[webservice][JBOSS] SSL 2 ways
Bonjour,
J'aimerais créer un webservice ssl 2 ways, malheureusement je manque un peu de connaissance dans le domaine et je suis pour l'instant bloqué.(Le webservice fonctionne en http)
Ce que j'ai déjà fait c'est un server keystore et server truststore dans lesquel j'ai ajouté la clé publique du client :
Code:
1
2
3
4
5
6
7
8
9
10
|
Keystore type: jks
Keystore provider: SUN
Your keystore contains 2 entries
client, Jun 15, 2009, trustedCertEntry,
Certificate fingerprint (MD5): 8B:FE:FD:92:26:F3:6B:3B:AB:51:01:1E:B2:2F:19:64
server, Jun 15, 2009, keyEntry,
Certificate fingerprint (MD5): E7:1B:0C:88:0E:30:33:A7:EA:96:C5:58:E5:F0:95:97 |
En démarrant mon serveur jboss, j'ai bien donné la référence vers mon truststore : -Djavax.net.ssl.trustStore=...
Au niveau de mon fichier server.config, j'ai ajouté ceci :
Code:
1
2
3
4
5
6
7
8
9
|
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="want"
keystoreFile="${jboss.server.home.dir}/conf/certificates/server.keystore"
keystorePass="********"
truststoreFile="${jboss.server.home.dir}/conf/certificates/server.keystore"
truststorePass="********"
sslProtocol = "TLS" /> |
Je pense qu'au niveau du server, je ne dois rien faire d'autre.
Au niveau de mon application voici le code de mon webservice :
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
package ejb;
import java.rmi.RemoteException;
import javax.ejb.EJB;
import javax.ejb.Remote;
import javax.ejb.Stateless;
import javax.jws.WebMethod;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import javax.jws.soap.SOAPBinding.Style;
import org.jboss.wsf.spi.annotation.WebContext;
import repositories.XMLReceiverRepository;
import service.XMLReceiverService;
@Stateless
@WebContext
(
contextRoot="/pd-xmlloading-core-1",
urlPattern="/SecureXMLReceiverServiceBean",
authMethod="CLIENT-CERT",
transportGuarantee="CONFIDENTIAL"
)
@WebService(endpointInterface = "service.XMLReceiverService")
@Remote(XMLReceiverService.class)
@SOAPBinding(style=Style.RPC)
public class SecureXMLReceiverServiceBean{
@EJB
private XMLReceiverRepository xmlReceiverRepository;
public XMLReceiverRepository getXMLReceiverRepository() {
return xmlReceiverRepository;
}
public void setXMLReceiverRepository(final XMLReceiverRepository xmlRecRepository) {
xmlReceiverRepository = xmlRecRepository;
}
@WebMethod
public String receiveXML(String XMLDoc) throws RemoteException{
String response="OK";
response = loaddata(XMLDoc);
return response;
}
private String loaddata(String XMLDoc){
String status="OK";
//create the instance of RepositoryBean and call the persistMethod();
try{
xmlReceiverRepository=getXMLReceiverRepository();
status=xmlReceiverRepository.persistXML(XMLDoc);
}
catch(Exception ex){
status="FAIL";
}
return status;
}
} |
Au niveau de mon client qui essaie de se connecter j'ai ceci :
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
package service.xmlreceiverclient;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.StringWriter;
import java.net.URL;
import java.util.Properties;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.rpc.Service;
import javax.xml.rpc.ServiceFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import jaws.XMLReceiverService;
import org.jboss.ws.annotation.EndpointConfig;
@EndpointConfig(configName="Standard WSSecurity Endpoint")
public class XMLReceiverClient {
String xmlReceiverServiceURL="";
String xmlReceiverServiceQName="";
String xmlReceiverServiceName="";
static String xmlFilesDirName="";
public XMLReceiverClient(){
Properties prp = new Properties();
try{
InputStream is = getClass().getResourceAsStream("/pandora.properties");
prp.load(is);
xmlReceiverServiceURL = prp.getProperty("XMLRECEIVER_WSDL_URL");
xmlReceiverServiceQName = prp.getProperty("XMLRECEIVER_QNAME_URL");
xmlReceiverServiceName = prp.getProperty("XMLRECEIVER_SERVICE_NAME");
xmlFilesDirName = prp.getProperty("XML_FILES_DIRECTORY");
}
catch(Exception pl){
System.out.println("UNABLE TO LOAD PROPERTIES");
}
}
public String callXMLReceiverWebservice(String XMLDoc){
String status="";
try{
if(xmlReceiverServiceURL.equalsIgnoreCase("")){
xmlReceiverServiceURL="http://localhost:8090/pd-xmlloading-core/XMLReceiverServiceBean?wsdl";
}
System.out.println("RECEIVER SERVICE WEBSERVICE URL: "+xmlReceiverServiceURL);
URL url = new URL(xmlReceiverServiceURL);
//URL url = new URL("http://localhost:8080/pd-xmlloading-core/XMLReceiverServiceBean?wsdl");
QName qname = new QName(xmlReceiverServiceQName,xmlReceiverServiceName);
//QName qname = new QName("http://service.xmlloader.pandora.ccff.minfin.fgov.be/jaws","XMLReceiverServiceService");
System.out.println("Getting Qualified Name: "+xmlReceiverServiceQName);
ServiceFactory factory = ServiceFactory.newInstance();
System.out.println("Getting Service Factory: "+xmlReceiverServiceName);
Service remote = factory.createService(url, qname);
System.out.println("Obtaining reference to a proxy object");
XMLReceiverService xmlReceiverService = (XMLReceiverService)remote.getPort(XMLReceiverService.class);
System.out.println("Accessed local proxy: " + xmlReceiverService);
//status=xmlReceiverService.receiveXML("STORE40 XMLFile AS STRING IN PANDORA DATABASE BY XMLReceiverWebservice");
status=xmlReceiverService.receiveXML(XMLDoc);
//System.out.println("Accessed local proxy: " + xmlReceiverService);
System.out.println("Status FROM : receiveXML Service: " + status);
}
catch(Exception ex){
status="FAIL";
System.out.println("EXCEPTION FOUND "+ex.getMessage());
ex.printStackTrace();
}
return status;
}
public static String getProxy(){
String status="success";
return status;
}
public String convertXMLFileToString(String fileName)
{
try{
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
InputStream inputStream = new FileInputStream(new File(fileName));
org.w3c.dom.Document doc = documentBuilderFactory.newDocumentBuilder().parse(inputStream);
StringWriter stw = new StringWriter();
Transformer serializer = TransformerFactory.newInstance().newTransformer();
serializer.setOutputProperty(OutputKeys.ENCODING,"ISO-8859-1");
serializer.transform(new DOMSource(doc), new StreamResult(stw));
System.out.println("Converted xml file to string: "+stw);
return stw.toString();
}
catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static void main(String[] args) throws Exception {
System.out.println("Starting Main XMLReceiver process");
XMLReceiverClient xmlreceiverClient = new XMLReceiverClient();
XMLFileFilter xmlFilter = new XMLFileFilter();
File directory = new File(xmlFilesDirName);
File[] files = directory.listFiles(xmlFilter);
for (int index = 0; index < files.length; index++)
{
String fileName=files[index].toString();
if(files[index].isFile() && (fileName.endsWith("xml") || fileName.endsWith("XML"))){
System.out.println("LOADING XML FILE: "+fileName);
String XMLDoc = xmlreceiverClient.convertXMLFileToString(fileName);
String status = xmlreceiverClient.callXMLReceiverWebservice(XMLDoc);
System.out.println("LOADING STATUS OF XML FILE: "+status);
}
else{
continue;
}
}
System.out.println("End Main XMLReceiver process");
}
}
class XMLFileFilter implements FileFilter{
public boolean accept (File file){
return file.getName().endsWith("xml");
}
} |
je démarre le client avec les parametres suivant :
Code:
1
2
3
4
5
6
|
-Djavax.net.ssl.keyStore="C:\JBoss\server\pandora\conf\certificates\client.keystore" -Djavax.net.ssl.trustStore="C:\JBoss\server\pandora\conf\certificates\client.truststore"
-Djavax.net.ssl.keyStorePassword="*********"
-Djavax.net.ssl.trustStorePassword="********"
-Djavax.net.ssl.keyStoreType="jks"
-Djavax.net.ssl.trustStoreType="jks" |
j'obtiens cette Exception :
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
org.jboss.ws.metadata.wsdl.WSDLException: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
EXCEPTION FOUND javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at org.jboss.ws.metadata.wsdl.WSDLDefinitionsFactory.getDocument(WSDLDefinitionsFactory.java:198)
at org.jboss.ws.metadata.wsdl.WSDLDefinitionsFactory.parse(WSDLDefinitionsFactory.java:106)
at org.jboss.ws.metadata.ServiceMetaData.getWsdlDefinitions(ServiceMetaData.java:273)
at org.jboss.ws.deployment.JSR109ClientMetaDataBuilder.buildMetaData(JSR109ClientMetaDataBuilder.java:110)
at org.jboss.ws.deployment.JSR109ClientMetaDataBuilder.buildMetaData(JSR109ClientMetaDataBuilder.java:82)
at org.jboss.ws.jaxrpc.ServiceImpl.<init>(ServiceImpl.java:96)
at org.jboss.ws.jaxrpc.ServiceFactoryImpl.createService(ServiceFactoryImpl.java:157)
at org.jboss.ws.jaxrpc.ServiceFactoryImpl.createService(ServiceFactoryImpl.java:128)
at be.fgov.minfin.ccff.pandora.xmlloader.service.xmlreceiverclient.XMLReceiverClient.callXMLReceiverWebservice(XMLReceiverClient.java:65)
at be.fgov.minfin.ccff.pandora.xmlloader.service.xmlreceiverclient.XMLReceiverClient.main(XMLReceiverClient.java:118)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:801)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100)
at sun.net.<a href="http://www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402" target="_blank">http://www.protocol.https.HttpsClien...lient.java:402</a>)
at sun.net.<a href="http://www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166" target="_blank">http://www.protocol.https.AbstractDe...ction.java:166</a>)
at sun.net.<a href="http://www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:949" target="_blank">http://www.protocol.http.HttpURLConn...ction.java:949</a>)
at sun.net.<a href="http://www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234" target="_blank">http://www.protocol.https.HttpsURLCo...nImpl.java:234</a>)
at java.net.URL.openStream(URL.java:1007)
at org.jboss.ws.metadata.wsdl.WSDLDefinitionsFactory.getDocument(WSDLDefinitionsFactory.java:181)
... 9 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:333)LOADING STATUS OF XML FILE: FAIL
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:782)
... 18 more |
Pouvez-vous m'aider sachant que le webservice sans ssl 2 ways fonctionne très bien ?
Merci d'avance
