File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Services and the fly likes Get the server side certificate using Metro with JAX-WS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Get the server side certificate using Metro with JAX-WS" Watch "Get the server side certificate using Metro with JAX-WS" New topic

Get the server side certificate using Metro with JAX-WS

Marcelo Tataje
Ranch Hand

Joined: Jan 31, 2011
Posts: 64

Hello everybody, I'm facing a tricky requirement implementing a Web Service and it's client using Metro and JAX-WS. The goal of the application is to send an XML document through a WebService, the application is implemented using WSRM, WS-Addressing and SAML 2.0 Sender Vouches assertion, it has been developed using a contract first WSDL document and configured through wsit.xml setting the keystores and truststores. Everything it's ok, the application runs perfectly. But the tricky requirement is that the application requires to compare the certificate of the client side with the certificate which is located at server side. I tried to give solution to problem using SOAHandlers because I noticed that the only moment in which I can get the server side certificate is when the Create-Response is executed, that's why I catch the soap and get the certificate then i use an if-else to manage actions when the certificate is not valid. What's the problem? That when I catch the SOAP in Response and throws the exception, the xml file has been already delivered. Then I set another solution, I developed a "ping" method which communicates with the server and retrieve the certificate, compare with client side and throws exception. But if the certificate is correct I execute the sending of the document. What is the problem in this solution? That sequences are created two times: first time when it makes a ping and the second time to send the xml file which is a very heavy-weight validation in terms of performance and I think is not a good practice. In Metro, the sequence is like this:

1. CreateSequence
3.Create (Here I send the message)

What I want is to catch the Certificate when the application is using CreateSequence or CreateSequenceResponse to cut the flow in that point and avoid all the resource-hard-work.
With the current solution, I have to make the flow two times as I menctioned.
If I just execute the flow and validate using the SOAPHandler, the time when the validations throws the exception is too late because the message has been already sent in the Create step. And the validate seems to be executed in the CreateResponse.

I'm new to Metro and this kind of validations with certificates, maybe is there something I could do with SAML Handlers or wsit. Please if somebody could help me I will really be grateful. Thanks in advance.
I agree. Here's the link:
subject: Get the server side certificate using Metro with JAX-WS
jQuery in Action, 3rd edition