Announcement Announcement Module
Collapse
No announcement yet.
Calling Secure And Encrypted Web Service with Spring Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Calling Secure And Encrypted Web Service with Spring

    Hi Everyone,

    I'm new to the spring forums, so sorry if this is posted in the wrong section!!

    I am trying to consume a web service that is HTTPS (ssl) and uses non-repudiation (requires body to be signed and the message to be encrypted using a jks).

    Here is my current approach:

    Defined the following beans:

    Code:
    <bean class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor" id="wsSecurityInterceptor">
    	    <property name="securementActions" value="Signature"/>
    	    <property name="securementUsername" value="privateKeyAlias"/>
      		<property name="securementPassword" value="changeit"/>
    	    <property name="securementSignatureCrypto">
    	        <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
    	            <property name="keyStorePassword" value="changeit"/>
    	            <property name="keyStoreLocation" value="classpath:/META-INF/keystore.jks"/>
    	        </bean>
    	    </property>
    	</bean>
    		
    	<oxm:jaxb2-marshaller id="marshaller"  contextPath="PATH" /> 
    	<bean id="templateTest" class="org.springframework.ws.client.core.WebServiceTemplate">
    		<property name="defaultUri" value="https://pathToService" />
    		<property name="marshaller" ref="marshaller" />     
    		<property name="unmarshaller" ref="marshaller" /> 
    		<property name="messageSender">
             <bean class="PATH.CommonsHttpMessageSenderMod" /> 
            </property>
            <property name="interceptors">
    	        <list>
    	            <ref bean="wsSecurityInterceptor" />
    	        </list>
    	    </property>
    	</bean>
    	<bean id="myhttpsProtocol" class="org.apache.commons.httpclient.protocol.Protocol">
          <!-- must be unique, but doesn't require you to use myhttps:// scheme in WebServiceTemplate URIs -->
          <constructor-arg index="0" value="myhttps" />
          <constructor-arg index="1">
             <bean class="SPS.AuthSSLProtocolSocketFactoryMod">
                <constructor-arg index="0" value="classpath:/META-INF/keystore.jks"/>
                <constructor-arg index="1" value="changeit"/>
                <constructor-arg index="2" value="classpath:/META-INF/keystore.jks"/>
                <constructor-arg index="3" value="changeit"/>
             </bean>
          </constructor-arg>
          <constructor-arg index="2" value="443" />
       </bean>
    I also have the following code:

    Code:
    @Service("caller")
    public class Caller implements InitializingBean {
    	@Autowired
    	private WebServiceTemplate templateTest;
    	@Resource
    	private Protocol myhttpsProtocol;
    
    	@Override
    	public void afterPropertiesSet() throws Exception {
    		CommonsHttpMessageSender sender = ((CommonsHttpMessageSender) this.statePoliceServiceTest
    				.getMessageSenders()[0]);
    		URI url = new URI(this.statePoliceServiceTest.getDefaultUri());
    		if (url.getScheme().startsWith("https")) {
    			sender.getHttpClient().getHostConfiguration().setHost(
    					new HttpHost(url.getHost(), url.getPort(),
    							this.myhttpsProtocol));
    		}
    	}
    
    	public void call() {
    		ObjectFactory of = new ObjectFactory();
                                InputRequest ir = new InputRequest();
                                //Populate input object
    				try {
    			Protocol.registerProtocol("https", myhttpsProtocol);
    			Protocol.registerProtocol("myhttps", myhttpsProtocol);
    			Object response = this.templateTest
    					.marshalSendAndReceive(							"https://PATH",of.createRequest(ir), new SoapActionCallback("https://PATH"));
    			System.out.println(response);
    		} catch (Exception e) {
    			e.printStackTrace();
    		}
    	}
    
    }
    The overridden CommonsHttpSenderMod simply extends CommonsHttpMessageSender and overrides the following method:

    Code:
    public boolean supports(URI uri)
    	   {
    	      return null == uri.getScheme() || super.supports(uri);
    	   }
    The AuthSSLProtocolSocketFactory Mod isn't a mod - it's just a copy paste of the AuthSSLProtocolSocketFactory java class file (I overroded the class in case I would need to change some connection details later).

    Currently, if the service ONLY has SSL enabled, this code lets me call it. However, when the service requires encryption and a signature, the call is failing with the following error:

    Error creating bean with name 'wsSecurityInterceptor'
    ...
    Caused by: java.lang.NoSuchMethodError: org/apache/xml/security/transforms/Transform.init()V
    at org.apache.ws.security.WSSConfig.staticInit(WSSCon fig.java:308)
    at org.apache.ws.security.WSSConfig.<init>(WSSConfig. java:324)
    at org.apache.ws.security.WSSConfig.getNewInstance(WS SConfig.java:333)
    at org.apache.ws.security.WSSConfig.getDefaultWSConfi g(WSSConfig.java:342)
    at org.apache.ws.security.WSSecurityEngine.getWssConf ig(WSSecurityEngine.java:157)
    at org.springframework.ws.soap.security.wss4j.Wss4jSe curityInterceptor.afterPropertiesSet(Wss4jSecurity Interceptor.java:461)
    at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.invokeInitMethods(Abstr actAutowireCapableBeanFactory.java:1514)
    at org.springframework.beans.factory.support.Abstract AutowireCapableBeanFactory.initializeBean(Abstract AutowireCapableBeanFactory.java:1452)
    ... 199 more


    I have the following relevant jars in my classpath: spring-ws-security-2.0.0.RELEASE.jar, wss4j-1.5.12.jar

    I have tested with spring-ws-security 2.0.2 and wss4j-1.6, 1.5.9, etc. all to no avail.

    I am running this on IBM Websphere Application Server.

    If anyone can provide any help, that would be much appreciated!

    Thanks!

  • #2
    Anyone have any ideas that might help?

    Comment

    Working...
    X