wood burning stoves 2.0*
The moose likes Web Services and the fly likes Accessing Web Service from a Java Client Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Accessing Web Service from a Java Client" Watch "Accessing Web Service from a Java Client" New topic
Author

Accessing Web Service from a Java Client

Russell Ray
Ranch Hand

Joined: Apr 25, 2005
Posts: 116
Good morning to all.......

I have a requirement to test the WS-Security of a web service running on WebLogic with a UserNameToken. The goal is assertaining if the service is setup properly and prevents any request without the correct UserNameToken. The secenario I see is something like a cactus scenario where I lookup the web service within the JNDI and pass a SOAP Message to the service. This would require me to develop a correct SOAP message. Some of the tools I am using are: Weblogic 8.1 with sp4 and WSAD 5.1.1. I am not allowed to change the configuration of the server by adding AXIS.

Can someone guide me in the right direction? I've spent most of a day surfing and looking at the available literature. However, most literature does not discuss security of web services as it is such a new topic with so many standards. My understanding is one of the best comprehesive book on web services "J2EE Web Services" by Richard Monson-Haefel does not even address security.

Thank you for any suggestions and comments.

Russ
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42360
    
  64
Russell,
even though you may not be able to use Axis on the server, you can use its wsdl2java tool to create a client for test purposes (if you have a WSDL description of it, of course). Once you have a client, you can use tcpmon (a little GUI app that comes with Axis) to monitor what the client sends, and what the server responds with. It's a very handy tool, and I have used it for exactly that - testing what WS-Security does to the SOAP messages.
To set up security on the client side you can use the WSS4J package (see the Web Services FAQ linked in my signature for a few relevant links). It's not rocket science to set it up. Or maybe WebLogic or WebSphere have their own libraries that you can use.


Ping & DNS - my free Android networking tools app
Russell Ray
Ranch Hand

Joined: Apr 25, 2005
Posts: 116
Ulf:

Thank you very much for your comments and suggestions. Excuse me if my question elementary, but I am so new to web services. You gave me some light at the end of the learning tunnel that I question my own ubderstanding. I know WSAD 5.1.1. is using AXIS for it's creation of a test client. Using WSAD, what you get are jsp's, a proxy server, and some more java code for running the service. Is this what you are referring to or does the AXIS implementation (using the wsdl) give you strickly a java client without jsps? Again, all I want to do is pass in a SOAP Message I've created and let the system handle the SOAP Message from there.

Thank you for the links and information again. I will definately finish reading them tonight preparing myself for the task at hand.

Russ
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42360
    
  64
The wsdl2java creates only Java classes, including all the stubs and service locators needed to access a web service remotely. After that, one can slap a client around it with 10 lines of code or so.
I don't think the simplest possible SOAP-over-Java client will work with WSS4J, because WSS4J is based on JAX-RPC handlers. But JAX-RPC is just what wsdl2java generates, so if you get that to run you're good to go.
 
wood burning stoves
 
subject: Accessing Web Service from a Java Client