• Post Reply Bookmark Topic Watch Topic
  • New Topic

Error creating secure session for Web service  RSS feed

 
Sankar Tanguturi
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am trying to connect to a WebService over SSL, from a Web client developed on WSAD, by updating the system properties in a static bloc in ServiceLocator file generated from WSDL :

//Update the system properties
Properties properties = System.getProperties();
properties.put("java.protocol.handler.pkgs",
"com.ibm.net.ssl.internal.www.protocol");
//New parameter
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
properties.put("javax.net.ssl.trustStore","trust.jks" );
properties.put("javax.net.ssl.trustStorePassword",trustpassword);
System.setProperties(properties);
}.

I changed the web service URL to point to my server running in production environment (on Websphere 5 app server). In my trust.jks file, I have imported the public key for the server.

With this setup, I am able to initiate a session to the server from my local workstation and get results successfully. However, when I move this application to production, I get the following error below. I am ensuring that the trust file is available on production also. Any ideas on why this might be happening ?

Thanks in advance,
Sankar


java.net.ConnectException: Connection refused
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:350)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:137)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:124)
at java.net.Socket.<init>(Socket.java:268)
at java.net.Socket.<init>(Socket.java:95)
at com.ibm.jsse.bd.<init>(Unknown Source)
at com.ibm.jsse.JSSESocketFactory.createSocket(Unknown Source)
at com.ibm.ws.webservices.engine.components.net.JSSESocketFactory.create
(JSSESocketFactory.java:198)
at com.ibm.ws.webservices.engine.transport.http.HTTPSender.getSocket(HTT
PSender.java:225)
at com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke(HTTPSe
nder.java:143)
at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandler
Wrapper.java:217)
at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEng
ine.java:258)
at com.ibm.ws.webservices.engine.client.Connection.invokeEngine(Connecti
on.java:680)
at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.jav
a:604)
at com.ibm.ws.webservices.engine.client.Connection.invoke(Connection.jav
a:434)
at com.ibm.ws.webservices.engine.client.Stub$Invoke.invoke(Stub.java:666
)
at com.agac.rateengine.ejb.RateEngineWsSessionSoapBindingStub.getWsPlanD
ictionaryForGroup(RateEngineWsSessionSoapBindingStub.java:268)
at java.lang.reflect.Method.invoke(Native Method)
at com.agac.rateengine.ejb.RateEngineClient.GetPlanDictionaryAndRates(Ra
teEngineClient.java:178)
at com.agac.rateengine.ejb.RateEngineClient.run(RateEngineClient.java:38
)
at org.apache.jsp._Result._jspService(_Result.java:213)
at com.ibm.ws.webcontainer.jsp.runtime.HttpJspBase.service(HttpJspBase.j
ava:89)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.ibm.ws.webcontainer.jsp.servlet.JspServlet$JspServletWrapper.serv
ice(JspServlet.java:357)
at com.ibm.ws.webcontainer.jsp.servlet.JspServlet.serviceJspFile(JspServ
let.java:675)
at com.ibm.ws.webcontainer.jsp.servlet.JspServlet.service(JspServlet.jav
a:773)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.ibm.ws.webcontainer.servlet.StrictServletInstance.doService(Stric
tServletInstance.java:110)
at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._service(Stric
tLifecycleServlet.java:174)
at com.ibm.ws.webcontainer.servlet.ServicingServletState.service(StrictL
ifecycleServlet.java:333)
at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.service(Strict
LifecycleServlet.java:116)
at com.ibm.ws.webcontainer.servlet.ServletInstance.service(ServletInstan
ce.java:283)
at com.ibm.ws.webcontainer.servlet.ValidServletReferenceState.dispatch(V
alidServletReferenceState.java:42)
at com.ibm.ws.webcontainer.servlet.ServletInstanceReference.dispatch(Ser
vletInstanceReference.java:40)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handleWebAppDi
spatch(WebAppRequestDispatcher.java:948)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAp
pRequestDispatcher.java:530)
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebApp
RequestDispatcher.java:176)
at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.jav
a:79)
at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebApp
Invoker.java:201)
at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvoc
ation(CachedInvocation.java:71)
at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(Ser
vletRequestProcessor.java:182)
at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSE
Listener.java:334)
at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnect
ion.java:56)
at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.ja
va:610)
at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:435)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:593)
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there a firewall involved?
 
Sankar Tanguturi
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is no firewall as the server and my machine are on the internal network. Even if that were the case, should the problem arise when connecting from my workstation rather than from the server, where the web service resides ?
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Sankar Tanguturi:
Even if that were the case, should the problem arise when connecting from my workstation rather than from the server, where the web service resides ?
Yes, because firewall rules generally involve allowing access to a specific target IP address and port from a specific source IP address. If your web service end point changes from "http://localhost/service" to "https://myserver/service", there are multiple possible reasons for the firewall to block your requests:
1) the actual target port changes from "80" to "443" (the default SSL port)
2) the source IP address changes
3) the target IP address changes
[ May 18, 2004: Message edited by: Lasse Koskela ]
 
Sankar Tanguturi
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
From my client program deployed on the same machine as the service(in fact it is in the same EAR), I tried https://localhost/service, https://myserver:443/service and https://localhost:443/service. None of them work. However from the browser, both https://myserver:443/service and https://myserver/service seem to work. Please help. I have run of things I can try.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!