.security.SecureRandom());
> >       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
> > } catch (Exception e) {
> >        e.printStackTrace();
> > }
> >
> >
> > The above code is supposed to by pass the cert validation, yet it only
> > succeeds in the stub client, and failed in the stubless client. In the
> > stubless client, I get the following error message,
> >
> > AxisFault
> > faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
> > faultSubcode:
> > faultString: javax.net.ssl.SSLHandshakeException :
> > sun.security.validator.ValidatorException: No trusted certificate
> > found
> > faultActor:
> > faultNode:
> > faultDetail:
> >       {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException
:
> > sun.security.validator.ValidatorException: No trusted certificate
> > found
> >       at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a (DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
> >       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
> >       at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
> >       at org.apache.axis.transport.http.HTTPSender.getSocket (HTTPSender.java:191)
> >       at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
> >       at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
> >       at org.apache.axis.strategies.InvocationStrategy.visit (InvocationStrategy.java:32)
> >
> >
> > Could anyone tell me what else I need to do to by pass the cert
> > validation? The client code uses Axis 1.2.1.
> >
> >
> > Regards,
> >
> > Xinjun

Mime
View raw message