Previous
Next


Client Authentication  Locate

In this section, we will show you how to create a BEA AquaLogic Service Registry client that uses HTTP Basic authentication. The example client will search the registry and publish a business entity to it. We use the demo user from demo data. We will also describe how to enable HTTP Basic authentication on the server side.

Establishing HTTP Basic authentication requires the following steps. They will be described in detail later in this section.

  1. To prepare the client application, copy all necessary jar files from the subdirectories of REGISTRY_HOME. Compile the client class file with proper jars in the CLASSPATH.

  2. Modify the file REGISTRY_HOME/app/uddi/services/WASP-INF/package.xml to enable the HttpBasic security provider on service endpoints and enable the HttpBasic interceptor.

  3. Restart BEA AquaLogic Service Registry, then run the client application.

Now, we will describe the steps in detail:

  1. Create the directory CLIENT_HOME and copy necessary jar files to it:

    1. Copy the following files from REGISTRY_HOME/lib to the CLIENT_HOME directory:

      • activation.jar

      • builtin_serialization.jar

      • core_services_client.jar

      • jaas.jar

      • jaxm.jar

      • jaxrpc.jar

      • jce1_2_1.jar

      • jcert.jar

      • jetty.jar

      • jnet.jar

      • jsse.jar

      • local_policy.jar

      • log4j.jar

      • mgmt_services_client.jar

      • saaj.jar

      • security-ng.jar

      • security2-ng.jar

      • security_providers_client.jar

      • security_services_client.jar

      • security_tools.jar

      • sunjce_provider.jar

      • US_export_policy.jar

      • wasp.jar

      • wasp_permissions.jar

      • wsdl_api.jar

      • xalan.jar

      • xercesImpl.jar

      • xml-apis.jar

      • xmlParserAPIs.jar

    2. Copy the following files from REGISTRY_HOME/dist to the CLIENT_HOME directory:

      • uddiclient_core.jar

      • uddiclient_api_ v3.jar

    3. Copy security_providers.jar from REGISTRY_HOME/app/system to the CLIENT_HOME directory

    4. Copy the following files from REGISTRY_HOME/conf to CLIENT_HOME/conf directory:

      • clientconf.xml

      • jaas.config

      • package12.xsd

  2. Create a client class as shown in Example 3 and compile the class with all jars from the CLIENT_HOME directory in the CLASSPATH.

  3. Modify REGISTRY_HOME/app/uddi/services/WASP-INF/package.xml to enable HTTP basic authentication as follows:

    1. Under <processing name="UDDIv1v2v3PublishingProcessing"/>, uncomment <use ref="tns:HttpBasicInterceptor"/>

    2. Under <processing name="UDDIv1v2v3InquiryProcessing">, add <use ref="tns:HttpBasicInterceptor"/>

    3. Add the attribute accepting-security-providers="HttpBasic" to all service-endpoints you wish to access via HTTP Basic authentication.

    A fragment of the package.xml is shown in Example 4

  4. Shutdown BEA AquaLogic Service Registry, delete the REGISTRY_HOME/work directory, and restart the registry.

  5. Run the ExampleHttpBasic.class with the following parameter: 

    -Dwasp.location=CLIENT_HOME -Djava.security.auth.login.config=CLIENT_HOME\conf\jaas.config

Sample Files  Locate

Example 3. ExampleHttpBasis.java 

// Copyright 2001-2005 Systinet Corp. All rights reserved.


import org.idoox.security.Credentials;
import org.idoox.wasp.SecurityHelper;
import org.idoox.wasp.WaspSecurity;
import org.systinet.wasp.Wasp;
import org.systinet.wasp.webservice.ServiceClient;

import org.systinet.uddi.client.v3.UDDIInquiryStub;
import org.systinet.uddi.client.v3.UDDIPublishStub;
import org.systinet.uddi.client.v3.UDDI_Inquiry_PortType;
import org.systinet.uddi.client.v3.UDDI_Publication_PortType;
import org.systinet.uddi.client.v3.struct.*;



public class ExampleHttpBasic {
    public static void main(String[] args) {

        String urlInquiry = "http://localhost:8080/uddi/inquiry";
        String urlPublishing = "http://localhost:8080/uddi/publishing";
        System.out.print("Using Inquiry at urlInquiry " + urlInquiry + " ..");
        ServiceClient serviceClient = ServiceClient.create();
        serviceClient.setServiceURL(urlInquiry);

        try {
            Wasp.init();
            Credentials credentials = WaspSecurity.acquireClientCredentials
                    ("demo_john", "demo_john", SecurityHelper.HttpBasic);
            WaspSecurity.setInitiatingProvider(serviceClient, SecurityHelper.HttpBasic);
            WaspSecurity.setCredentials(serviceClient, new Credentials[]{credentials});

            UDDI_Inquiry_PortType inquiry = UDDIInquiryStub.getInstance(serviceClient);
            System.out.println(inquiry.find_business(new Find_business()));

            serviceClient.setServiceURL(urlPublishing);
            UDDI_Publication_PortType publish = UDDIPublishStub.getInstance(serviceClient);
            System.out.println(publish.save_business(new Save_business
                    (new BusinessEntityArrayList(new BusinessEntity(new NameArrayList
                            (new Name("Business created by HttpBasic example")))))));

            System.out.println(" done");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

Example 4. package.xml - HTTP Basic Enabled

.....
    <service-endpoint path="/inquiry" version="3.0" name="UDDIInquiryV3Endpoint" 
        service-instance="tns:UDDIInquiryV3" processing="tns:UDDIv1v2v3InquiryProcessing" 
          accepting-security-providers="HttpBasic">
        <wsdl uri="uddi_api_v3.wsdl" service="uddi_api_v3:UDDI_Inquiry_SoapService"/>
        <envelopePrefix xmlns="arbitraryNamespace" value=""/>
        <namespaceOptimization xmlns="arbitraryNamespace">false</namespaceOptimization>
    </service-endpoint>
    <service-instance implementation-class="com.systinet.uddi.publishing.v3.PublishingApiImpl" 
        name="UDDIPublishingV3"/>
    <service-endpoint path="/publishing" version="3.0" 
        name="UDDIPublishingV3Endpoint" service-instance="tns:UDDIPublishingV3" 
        processing="tns:UDDIv1v2v3PublishingProcessing" 
        accepting-security-providers="HttpBasic">
        <wsdl uri="uddi_api_v3.wsdl" 
            service="uddi_api_v3:UDDI_Publication_SoapService"/>
        <envelopePrefix xmlns="arbitraryNamespace" value=""/>
        <namespaceOptimization xmlns="arbitraryNamespace">false</namespaceOptimization>
    </service-endpoint>

    <processing name="UDDIv3Processing">
      <use ref="uddiclient_v3:UDDIClientProcessing"/>
      <fault-serialization name="MessageTooLargeFaultSerializer" 
      serializer-class="com.systinet.uddi.publishing.v3.serialization.MessageTooLargeFaultSerializer" 
      serialized-exception-class="com.systinet.uddi.interceptor.wasp.MessageTooLargeException"/>
    </processing>

    <processing name="UDDIv1v2v3PublishingProcessing">
     <use ref="uddiclient_v3:UDDIClientProcessing"/>
     <use ref="uddiclient_v2:UDDIClientProcessing"/>
     <use ref="uddiclient_v1:UDDIClientProcessing"/>
     <!-- HttpBasic (without authtoken)         --> 
     <use ref="tns:HttpBasicInterceptor"/>        

       <interceptor name="MessageSizeCheckerInterceptor" 
          implementation-class="com.systinet.uddi.interceptor.wasp.MessageSizeCheckerInterceptor" 
          direction="in">
            <config:maxMessageSize>2097152</config:maxMessageSize>
       </interceptor>
    </processing>

    <processing name="UDDIv1v2v3InquiryProcessing">
        <use ref="tns:UDDIv3Processing"/>
        <use ref="tns:UDDIv2Processing"/>
        <use ref="tns:UDDIv1Processing"/>
        <use ref="tns:HttpBasicInterceptor"/>
    </processing>
.....


Previous
Next