• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Rob Spoor
  • Devaka Cooray
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • Tim Holloway
Bartenders:
  • Jj Roberts
  • Al Hobbs
  • Piet Souris

WSS in applet

 
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear fellow ranchers,

For a particular use case where I need real end-to-end security I am calling an external webservice. I mocked the webservice on my machine on another port (without security requirements). I am able to call the webservice (without any web service security implemented) as I signed my jar.

The problem is that I need to implement WSS to get the request signed in order to call the 'real' webservice. I am wondering how this could be done, bearing in mind that my applet should not get too large as it is an applet - so preferably without using any frameworks. Any body has any resources or experience on this? I'm not really sure what would be the best approach to get this started.

Thanks a lot!
B.

 
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So this is a SOAP web service for which the XML is generated "by hand", meaning, without any framework? If you only want to use username/password authentication, then you can probably generate the appropriate SOAP headers in the same, but if you're talking about signature or encryption, then I can't imagine doing it without the help of the http://ws.apache.org/wss4j/ library.
 
Bram Maes
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Lester,

Thanks for the quick reply!

I actually do need a signature with the corresponding certificate added to the request. I already checked the wss4j lib, but the I also need xalan, log4j, ... and the appletsize would be at least about 10MB - I would like to avoid this if possible. I would need a very lightweight framework with no dependencies

 
reply
    Bookmark Topic Watch Topic
  • New Topic