test

The WSIT Tutorial

ProcedureTo Secure the Example Web Service Client Application (STS)

This section demonstrates adding security to the CalculatorApplication’s web service client, which was secured using the security mechanism described in STS Issued Token.

To add security to the client, complete the following steps.

  1. Create the client application by following the steps described in Creating a Client to Consume a WSIT-Enabled Web Service.

    Note –

    Whenever you make changes on the service, refresh the client so that the client will pick up the change. To refresh the client, right-click the node for the Web Service Reference for the client, and select Refresh Client.

  2. Drill down from CalculatorWSServletClient->Web Service References.

  3. Right-click CalculatorWSService and select Edit Web Service Attributes, then select the WSIT Configuration tab.

  4. Provide the client’s private key by pointing to an alias in the keystore. To do this, expand the Certificates node, click the Load Aliases button for the keystore, and select xws-security-client from the Alias list.

  5. Provide the service’s certificate by pointing to an alias in the client truststore. To do this, from the Certificates node, click the Load Aliases button for the truststore and select xws-security-server from the Alias list.

  6. Expand the Security Token Service node to provide details for the STS to be used. When the Endpoint and the Metadata values are the same, you only need to enter the Endpoint value. For the Endpoint field, type the following value: 


    http://localhost:8080/MySTSProject/MySTSService

  7. Click OK to close this dialog.

  8. The service requires a token to be issued from the STS at http://localhost:8080/MySTSProject/MySTSService, with WSDL file http://localhost:8080/MySTSProject/MySTSService?wsdl. To do this, follow these steps:

    1. Right-click the CalculatorWSServletClient node and select New->Web Service Client.

      The New Web Service Client window appears.

    2. Select the WSDL URL option.

    3. Cut and paste the URL of the web service that you want the client to consume into the WSDL URL field. For example, here is the URL for the MySTS web service:


      http://localhost:8080/MySTSProject/MySTSService?wsdl

    4. Type org.me.calculator.client.sts in the Package field, then click Finish.

      The Projects window displays the new web service client.

  9. Drill down from CalculatorWSServletClient->Web Service References.

  10. Right-click MySTSService and select Edit Web Service Attributes.

  11. Select the WSIT Configuration tab of the MySTSService dialog.

  12. Provide the client’s private key by pointing to an alias in the keystore. To do this, expand the Certificates node, click the Load Aliases button for the keystore, and select xws-security-client from the Alias list.

  13. Verify the STS’s certificate by pointing to an alias in the client truststore. To do this, from the Certificates node, click the Load Aliases button and select wssip from the Alias list.

  14. Expand the Username Authentication node and verify that the default user name and password as specified in GlassFish.

    If you followed the steps in Adding Users to GlassFish, this will be User Name wsitUser and Password changeit.

  15. Click OK to close this dialog.

  16. Compile and run this application by right-clicking the CalculatorWSServletClient project and selecting Run Project.