aspose file tools*
The moose likes Web Services and the fly likes New JavaRanch Journal article: Web Services Security - Encryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "New JavaRanch Journal article: Web Services Security - Encryption" Watch "New JavaRanch Journal article: Web Services Security - Encryption" New topic
Author

New JavaRanch Journal article: Web Services Security - Encryption

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42908
    
  69
The latest issue of the JavaRanch Journal contains an article by yours truly on Web Services Security - Encryption. Go read it while it's fresh, and discuss it in this thread.
Bai Shen
Ranch Hand

Joined: Sep 24, 2008
Posts: 323
In your article, you mention that there are two ways to tell the JVM to use BouncyCastle. The first way involves adding the following code.



But where do you add the code? I can't seem to find such a line in any of your examples.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42908
    
  69
Umm ... search a little bit harder. The Axis2Client, SAAJClient and FibonacciService classes all have that line of code.
Bai Shen
Ranch Hand

Joined: Sep 24, 2008
Posts: 323
Doh! I was looking at the versions of the examples from the previous article. Thanks.
Bai Shen
Ranch Hand

Joined: Sep 24, 2008
Posts: 323
Do you have any more information about doing the initial set up, etc? Your article is kind of light on some of the details. Like what you did to set up the keystores, etc. TIA.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42908
    
  69
For a first test you should be able to use the keystores that come in the zip file. They were generated completely by the keytool.sh script. That's Unix-only, but it should be easy to change it to Windows if that's what you're using. Any of the details -like user names, passwords, file names, algorithm, key size etc.- can be changed in the first few lines of the script.
Bai Shen
Ranch Hand

Joined: Sep 24, 2008
Posts: 323
Oh, I was able to get it all working using the keystores from your examples. I was just trying to figure out the mechanics of making my own keystores, etc.

Also, I'm curious about a couple things in your code. My client looks like the following.



But your code looks like this.



Is there a reason you did all of that work with the Options and the Axiom stuff?
[ October 23, 2008: Message edited by: Bai Shen ]
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42908
    
  69
Well, I have to admit that your code looks nicer :-)

In all honesty, the AXIOM code I copied from somewhere - it's possible that it could be simplified. But you have a MessageServiceStub class that seems to do the hard work - where does that come from?

The Options stuff is mostly about setting the SOAPAction header (which WS-Addressing needs, and which AXIOM doesn't set by itself); the endpoint could be set in other ways.
Bai Shen
Ranch Hand

Joined: Sep 24, 2008
Posts: 323
Originally posted by Ulf Dittmer:
Well, I have to admit that your code looks nicer :-)

In all honesty, the AXIOM code I copied from somewhere - it's possible that it could be simplified. But you have a MessageServiceStub class that seems to do the hard work - where does that come from?

The Options stuff is mostly about setting the SOAPAction header (which WS-Addressing needs, and which AXIOM doesn't set by itself); the endpoint could be set in other ways.


The MessageServiceStub class was created when I ran WSDL2Java which is included with Axis2. The base setup(which the security stuff) is the same as the original Axis stuff. The only weird thing I noticed was the SendMessages class. It seems that Axis2 makes a separate inner class for your parameters, whereas Axis simply sets them as part of the method, like a normal java method.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: New JavaRanch Journal article: Web Services Security - Encryption