C Sample Java Policy B Consumer Using OWSM Client Policy

package com.test;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPath;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import oracle.security.jps.JpsContext;
import oracle.security.jps.JpsContextFactory;
import oracle.security.jps.JpsException;
import oracle.security.jps.service.keystore.KeyStoreService;
import weblogic.jws.jaxws.ClientPolicyFeature;
import weblogic.jws.jaxws.policy.InputStreamPolicySource;
import weblogic.security.SSL.TrustManager;
import weblogic.wsee.jws.jaxws.owsm.SecurityPoliciesFeature;
import weblogic.wsee.security.bst.ClientBSTCredentialProvider;
import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.provider.CredentialProvider;
import com.oracle.retail.cm.integration.services.customerservice.v1.CustomerPortType;
import com.oracle.retail.cm.integration.services.customerservice.v1.CustomerService;
import com.oracle.retail.cm.integration.services.customerservice.v1.IllegalArgumentWSFaultException;
import com.oracle.retail.cm.integration.services.customerservice.v1.IllegalStateWSFaultException;
import com.oracle.retail.cm.integration.services.customerservice.v1.ValidationWSFaultException;
import com.oracle.retail.integration.base.bo.customerref.v1.CustomerRef;
import com.oracle.retail.integration.base.bo.invocationsuccess.v1.InvocationSuccess;
/**
* Servlet implementation class PolicyBJRFServlet
*/
@WebServlet("/PolicyBJRFServlet")
public class PolicyBJRFServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public PolicyBJRFServlet() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doPost(request, response);
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
response.getWriter().write("<html><body> Policy B testing with WebLogic policy </body></html>");
try {
// Key store information
String hostName = getHostName();
//Point to consumer weblogic domain config
String str = "/home/newfolder/Weblogic12.2.1.4/user_projects/domains/domain/config/";
String clientKeyAlias = hostName+"-public-private-key-alias";
// Hostname for remote host alias can be found from the URL of the OSB service
String remoteHostAlias = hostName+"-remote-host-public-key-alias";
JpsContext ctx = JpsContextFactory.getContextFactory().getContext();
KeyStoreService kss = ctx.getServiceInstance(KeyStoreService.class);
java.security.KeyStore keystore = kss.getKeyStore("owsm", "keystore",null);
Key key = keystore.getKey(clientKeyAlias, null);
// Get the certificate associated with this alias
final X509Certificate serverCert =
(X509Certificate) keystore.getCertificate(remoteHostAlias);
System.out.println("serverCert----------------"+serverCert.toString());
PublicKey publicKey = serverCert.getPublicKey();
// Set security policies
SecurityPoliciesFeature securityFeatures = new SecurityPoliciesFeature(
new String[] {
"oracle/wss11_username_token_with_message_protection_client_policy" });
// Prepare credential providers
List<CredentialProvider> credProviders = new
ArrayList<CredentialProvider>();
PrivateKey pk = (PrivateKey)key;
String fileName = str+hostName+"-certificate.der";
CredentialProvider messageProtectionProvider = new
ClientBSTCredentialProvider(serverCert, CertPathMeth("X.509", fileName), pk);
credProviders.add(messageProtectionProvider);
ClientUNTCredentialProvider userNameTokenProvider = new
ClientUNTCredentialProvider("rsbuser".getBytes(),
"rsbuser1".getBytes());
credProviders.add(userNameTokenProvider);
//point to osb proxy url with cluster port
String wsdlUrl = "http://<hostname>:49004/cm-Customer-AppServiceDecorator/ProxyService/CustomerAppServiceProxy?wsdl";
//pass namespace and service name of the proxy service
CustomerService service = new CustomerService(
new URL(wsdlUrl),
new QName(
"http://www.oracle.com/retail/cm/integration/services/CustomerService/v1", "CustomerService"));
CustomerPortType servicePort =
service.getCustomerPort(securityFeatures);
Map<String, Object> reqContext = ((BindingProvider) servicePort).getRequestContext();
reqContext.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
reqContext.put(WSSecurityContext.TRUST_MANAGER, new TrustManager() {
public boolean certificateCallback(X509Certificate[] chain,
int validateErr) {
// Check that the server cert matches
boolean result = chain[0].equals(serverCert);
return result;
}
});
// Invoke the service
CustomerRef customerRef = new CustomerRef();
customerRef.setCustomerId("3451");
InvocationSuccess invSuccess = servicePort.deleteCustomer(customerRef);
response.getWriter().write("");
response.getWriter().write("<html><body>Got Response : "
+ invSuccess.getSuccessMessage() + "</body></html>");
}catch (JpsException e2) {
e2.printStackTrace();
}
catch (UnrecoverableKeyException | KeyStoreException
| NoSuchAlgorithmException e2) {
e2.printStackTrace();
}
catch (IllegalArgumentWSFaultException | IllegalStateWSFaultException
| ValidationWSFaultException e) {
e.printStackTrace();
}
response.getWriter().flush();
response.getWriter().close();
}
private CertPath CertPathMeth(String string, String fileName) {
CertPath cp = null;
try {
CertificateFactory cf = CertificateFactory.getInstance(string);
List<java.security.cert.Certificate> list = new ArrayList<java.security.cert.Certificate>();
InputStream in = new FileInputStream(fileName);
java.security.cert.Certificate c = cf.generateCertificate(in);
list.add(c);
cp = cf.generateCertPath(list);
System.out.println("Clientcert==============="+cp.getCertificates().get(0).toString());
} catch (java.io.FileNotFoundException e) {
e.printStackTrace();
}
catch (CertificateException e) {
e.printStackTrace();
}
return cp;
}
// This method returns the hostname of the server where application is running
private String getHostName(){
String wlsHostName = null;
try {
String hostName = java.net.InetAddress.getLocalHost().getHostName();
wlsHostName = hostName.split("\\.")[0];
} catch (UnknownHostException e) {
throw new RuntimeException(e);
}
return wlsHostName;
}
}

Note: retail-public-payload-java-beans-base-<version>.jar, retail-public-payload-java-beans-<version>.jar, <service>ServiceConsumer.jar and javax.servlet-api-3.0.1.jar should be present in the classpath.