Java soap client for EJBCA webservices - web-services

I am trying to build a Java Soap Client to call Ejbca webservices.
I'm facing to an issue at certificat level.
Exception in thread "main" org.ejbca.core.protocol.ws.AuthorizationDeniedException_Exception: Error no client certificate received used for authentication.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
From my installation I can retrieve the *.p12 file, how can I tell to my Java program to use this file to call correctly the web service.
Thanks for your help.

In EJBCA there is a tool called clientToolBox, which is a command line utility that makes webservice calls. This is a good tool to test WS functionality.
ClientToolBox also functions as sample code for various WS commands.
For the client certificate issue, you can check in org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand. There is code in the constructor that loads the p12 file and sets the java property javax.net.ssl.keyStore and other properties.
final String keyStorePath = props.getProperty("ejbcawsracli.keystore.path", "keystore.jks");
checkIfFileExists(keyStorePath);
System.setProperty("javax.net.ssl.keyStore", keyStorePath);
if (keyStorePath.endsWith(".p12")) {
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
}
if ( trustStorePath==null ) {
if (keyStorePath.endsWith(".p12")) {
final Provider tlsProvider = new TLSProvider();
Security.addProvider(tlsProvider);
Security.setProperty("ssl.TrustManagerFactory.algorithm", "AcceptAll");
} else {
System.setProperty("javax.net.ssl.trustStore", keyStorePath);
}
}
System.setProperty("javax.net.ssl.keyStorePassword", password);
The keystore properties are described in the web services documentation for EJBCA:
https://www.ejbca.org/docs/Web_Service_Interface.html#src-16224398_id-.WebServiceInterfacev6.12.0-UsingtheWebServiceAPIforIntegrationUsing_the_Web_Service_API_for_Integratio
Documentation for clientToolBox can be found in the documentation:
https://www.ejbca.org/docs/EJBCA_Client_Toolbox.html

Related

DatabindingException on web service binding

Any idea about the exception? I cant bind a JAX-WS service due exception thrown:
Exception in thread "main" com.sun.xml.internal.ws.spi.db.DatabindingException: java.lang.IllegalArgumentException: can't parse argument number: ''{0}''
at com.sun.xml.internal.ws.db.glassfish.JAXBRIContextFactory.newContext(JAXBRIContextFactory.java:90)
at com.sun.xml.internal.ws.spi.db.BindingContextFactory.create(BindingContextFactory.java:167)
at com.sun.xml.internal.ws.model.AbstractSEIModelImpl$1.run(AbstractSEIModelImpl.java:203)
at com.sun.xml.internal.ws.model.AbstractSEIModelImpl$1.run(AbstractSEIModelImpl.java:176)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.xml.internal.ws.model.AbstractSEIModelImpl.createJAXBContext(AbstractSEIModelImpl.java:176)
at com.sun.xml.internal.ws.model.AbstractSEIModelImpl.postProcess(AbstractSEIModelImpl.java:95)
at com.sun.xml.internal.ws.model.RuntimeModeler.buildRuntimeModel(RuntimeModeler.java:309)
at com.sun.xml.internal.ws.db.DatabindingImpl.<init>(DatabindingImpl.java:85)
at com.sun.xml.internal.ws.db.DatabindingProviderImpl.create(DatabindingProviderImpl.java:59)
at com.sun.xml.internal.ws.db.DatabindingProviderImpl.create(DatabindingProviderImpl.java:43)
at com.sun.xml.internal.ws.db.DatabindingFactoryImpl.createRuntime(DatabindingFactoryImpl.java:105)
at com.sun.xml.internal.ws.client.WSServiceDelegate.buildRuntimeModel(WSServiceDelegate.java:875)
at com.sun.xml.internal.ws.client.WSServiceDelegate.createSEIPortInfo(WSServiceDelegate.java:892)
at com.sun.xml.internal.ws.client.WSServiceDelegate.addSEI(WSServiceDelegate.java:855)
at com.sun.xml.internal.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:435)
at com.sun.xml.internal.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:404)
at com.sun.xml.internal.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:386)
at javax.xml.ws.Service.getPort(Service.java:119)
The project is running in Ecplipse, JDK 1.8.
All artifacts generated by :
/**
* This class was generated by Apache CXF 3.2.0
* 2018-03-28T18:06:56.868+02:00
* Generated source version: 3.2.0
*
*/
#WebService(targetNamespace = "...........", name = "IDocuments")
Classes from wsdl are generated without errors.
Note that with SoapUi I'm able to bind and use this service and couple of other #WebService, generated in the same way, work properly.
Solved...
The problem was a conflict on multiple wsdl generation.
The last generated wsdl deploys its factory classes.
On this way requests and responses was created by the wrong context and the service throws IllegalArgumentException.
Issue fixed by customizing package for each generated wsdl

org.xml.sax.SAXParseException while initializing JAXWS consumer

I'm getting the below exception when the JAXWS Java consumer stub constructor is invoked. When I try via. SOAPUI everything is working fine and able to get correct response. It is a web server to multiple app server (Websphere 7.x clustered) setup. Consumer code looks fine. Provider code is fine, since it works in SOAPUI. There is some problem with Web Server and web server may respond with a HTML rather then XML. App Server doesn't get the request when trying via Java consumer and no logs are there. We tested in local app server without web server setup, it works. Don't know where the problem lies? Anybody can help? I'm using Axis2 that comes with WebSphere for hosting web service. Web Sphere reads annotations in implementation class to deploy web service. Generate WSDL automatically. WSDL Location I've not specified in implementation file, if it specified not works. No configuration file (web.xml, etc.,) i provide. It is not an HTTPS web service. I'm able to telnet to the web service server and get the WSDL via telnet.
javax.xml.ws.WebServiceException: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'http://ip:port/AppName/ServiceName'.: (http://ip:port/AppName/ServiceName%27.:) org.xml.sax.SAXParseException: The markup in the document following the root element must be well-formed.
at org.apache.axis2.jaxws.ExceptionFactory.createWebServiceException(ExceptionFactory.java:175)
at org.apache.axis2.jaxws.ExceptionFactory.makeWebServiceException(ExceptionFactory.java:70)
at org.apache.axis2.jaxws.ExceptionFactory.makeWebServiceException(ExceptionFactory.java:128)
at org.apache.axis2.jaxws.util.WSDL4JWrapper.loadDefinition(WSDL4JWrapper.java:754)
at org.apache.axis2.jaxws.util.WSDL4JWrapper.getDefinition(WSDL4JWrapper.java:670)
at org.apache.axis2.jaxws.util.WSDL4JWrapper.commonPartsURLConstructor(WSDL4JWrapper.java:224)
at org.apache.axis2.jaxws.util.WSDL4JWrapper.<init>(WSDL4JWrapper.java:156)
at org.apache.axis2.jaxws.description.impl.ServiceDescriptionImpl.setupWsdlDefinition(ServiceDescriptionImpl.java:1191)
at org.apache.axis2.jaxws.description.impl.ServiceDescriptionImpl.<init>(ServiceDescriptionImpl.java:245)
at org.apache.axis2.jaxws.description.impl.ServiceDescriptionImpl.<init>(ServiceDescriptionImpl.java:168)
at org.apache.axis2.jaxws.description.impl.DescriptionFactoryImpl.createServiceDescription(DescriptionFactoryImpl.java:142)
at org.apache.axis2.jaxws.description.impl.DescriptionFactoryImpl.createServiceDescription(DescriptionFactoryImpl.java:79)
at org.apache.axis2.jaxws.description.DescriptionFactory.createServiceDescription(DescriptionFactory.java:76)
at org.apache.axis2.jaxws.spi.ServiceDelegate.<init>(ServiceDelegate.java:212)
at org.apache.axis2.jaxws.spi.Provider.createServiceDelegate(Provider.java:71)
at javax.xml.ws.Service.<init>(Service.java:67)
at somepackage.servicename.<init>(servicename.java:42)...more are here hidden to maintain confidential
Caused by:
javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'http://ip:port/AppName/ServiceName'.: (http://ip:port/AppName/ServiceName%27.:) org.xml.sax.SAXParseException: The markup in the document following the root element must be well-formed.
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2315)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2390)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2356)
at org.apache.axis2.jaxws.util.WSDL4JWrapper$13.run(WSDL4JWrapper.java:745)
at org.apache.axis2.java.security.AccessController.doPrivileged(AccessController.java:132)
at org.apache.axis2.jaxws.util.WSDL4JWrapper.loadDefinition(WSDL4JWrapper.java:742)
... 70 more
Caused by:
org.xml.sax.SAXParseException: The markup in the document following the root element must be well-formed.
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2305)
... 75 more </pre>
I'm not sure what's going wrong with wsdl retrieval for you, but if you can extract the wsdl (and any files it imports) from the remote service and just package them with your client directly, that will avoid retrieving the wsdl from the remote service for each invocation, which besides not working in your case, also degrades performance. Your client wsdllocation would change to file:///(something). If you're using a developer tool like RAD or WDT, it has an option to automatically retrieve the wsdl and package it with the client.

java.lang.RuntimeException: java.lang.NoClassDefFoundError: javax/ws/rs/client/ClientBuilder in IBM WebSphere 8.5

I am trying to build a async REST client but getting following error in IBM WebSphere 8.5,
java.lang.RuntimeException: java.lang.NoClassDefFoundError: javax/ws/rs/client/ClientBuilder
While building ClientBuilder object. I tried to search everywhere but solution is provided for other application servers not for IBM WebSphere. When I decompiled ClientBuilder class it expect the property JAXRS_DEFAULT_CLIENT_BUILDER = "org.glassfish.jersey.client.JerseyClientBuilder";
but what is the value of implementation class/property for WebSphere?
Code I am trying to run,
ClientBuilder cb = ClientBuilder.newBuilder(); // Exception occurs at this line
Client client = cb.build();
WebTarget target = client.target(URL);
Future<Response> future = target.request(MediaType.APPLICATION_XML).async().
post(Entity.entity(notifications, MediaType.APPLICATION_XML));
Response response = future.get(5, TimeUnit.SECONDS);
if(response.getStatus() == SUCCESS) {
respStatus = SUCCESS;
}
Am I missing some configuration? or property setting?
Note: I have added javax.ws.rs-api-2.0-m10.jar on classpath.
WebSphere provides jaxrs-1.1 implementation based on Wink, so they will conflict with library you provided. You will either need to disable default implementation and use your own, or create Wink client.
Check these posts:
JAX-RS Jersey 2.10 support in Websphere 8
JAX-RS Jersey Client on Websphere 8.5

Web service Axis2 client code generation issue

I'm trying the consume a web services built using Axis2, so I have followed this example for creating client code.
I have the endpoint and I'm able to access it through the browser. But trying to generate the client code with:
WSDL2Java.bat -uri <<endpoint>> -o client
throws the exception below:
Exception in thread "main" org.apache.axis2.wsdl.codegen.CodeGenerationException: Error parsing WSDL
at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.(CodeGenerationEngine.java:181)
at org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35)
at org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24)
Caused by: java.net.ConnectException: Connection timed out: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:200)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:570)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:141)
at sun.net.NetworkClient.doConnect(NetworkClient.java:163)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:411)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:525)
at sun.net.www.protocol.https.HttpsClient.(HttpsClient.java:272)
at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:329)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:172)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:923)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:158)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:379)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:318)
at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.(CodeGenerationEngine.java:99)
... 2 more
What could be the reason for this error?
If you can access the WSDL from a browser but not from the tool in command line then it's possible that your browser uses a HTTP proxy for it's connection while wsdl2java goes straight for the address.
Try setting some JVM parameters for using a proxy, as described in Java Networking and Proxies and if that fails, there is always the option to download the WSDL with the browser and run wsdl2java with the locally downloaded file.

Error when calling web service from Domino

I need to connect to a .net application via it's SOAP Web Service but can't get it working from Domino. Using XPages I want to connect to the web service to return data to the xpage. I tried creating an agent to make the call, but that hasn't worked. I receive the following java StackTrace when I run the agent:
WebServiceEngineFault
faultCode: {http://www.lotus.com/domino/ws/}HTTP
faultSubcode:
faultString: (401) Unauthorized
faultActor:
faultNode:
faultDetail:
{}string:
(401) Unauthorized
at lotus.domino.axis.transport.http.HTTPSender.readFromSocket(Unknown Source)
at lotus.domino.axis.transport.http.HTTPSender.invoke(Unknown Source)
at lotus.domino.axis.strategies.InvocationStrategy.visit(Unknown Source)
at lotus.domino.axis.SimpleChain.doVisiting(Unknown Source)
at lotus.domino.axis.SimpleChain.invoke(Unknown Source)
at lotus.domino.axis.client.AxisClient.invoke(Unknown Source)
at lotus.domino.axis.client.Call.invokeEngine(Unknown Source)
at lotus.domino.axis.client.Call.invoke(Unknown Source)
at lotus.domino.axis.client.Call.invoke(Unknown Source)
at lotus.domino.axis.client.Call.invoke(Unknown Source)
at lotus.domino.axis.client.Call.invoke(Unknown Source)
at lotus.domino.websvc.client.Call.invoke(Unknown Source)
at com.imanage.worksite.IWOVServicesSoapStub.getFolders(Unknown Source)
at JavaAgent.NotesMain(Unknown Source)
at lotus.domino.AgentBase.runNotes(Unknown Source)
at lotus.domino.NotesThread.run(Unknown Source)
I am able to call it successfully from soapUI passing in the user id, password and domain credentials.
I set credentials in the agent that consumes the web service:
String arg0 = "DOMAINNAME\\USERID";
String arg1 = "PASSWORD";
stub.setCredentials(arg0, arg1);
and also in the web service consumer itself (in the SoapStub class - within the getFolders call):
_call.setUsername("DOMAINNAME\\USERID");
_call.setPassword("PASSWORD");
I'm new to XPages and Java. Does anyone have any ideas what I might be missing or should check for?
(I can't use Lotusscript for the web service consumer as the variable names generated by the WSDL are too long, so I have to use java in this case).
In these situations to help narrow down it is better to let SOAPUI do the full testing.
So do the following.
Create a mock service in SOAPUI from the WSDL of the provider.
Point your agent to the mock service so that you can capture what is being sent from your agent. (ie. Capture the SOAP request).
Using that same SOAP request send it via SOAPUI to the .NET server. It should reproduce the issue and give you back some more information as to what is failing.
The following wiki article explains how to do this.
http://www-10.lotus.com/ldd/ddwiki.nsf/dx/Testing_your_Domino_web_service_provider_and_consumer_using_SoapUI._
I would use CXF, it seems better supported in XPages. What authentication are you using? I found that a digest authentication might not work with some services in .net (Sharepoint data being one) and you need to call another end-point to get a digest token. I use TCPMon (Cross platform) or Fiddler to see what is on the wire (You configure these tools as proxy, so you can watch) AD107 might have additional information, have a look.