Disabling deployed Web services through Java code - web-services

I work with JAX-WS Web services deployed on to a Glassfish Web server and Netbeans IDE. We have provisions to disable or undeploy a Web service deployed onto a Glassfish Web server using admin console or services tab in the IDE. This looks to be some sort of hardware interrupt. I would like to achieve the same, i.e. disabling a deployed Web service through Java code, on some external command from interface. Is there any mechanism to obtain such outcome through software interrupts or by any other means?

You can keep configuration settings like discoveryAllowed attribute at server side may be like in DB.
On which you can decide whether to allow user to call web-methods. Add beelow code in web-method:
If discoveryAllowed is false then call following code:
MessageContext mc = context.getMessageContext();
HttpServletResponse resp = (HttpServletResponse) mc.get(MessageContext.SERVLET_RESPONSE);
resp.setContentType("text/plain");
resp.sendError(HttpServletResponse.SC_NOT_FOUND, "Web service is disabled.");
If discoveryAllowed is true allow to proceed with code execution.

Related

Call external web service with Sencha Cmd application

I created an ExtJS 5 application with Sencha Cmd.
I will deploy this application in a tomcat server where there are some REST web services.
I would need to use these web services but when I run the application with "sencha app watch" (on port 1841) it doesn't find the services because they are on a differente server (tomcat is on a different port).
How can I use an "external" web service with Sencha CMD?
Thanks
stefano
Here are some of the available options:
Option 1 Proxy Web Service
You could create a service on the local machine where the sencha app is that create web requests that then goto the target remote services. This is called a proxy service.
Essentially the proxy service will take a request and resubmit it to the desired target remote machine.
There is a php example here
And a C# web request example here (Although this c# example isn't exactly what you are needing. The base of the web request that would need to be submitted is in this code. )
Option 2 JsonP
The other option off the top, is if the web services on the other machine support jsonp they should be accessible. However, jsonp only supports get so if you have a full rest implementation some services will probably not work.
More information on jsonp
And an extjs request example for JsonP:
Ext.data.JsonP.request({
'url': 'url',
params: {
'param1': 'value'
},
success: function (result, request) {
//success
}
});
Option 3 Hosting multiple apps/paths on single port
However, since it seems like the tomcat server may actually be on the same machine. Is there not a way to host both the web services and the application path through tomcat?
It looks like, for instance, jetty has an option to host two apps on the same port
Option 4 Enable CORS
You can enable cross origin resource sharing on the rest application depending on the architecture/framework used.
The browser will basically send a request first to see if it can access the resource. And then the server would respond with the allowed origin domains. Once CORS is enabled then access could be granted between the two different ports/servers
Great site on CORS with instructions for enabling on most basic setups
Here is example documentation for spring

Calling a back-end web service with IBM Message Broker

I was trying to deploy a back-end web service to IBM Message Broker. Then create a Java client to call Broker, which in turn calls the back-end web service.
If the Java client can call Broker, then so can any other Java app.
The IBM documentation on the subject is massive. So here are the steps that I took, plus a couple of issues I struggled with, and then resolved.
Two useful links:
Setting up a flow:
http://publib.boulder.ibm.com/infocenter/wmbhelp/v6r1m0/index.jsp?topic=%2Fcom.ibm.etools.mft.doc%2Fad64230_.htm
Deploying a flow:
http://publib.boulder.ibm.com/infocenter/wmbhelp/v7r0m0/index.jsp?topic=%2Fcom.ibm.etools.mft.doc%2Faa40160_.htm
Create a new Application.
Within the Application, create a new Message Flow.
On the flow workspace, on the left menu column, select Web Services.
Select a SOAPInput, SOAPRequest, SOAPReply.
Connect the input to the request, and the output of the request to the reply.
When you double-click on the Request, it will be looking for a WSDL. Select import/create new at the bottom of the window. On the next window, select the bottom option to select a WSDL from outside the environment. Paste in the entire URL to your back-end web service.
Click next and finish on the following windows to get back to the Flow work space.
One point that I struggled with and was not obvious in the documentation, is that you will need to create a new flow for each method in your back-end web service.
In the SOAPRequest properties, set the "binding operation" to the method behind that flow.
Once you build and deploy the bar, you can right-click anywhere on the Flow work space and select Test...
The test tool will display the WSDL of the web service that is deployed to your Broker instance. You can grab that WSDL and use Ant or Maven to create a Java client and call your web service (which in turn calls the back-end service)
That's not strictly speaking true, you can route to a label based on the operation name in the wsdl or even use the SOAPInput node in generic gateway mode. Generally you'll want a flow per "service" not per method.

Security of SOAP based web service in Java, Netbeans, Tomcat

I have created an android application that calls (using kSOAP library) a SOAP based web service (developed in java, netbeans) over the intranet.
Now i want to make the application live, so this will require my web service to be exposed on the internet.
I have following questions...
How do i make sure that no one knows about the web service link except my android application
No one is able to call the web service except my android application
The data transferred between android application and web service is secure and encrypted
What kind of authentication mechanism should be used
I'm new to web services security so forgive me if my questions are dumb :)
This is impossible. Anyone having your app might use a traffic analyzer like wireshark and see all the requests it makes.
Sign each request you app makes(add some soap header) and check the signature on the server side
Use HTTPS
How to do authentication using SOAP?

How do I setup a asmx web service in Azure that accepts a client certificate?

I apologize in advance if the question is ridiculous.
I have an asmx service running in Azure (HTTP - no SSL).
I have a WPF app that loads a X509Certificate2 and adds it to the request by doing the following:
X509Certificate2 cert = new X509Certificate2("...");
webRequest.ClientCertificates.Add(cert);
In the web service I get the certificate by
new X509Certificate2(this.Context.Request.ClientCertificate.Certificate)
And then I load a cert (that I have both uploaded to the Azure control panel and added to my service definition file) by using the following sample:
var store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2Collection certs = store.Certificates.Find(X509FindType.FindBySubjectName, certName, true);
And then I validate by doing the following:
clientCert.Thumbprint == certs[0].Thumbprint
Now unfortunately I get an exception (System.Security.Cryptography.CryptographicException: m_safeCertContext is an invalid handle) as soon as I do
Request.ClientCertificate.Certificate
So I have a few questions. How do I avoid the exception. This answer states I need to modify an IIS setting, but how can I do that in Azure?
In any case is this even the proper way to do certificate authentication?
Thanks!
You can use command scripts to modify IIS, in combination with appcmd.exe.
For a quick example (disabling timeout in an application pool), take a look at this sample by Steve Marx.
In this example, you'd call DisableTimeout.cmd as a startup task. For more info on creating startup tasks, you can watch this episode of Cloud Cover Show. There should be a lab on startup tasks in the Platform Training Kit as well.
Just remember that any type of IIS configuration change should be made via an automated task at startup. If you manually change IIS via RDP, those changes won't propagate to all of your instances, and won't remain persistent in the event of hardware failure or OS update.
You can remote into your azure instances to manage IIS. As for a way to do it globally for all instances at once, I'm not sure. That would be an interesting side project though.
http://learn.iis.net/page.aspx/979/managing-iis-on-windows-azure-via-remote-desktop/

BizTalk web-service call: unable to connect to remote server

I am trying to call a web service from a BizTalk (2006) orchestration.
Having got the hang of the basics, I have been following this tutorial (page 74 onwards) in which i have a web reference to an external web service (I am using this web service instead of the one in the tutorial), I have my web message in a Send component, and have set up the request / response ports for the web service call.
I'm fairly sure that eveything is set up correctly, but my orchestration fails to call the web service with the following error:
The adapter failed to transmit the message going to send port
"My_Order_Processor.Orchestration-CurrencyConvertPort-36c122f41c5596ae"
with URL "http://www.webservicex/net/CurrencyConvertor.asmx.
WebException: Unable to connect to the remote server.
SocketException: An existing connection was forcibly
closed by the remote host 209.162.186.60:80
The IP 209.162.186.60 is the address for the web service I am trying to connect to. I am trying to narrow down the reasons for the error, e.g.:
Firewall issues
Proxy server issues (I don't know how to configure BizTalk to use a proxy server)
Something else
The BizTalk server can ping the web service, I can access the internet (through IE), I can add the WebReference to the project successfully (meaning at least the orchestration designer can access the web service okay). I have also tried a different web service, with the same result.
Any ideas on finding out why this is happening or how to find out more info? (I'm new to BizTalk)
I've seen this veru vague error before for many different reasons. Two suggestions.
Download something like NetMon and watch what is going on on the wire.
Turn off chunked encoding. For some reason, many web services don't handle this well.
Let us know what you find out.
Could this not be an authentication issue? Check that you can connect to the webservice using the Bts credentials.
This turned out to be a proxy issue.
By navigating to Biz Talk Group -> Platform Settings -> Adapters -> SOAP, I was able to configure the BizTalk server host's SOAP adapter (which is what the web service call uses to make the call) to use our company proxy server correctly. Double click the 'send' SOAP adapter, go to Properties under adapter name.