|
Oracle | ||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectweblogic.wsee.jaxws.sslclient.SSLClientUtil
public final class SSLClientUtil
This utilty class provides client to get a SSLSocketFactory in order to make Two-way SSL work in WLS JAX-WS
In JAX-WS RI, we can set SSLSocketFactory into requestContext to enable Two-way SSL as following code
//set KeyManagers
...
//set TrustManagers
...
//construct SSLSocketFactory from above KeyManagers and TrustManagers
SSLSocketFactory mySSLSocketFactory =...
//set the SSLSocketFactory into request context
((BindingProvider) port).getRequestContext().put(
JAXWSProperties.SSL_SOCKET_FACTORY, mySSLSocketFactory);
In practice, however, it is often difficult to create KeyManagers or
TrustManagers, the class also is the utility which can make this easier. It
can make KeyManagers and TrustManagers transparently if user would like to
use system properties setting or string parameters:
Example 1: To get SSLSocketFactory
getSSLSocketFactoryFromSysProperties()
from setting system
parameters
String clientKeyStore = ...;
String clientKeyStorePasswd = ...;
String trustKeystore = ...;
String trustKeystorePasswd = ...;
System.setProperty("javax.net.ssl.keyStore", clientKeyStore);
System.setProperty("javax.net.ssl.keyStorePassword", clientKeyStorePasswd);
System.setProperty("javax.net.ssl.trustStore", trustKeystore);
System.setProperty("javax.net.ssl.trustStorePasswd", trustKeystorePasswd);
//user can print out the sslInfo for debug
System.out.print(sslInfo.toString());
((BindingProvider) port).getRequestContext().put(
JAXWSProperties.SSL_SOCKET_FACTORY,
SSLClientUtil.getSSLSocketFactoryFromSysProperties());
NOTE: The clientKeyStore and clientKeyStorePasswd have this restriction:
The SSL package of J2SE requires that the password of the client’s
private key must be the same as the password of the client’s keystore. For
this reason, the client keystore can include only one private key and X.509
certificate pair.
Example 2: To get SSLSocketFactory
getSSLSocketFactory(PersistentSSLInfo sslInfo)
from setting
string parameters
String clientKeyStore = ...;
String clientKeyStorePasswd = ...;
String clientKeyAlias = ...;
String clientKeyPass = ...;
String trustKeystore = ...;
String trustKeystorePasswd = ...;
PersistentSSLInfo sslInfo = new PersistentSSLInfo();
sslInfo.setKeystore(clientKeyStore);
sslInfo.setKeystorePassword(clientKeyStorePasswd);
sslInfo.setKeyAlias(clientKeyAlias);
sslInfo.setKeyPassword(clientKeyPass);
sslInfo.setTrustKeystore(trustKeystore);
//user can print out the sslInfo for debug
System.out.print(sslInfo.toString());
//Put sslInfo into requestContext for persistence, it might be required by JAX-WS advance features,
//such as, RM, Callback
((BindingProvider) port).getRequestContext().put(
JAXWSProperties.CLIENT_PERSISTENT_SSL_INFO, sslInfo);
//Alternatively, you can directly set a SSLSocketFactory if persistence is not necessary
((BindingProvider) port).getRequestContext().put(
JAXWSProperties.SSL_SOCKET_FACTORY,
SSLClientUtil.getSSLSocketFactory(sslInfo));
JAXWSProperties
,
PersistentSSLInfo
Field Summary | |
---|---|
static String |
RELAXED_CHECKING_DEFAULT
|
Method Summary | |
---|---|
static SSLSocketFactory |
getSSLSocketFactory(KeyManager[] kms,
TrustManager[] tms)
Get SSLSocketFactory from input KeyManagers and TrustManagers |
static SSLSocketFactory |
getSSLSocketFactory(PersistentSSLInfo sslInfo)
Get SSLSocketFactory from input PersistentSSLInfo |
static SSLSocketFactory |
getSSLSocketFactoryFromSysProperties()
Get SSLSocketFactory from system properties setting, these properties incude: |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String RELAXED_CHECKING_DEFAULT
Method Detail |
---|
public static SSLSocketFactory getSSLSocketFactoryFromSysProperties()
javax.net.ssl.keyStore
javax.net.ssl.keyStorePassword
javax.net.ssl.trustStore
javax.net.ssl.trustStorePasswd
weblogic.wsee.client.ssl.relaxedtrustmanager
The property set "true" means always trust server, ignoring the properties javax.net.ssl.trustStore and javax.net.ssl.trustStorePasswd.
public static SSLSocketFactory getSSLSocketFactory(KeyManager[] kms, TrustManager[] tms)
NOTE: The system property weblogic.wsee.client.ssl.relaxedtrustmanager
takes effect if being set as "true", which will ignore the TrustManagers parameter.
kms
- tms
-
public static SSLSocketFactory getSSLSocketFactory(PersistentSSLInfo sslInfo)
sslInfo
-
|
Documentation is available at http://download.oracle.com/docs/cd/E12839_01/web.1111 Copyright 1996,2009, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Part Number E13941-01 Oracle WebLogic Server 10.3.1 API Reference |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |