aspose file tools*
The moose likes Web Services and the fly likes Consume secure web service Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Consume secure web service" Watch "Consume secure web service" New topic
Author

Consume secure web service

john mattucci
Ranch Hand

Joined: Nov 03, 2000
Posts: 331
Sorry this is my first time attempting this. I understand that there are countless examples but for now those are confusing me more than anything else. I am attempting to call a secure web service. From what I have read I can use JAX-WS 2.0. Unless there is something easier. And I am also wondering if I should be encrypting the xml in order to call a secure web service? Should I look into the Java XML Digital Signature API?

Thank you all for your help
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42278
    
  64
In general, look for "WS-Security". That's the standard governing various WS security features likes authentication, signatures and encryption. It uses XML-Encryption underneath, so you don't need to deal with that directly.

The specifics of how to use WS-Security depend on the SOAP toolkit you're using. For Axis 2, you need the Rampart module. If you use the Metro stack, WS-Security is built-in.


Ping & DNS - my free Android networking tools app
john mattucci
Ranch Hand

Joined: Nov 03, 2000
Posts: 331
Do I need to encrypt the message using the same XML Encryption syntax that the WS expects? In order for the WS to successfully process the received XML document consisting of encrypted data, so that the encrypted data can be decrypted and read successfully.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42278
    
  64
Like I said, you shouldn't be using XML Encryption directly, you should use WS-Security, which will take care of the details of using XML Encryption for you.

How this works depends on the SOAP toolkit you're using for the WS client. Each toolkit has its own way of using WS-Security - there's no standard you can follow.
john mattucci
Ranch Hand

Joined: Nov 03, 2000
Posts: 331
Thank you for your time. I started to look into using Metro.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42278
    
  64
Personally I've invested too much time and effort into Axis 2 to get into Metro now, but if I were starting from zero, that's probably where I'd look first. It seems to have lots of features already, and it's evolving by leaps and bounds.

Feel free to come back here with questions, though. I encourage people to use WS-Security, and help them do that.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Consume secure web service