aspose file tools*
The moose likes Web Services and the fly likes Get the server side certificate using Metro with JAX-WS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Get the server side certificate using Metro with JAX-WS" Watch "Get the server side certificate using Metro with JAX-WS" New topic
Author

Get the server side certificate using Metro with JAX-WS

Marcelo Tataje
Ranch Hand

Joined: Jan 31, 2011
Posts: 64

Hello everybody, I'm facing a tricky requirement implementing a Web Service and it's client using Metro and JAX-WS. The goal of the application is to send an XML document through a WebService, the application is implemented using WSRM, WS-Addressing and SAML 2.0 Sender Vouches assertion, it has been developed using a contract first WSDL document and configured through wsit.xml setting the keystores and truststores. Everything it's ok, the application runs perfectly. But the tricky requirement is that the application requires to compare the certificate of the client side with the certificate which is located at server side. I tried to give solution to problem using SOAHandlers because I noticed that the only moment in which I can get the server side certificate is when the Create-Response is executed, that's why I catch the soap and get the certificate then i use an if-else to manage actions when the certificate is not valid. What's the problem? That when I catch the SOAP in Response and throws the exception, the xml file has been already delivered. Then I set another solution, I developed a "ping" method which communicates with the server and retrieve the certificate, compare with client side and throws exception. But if the certificate is correct I execute the sending of the document. What is the problem in this solution? That sequences are created two times: first time when it makes a ping and the second time to send the xml file which is a very heavy-weight validation in terms of performance and I think is not a good practice. In Metro, the sequence is like this:

1. CreateSequence
2.CreateSequenceResponse
3.Create (Here I send the message)
4.CreateResponse

What I want is to catch the Certificate when the application is using CreateSequence or CreateSequenceResponse to cut the flow in that point and avoid all the resource-hard-work.
With the current solution, I have to make the flow two times as I menctioned.
If I just execute the flow and validate using the SOAPHandler, the time when the validations throws the exception is too late because the message has been already sent in the Create step. And the validate seems to be executed in the CreateResponse.

I'm new to Metro and this kind of validations with certificates, maybe is there something I could do with SAML Handlers or wsit. Please if somebody could help me I will really be grateful. Thanks in advance.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Get the server side certificate using Metro with JAX-WS
 
Similar Threads
Need help in removing Canonicalizing a digitally signed SAML without namespace and new line chars.
SCDJWS Beta!!!!!!
SCJWSD Beta Exam
Error in Soap Response while implementing ws-security using Metro
RPC vs Document Style