users@jax-rpc.java.net

RE: RE: Re: Adding X.509 certificate to SOAP Header

From: Paul Worrall <Paul.Worrall_at_becta.org.uk>
Date: Wed, 19 Jan 2005 11:14:38 -0000

From the pointer Vishal kindly gave I now have a more focussed question
with regard to the XWS-Security framework and the
SecurityEnvironmentHandler Class required for the security configuration
file.

 

It looks like what this handler does is general enough to be generated
with the stub classes when you use wscompile. Do I really have to
provide my own implementation?

 

TIA

 

Paul

 

 

  _____

From: Paul Worrall
Sent: 18 January 2005 11:47
To: users_at_jax-rpc.dev.java.net
Subject: RE: Re: Adding X.509 certificate to SOAP Header

 

Hi,

 

Actually it is expecting me to present the certificate for
authentication. Not encrypting the message. I quote the Web Service
provider:-

 

"The client certificate is not for mutual SSL authentication, it is for
attaching to the web service SOAP call. Within the web service method on
our side, we look for the attached certificate and check the credentials
within it before proceeding. It sounds like it's at this point that
we're currently rejecting your call. I'm not sure how you attach an
X.509 certificate to a java call, but the documentation you've got gives
examples of how to do it in .Net if that helps."

 

...

 

  _____

From: Vishal Mahajan [mailto:Vishal.Mahajan_at_Sun.COM]
Sent: 18 January 2005 09:57
To: users_at_jax-rpc.dev.java.net
Subject: Re: Adding X.509 certificate to SOAP Header

 

Hi Paul,

I would guess that the web service expects your client to use its
certificate for encrypting the requests. For such a use-case you can use
the XML and Web Services Security component in JWSDP 1.5. For a detailed
information on this component, you may refer Ch-3 of the JWSDP tutorial
- http://java.sun.com/webservices/docs/1.5/tutorial/doc/index.html.

HTH,

Vishal

Paul Worrall wrote:

I have been provided with a X.509 digital certificate by a web service
endpoint provider to be able to access their web service. This is not
for use in mutual authentication at the SSL level but for presentation
in the SOAP Header.

I have used wscompile to generate static stubs against the providers
WSDL.

I can not find any documentation on how to add this certificate to the
SOAP message from the JAX-RPC, wscompile generated, stub classes.

Can anyone help?

TIA

 

Regards

 

 

Paul Worrall

Portal Technology and Innovation

BECTA

 



**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************

 



**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************



**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************