• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Get the server side certificate using Metro with JAX-WS

 
Ranch Hand
Posts: 64
Oracle Java Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello everybody, I'm facing a tricky requirement implementing a Web Service and it's client using Metro and JAX-WS. The goal of the application is to send an XML document through a WebService, the application is implemented using WSRM, WS-Addressing and SAML 2.0 Sender Vouches assertion, it has been developed using a contract first WSDL document and configured through wsit.xml setting the keystores and truststores. Everything it's ok, the application runs perfectly. But the tricky requirement is that the application requires to compare the certificate of the client side with the certificate which is located at server side. I tried to give solution to problem using SOAHandlers because I noticed that the only moment in which I can get the server side certificate is when the Create-Response is executed, that's why I catch the soap and get the certificate then i use an if-else to manage actions when the certificate is not valid. What's the problem? That when I catch the SOAP in Response and throws the exception, the xml file has been already delivered. Then I set another solution, I developed a "ping" method which communicates with the server and retrieve the certificate, compare with client side and throws exception. But if the certificate is correct I execute the sending of the document. What is the problem in this solution? That sequences are created two times: first time when it makes a ping and the second time to send the xml file which is a very heavy-weight validation in terms of performance and I think is not a good practice. In Metro, the sequence is like this:

1. CreateSequence
2.CreateSequenceResponse
3.Create (Here I send the message)
4.CreateResponse

What I want is to catch the Certificate when the application is using CreateSequence or CreateSequenceResponse to cut the flow in that point and avoid all the resource-hard-work.
With the current solution, I have to make the flow two times as I menctioned.
If I just execute the flow and validate using the SOAPHandler, the time when the validations throws the exception is too late because the message has been already sent in the Create step. And the validate seems to be executed in the CreateResponse.

I'm new to Metro and this kind of validations with certificates, maybe is there something I could do with SAML Handlers or wsit. Please if somebody could help me I will really be grateful. Thanks in advance.
 
today's feeble attempt to support the empire
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic