I work with Glassfish and in glassfish-ejb-jar.xml I'm able to secure ejb exposed web service like this (http basic auth)
<ejb>
<ejb-name>Command</ejb-name>
<webservice-endpoint>
<port-component-name>Command</port-component-name>
<endpoint-address-uri>NPI/command</endpoint-address-uri>
<login-config>
<auth-method>BASIC</auth-method>
<realm>NPI</realm>
</login-config>
</webservice-endpoint>
</ejb>
I'm looking for a similar way to do it when deploying to Wildfly but so far I wasn't able to find a solution.
All I have found is a description how to do it in web.xml but I guess that asks for web services to be exposed via servlet cointainer.
Are there any Wildfly specific deployment descriptors or methods to get the same results as with glassfish ejb descriptor on glassfish server?
Related
I have tried to configure Spring MVC in two way SSL using Spring Ws to connect to third party but due to the lack of documentation I have decided to integrate my Spring MVC 4 Application with Web Service Consumer .I am a beginner in Web Service consumption.I would like to know how to configure my Spring MVC 4 application with web service consumer with annotation based configuration to achieve a Two way SSl communication with Third party and also encrypt my soap messages before it is sent to the https server ?If any links or sample code would be helpful.
Also if the WSDL is located in a a https link how do I generate the classes?
This question is huge. There is no a trivial solution
I can provide the steps and guide to the manual
1)Resolve CXF dependencies to include libraries in your project
Use maven, ivy or download. You need jax-ws and related
http://cxf.apache.org/docs/using-cxf-with-maven.html
2) Generate a Java client with wsdl2java to your wsdl
For example
wsdl2java -p com.mycompany.greeting Greeting.wsdl
http://cxf.apache.org/docs/wsdl-to-java.html
3) Create the jax-ws programmatically
wdsl2java have done the work for you
http://cxf.apache.org/docs/how-do-i-develop-a-client.html#HowdoIdevelopaclient?-JAX-WSProxy
HelloService service = new HelloService();
Hello helloClient = service.getHelloHttpPort();
String result = helloClient .sayHi("Joe");
Note: It is also possible configure with spring
4) Configure the authentication with client certificate
This is the hard step
http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport(includingSSLsupport)-ConfiguringSSLSupport
Define a conduit file with the reference to your certificate. This is an example
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xsi:schemaLocation="http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<http-conf:conduit name="*.http-conduit">
<http-conf:tlsClientParameters disableCNCheck="true" secureSocketProtocol="TLS">
<sec:keyManagers keyPassword="password" >
<sec:keyStore type="pkcs12" password="password"
file="yourcertificate.p12" />
</sec:keyManagers> </http-conf:tlsClientParameters>
<http-conf:client Connection="Keep-Alive" MaxRetransmits="1" AllowChunking="false" />
</http-conf:conduit>
</beans>
If you prefer to do programmaticaly you can do
Client client = ClientProxy.getClient(helloClient);
HTTPConduit http = (HTTPConduit) client.getConduit();
//set the parameters in a similar way to file
I am trying to creating web service using wsdl first approach and CXF. I am able to generate java file from wsdl and deploy the war file to tomcat server. However, I don't see any soapaction in the generated file. How do I identify the end point url for this web service?
thanks,
Usually in CXF you use Spring configuration to configure endpoint, as described in JAX-WS Configuration. Usually address is relative, e.g.
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<jaxws:endpoint id="classImpl"
implementor="org.apache.cxf.jaxws.service.Hello"
address="/helloService"/>
</beans>
Address is local to you web app context root.
Assuming that name of you web application is SomeWebApp and the server is available at localhost:8080 then web service should be published at http://localhost:8080/SomeWebApp/helloService. You can test it retrieving WSDL at: http://localhost:8080/SomeWebApp/helloService?wsdl. This URL can be used to create SOAP UI project (the tool that I really recommend for exploring and testing SOAP services).
If you don't use Spring to configure endpoint or you still can't access web service please provide more details about your configuration.
I have a web service client generated and built with Apache CXF. Next I have JAX-RS Jersey application in which I want to call methods from that webservice. When I try to deploy this simple project to Glassfish 4.0 server I get this exception:
Exception while deploying the app [pelijee] :
The lifecycle method [finalizeConfig] must not throw a checked exception.
Related annotation information: annotation [#javax.annotation.PostConstruct()] on annotated element [public void org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.finalizeConfig() throws java.security.GeneralSecurityException,java.io.IOException] of type [METHOD]. Please see server.log for more details.
Command deploy failed.
The only one CXF dependency I have in this project is:
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-bundle-jaxrs</artifactId>
<version>2.7.6</version>
<type>jar</type>
<scope>runtime</scope>
</dependency>
Is there any other CXF library compatible with JSR 250?
Thank you
One of the challenges of Glassfish is that the full server profile comes packaged with Metro for JAX-WS web services and Jersey for JAX-RS rest services. It is recommended to configure the classloader through a sun-web.xml file included in the WEB-INF folder of your WAR. It should include the following contents:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC
'-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN'
'http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd'>
<sun-web-app>
<class-loader delegate="false"/>
</sun-web-app>
In the past, I have found that occasionally I still have problems with deployment; therefore, I have actually removed the Metro and Jersey features altogether from the Glassfish server profile. Here is some more information about deployment.
http://cxf.apache.org/docs/application-server-specific-configuration-guide.html
One additional thing I noticed is that you posted a log message which included the Jetty transport. This means you are running the Jetty HTTP server and running the Glassfish HTTP server. I would suggest just using Glassfish as the web server and using the CXF servlet transport instead.
I have created an Ejb endpoint WebService (.EAR) using metro and glassfish 3.1.2(b5) .
The wsdl file is published and accessible via https .
I generated the client artifact from the secured url and when I Run the client I get this error (server side):
ATTENTION: Invalid request scheme for Endpoint my_web_service. Expected https . Received http
This how I configured the secure connexion:
<glassfish-ejb-jar>
<enterprise-beans>
<ejb>
<ejb-name>my_web_service</ejb-name>
<webservice-endpoint>
<port-component-name>my_web_service</port-component-name>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</webservice-endpoint>
</ejb>
</enterprise-beans>
</glassfish-ejb-jar>
If I change the implementation to a servlet endpoint (.war) everything run ok so I think that I'm missing something in the configuration.
To make this work you need to update the bundled version of grizzly in glassfish to 1.9.55 .
i'm developing a webservice with ejb 3 and glassfish 3.1.1. I'm using Netbeans 7.0 and would like to know, how to enable https on port 8181 for this webservice.
I dont need any authentication method, just secure the communication through https!
Thx
Adem
You need to specify a secure connection as explained here. Essentially, in your deployment descriptor web.xml you need to set:
<security-constraint>
...
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
However NetBeans will insert the code for you: open web.xml, click the Security tab along the top of the editor, then click the Add Security Constraint button. Type a name, in URL pattern write /*, set All Http Methods, and specify Confidential as Transport Guarantee.
If you don't have web.xml, because you are deploying just the Enterprise Java Bean, create a New GlassFish Descriptor glassfish-ejb-jar.xml and fill it like this (or see here the file hierarchy):
<glassfish-ejb-jar>
<enterprise-beans>
<ejb>
<ejb-name>Hello</ejb-name>
<webservice-endpoint>
<port-component-name>Hello</port-component-name>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</webservice-endpoint>
</ejb>
</enterprise-beans>/>
</glassfish-ejb-jar>
Your application will use port 8181 from now on.
See here for further information about how to setup security in a Netbeans web application and here for learning about certificates.