HTTPS WebService Client (Skip Certificate Validation)

Using Axis2

Refer to Eclipse + Apache AXIS2 Tips

Code Snippet

SSLContext sslCtx = SSLContext.getInstance("TLSv1");
sslCtx.init(null, new TrustManager[] { new TrustAllTrustManager() }, null);

XXXStub stub = new XXXStub("https://IP:Port/...");

stub._getServiceClient()
 .getOptions()
 .setProperty(
 HTTPConstants.CUSTOM_PROTOCOL_HANDLER,
 new Protocol("https",
 (ProtocolSocketFactory) new SSLProtocolSocketFactory(sslCtx), 8443));


[response] result = stub.operator([request]);
......

Reference

http://axis.apache.org/axis2/java/core/apidocs/org/apache/axis2/java/security/TrustAllTrustManager.html

Using CXF

Refer to ECLIPSE JUNO + MAVEN + CXF GENERATE WEBSERVICE CLIENT

Method 1. Using JaxWsProxyFactoryBean

 String URL = "https://IP:Port/...";
 
 JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
 factory.setServiceClass(XXXService.class);
 factory.setAddress(URL);
 XXXService client = (XXXService) factory.create();

 Client proxy = ClientProxy.getClient(client);
 HTTPConduit conduit = (HTTPConduit) proxy.getConduit();
 TLSClientParameters tcp = new TLSClientParameters();

 tcp.setTrustManagers(new TrustManager[] { new X509TrustManager() {
 @Override
 public void checkClientTrusted(X509Certificate[] certs, String authType)
 throws CertificateException {
 }
 @Override
 public void checkServerTrusted(X509Certificate[] certs, String authType)
 throws CertificateException {
 }
 @Override
 public X509Certificate[] getAcceptedIssuers() {
 return null;
 }
 } });

 tcp.setDisableCNCheck(true);
 conduit.setTlsClientParameters(tcp);

 [response] response = client.operator([request]);
......

Method 2. Using CXF generated stub

 XXXService_Service service = new XXXService_Service();
 XXXService client = service.getXXXPort();

 BindingProvider binding = (BindingProvider) client;
 binding.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, URL);

 Client proxy = ClientProxy.getClient(client);
 HTTPConduit conduit = (HTTPConduit) proxy.getConduit();
 TLSClientParameters tcp = new TLSClientParameters();
 tcp.setTrustManagers(new TrustManager[] { new X509TrustManager() {
 @Override
 public void checkClientTrusted(X509Certificate[] certs, String authType)
 throws CertificateException {
 }
 @Override
 public void checkServerTrusted(X509Certificate[] certs, String authType)
 throws CertificateException {
 }
 @Override
 public X509Certificate[] getAcceptedIssuers() {
 return null;
 }
 } });

 tcp.setDisableCNCheck(true);
 conduit.setTlsClientParameters(tcp);

 [response] response = client.operator([request]);
......

Note:
When using XXXService_Service service = new XXXService_Service(), be sure the wsdlLocation is available. Otherwise, a FileNotFoundException may occur.

handshake_failure

  1. Refer to SOAPUI HTTPS HANDSHAKE_FAILURE
  2. Check the JDK version of WebService and AppServer (ex. Tomcat). If the versions are different, this error may occur. Use the same version.

Reference

http://www.programcreek.com/java-api-examples/index.php?api=org.apache.cxf.transport.http.HTTPConduit

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s