2-way SSL on Weblogic 10

[jerryhill]

Hope someone can help with this. I am working on a WL Portal application were we will be calling to web services that use 2-way SSL. These service calls are also made from within the EJB container.

We are using Spring-ws for our client code and have it working successfully from JUnit. But when we stand it up inside WL, we get bad certificate alerts. A little research shows we are failing to pass the cert from the client to the server.

More research found CR286793 :

Provide a mechanism for API for Web Service clients to set keystore per service for two-way SSL implementation.
To implement SSL with certificate for each connection, use the API as follows:
WlsSSLAdapter adapter = new WlsSSLAdapter();
adapter.setKeystore("./DemoIdentity.jks",
"DemoIdentityKeyStorePassPhrase".toCharArray() , "JKS" );
adapter.setClientCert("DemoIdentity","DemoIdentity PassPhrase".toCharArray());
adapter.setTrustManager( new TrustManager(){
public boolean certificateCallback(X509Certificate[] chain, int
validateErr){
return true;
}
}); weblogic.wsee.connection.transport.https.HttpsTran sportInfo info = new
weblogic.wsee.connection.transport.https.HttpsTran sportInfo(adapter);
SimpleImplService service = new SimpleImplService_Impl(args[0] +
"?WSDL",info);
Simple port = service.getSimpleSoapPort();
Stub stub = (Stub)port;
stub._setProperty('weblogic.wsee.client.ssladapter ', adapter);






They are essentially saying we have to attach the WlsSSLAdapter to the stub. How do we access that through the Spring-ws APIs?

An alternative might be to use the filtering classloader to load App-inf/lib classes instead of Weblogic classes, but without know the exact packages involved that won't work either.

thanks!
jerry..

[jerryhill]

FYI - I have a trouble ticket in with BEA/Oracle to look into this further.

For now I have set the messageSender to CommonsHttpMessageSender and packaged the commons-httpclient libraries in my EAR. It works, but I wish I didn't have to package an HTTP client in an application container.

[mgconno]

Jerry,
I am trying to send a text/xml encoded message to a web service from within a message driven bean. Apparently weblogic is setting the encoding to url/application context. I am interested in knowing exaclty how you set the CommonsHttpMessageSender in weblogic? was it a system property or did you do it somehow in your ear configuration?

Thanks,

Mike

[jerryhill]

Basically, we just defined a bean for the sender and added it to the senders property of the WebServiceGatewaySupport base bean.

<bean id="messageSender"
class="org.springframework.ws.transport.http.Commo nsHttpMessageSender">
<property name="maxConnectionsPerHost">
<props>
<prop key="*">${service.tcp.maxConnection.host}</prop>
</props>
</property>
<property name="maxTotalConnections" value="${service.tcp.maxConnection.total}"/>
</bean>

---to the bean extending WebServiceGatewaySupport
<property name="messageSenders">
<list>
<ref bean="messageSender" />
</list>
</property>