weblogic.wsee.jaxws.sslclient
Class SSLClientUtil

java.lang.Object
  weblogic.wsee.jaxws.sslclient.SSLClientUtil

public final class SSLClientUtil
extends Object

This utilty class provides client to get a SSLSocketFactory in order to make Two-way SSL work in WLS JAX-WS

In JAX-WS RI, we can set SSLSocketFactory into requestContext to enable Two-way SSL as following code

   //set KeyManagers
    ...
    //set TrustManagers
    ...
    //construct SSLSocketFactory from above KeyManagers and TrustManagers
    SSLSocketFactory mySSLSocketFactory =...
    //set the SSLSocketFactory into request context
    ((BindingProvider) port).getRequestContext().put(
           JAXWSProperties.SSL_SOCKET_FACTORY, mySSLSocketFactory);
   
 

In practice, however, it is often difficult to create KeyManagers or TrustManagers, the class also is the utility which can make this easier. It can make KeyManagers and TrustManagers transparently if user would like to use system properties setting or string parameters:

Example 1: To get SSLSocketFactory getSSLSocketFactoryFromSysProperties() from setting system parameters

      String clientKeyStore = ...;
      String clientKeyStorePasswd = ...;
      String trustKeystore = ...;
      String trustKeystorePasswd = ...;
      
      System.setProperty("javax.net.ssl.keyStore", clientKeyStore);
      System.setProperty("javax.net.ssl.keyStorePassword", clientKeyStorePasswd);
      System.setProperty("javax.net.ssl.trustStore", trustKeystore);
      System.setProperty("javax.net.ssl.trustStorePasswd", trustKeystorePasswd);
      
      //user can print out the sslInfo for debug
      System.out.print(sslInfo.toString());
        
      ((BindingProvider) port).getRequestContext().put(
          JAXWSProperties.SSL_SOCKET_FACTORY, 
          SSLClientUtil.getSSLSocketFactoryFromSysProperties());
      
     NOTE: The clientKeyStore and clientKeyStorePasswd have this restriction:
     The SSL package of J2SE requires that the password of the client’s
     private key must be the same as the password of the client’s keystore. For
     this reason, the client keystore can include only one private key and X.509
     certificate pair.
  
 

Example 2: To get SSLSocketFactory getSSLSocketFactory(PersistentSSLInfo sslInfo) from setting string parameters

      String clientKeyStore = ...;
      String clientKeyStorePasswd = ...;
      String clientKeyAlias = ...;
      String clientKeyPass = ...;
      String trustKeystore = ...;
      String trustKeystorePasswd = ...;
      
      PersistentSSLInfo sslInfo = new PersistentSSLInfo();
      sslInfo.setKeystore(clientKeyStore);
      sslInfo.setKeystorePassword(clientKeyStorePasswd);
      sslInfo.setKeyAlias(clientKeyAlias);
      sslInfo.setKeyPassword(clientKeyPass);
      sslInfo.setTrustKeystore(trustKeystore);
      
      //user can print out the sslInfo for debug
      System.out.print(sslInfo.toString());
      
      //Put sslInfo into requestContext for persistence, it might be required by JAX-WS advance features,
      //such as, RM, Callback  
      ((BindingProvider) port).getRequestContext().put(
        JAXWSProperties.CLIENT_PERSISTENT_SSL_INFO, sslInfo);
        
      //Alternatively, you can directly set a SSLSocketFactory if persistence is not necessary
      ((BindingProvider) port).getRequestContext().put(
        JAXWSProperties.SSL_SOCKET_FACTORY, 
        SSLClientUtil.getSSLSocketFactory(sslInfo));
      
 

Since:

WebLogic 11g (Farallon)

See Also:

JAXWSProperties, PersistentSSLInfo

Field Summary

static String

RELAXED_CHECKING_DEFAULT

Method Summary

static SSLSocketFactory	getSSLSocketFactory(KeyManager[] kms, TrustManager[] tms) Get SSLSocketFactory from input KeyManagers and TrustManagers
static SSLSocketFactory	getSSLSocketFactory(PersistentSSLInfo sslInfo) Get SSLSocketFactory from input PersistentSSLInfo
static SSLSocketFactory	getSSLSocketFactoryFromSysProperties() Get SSLSocketFactory from system properties setting, these properties incude:

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

RELAXED_CHECKING_DEFAULT

public static final String RELAXED_CHECKING_DEFAULT

See Also:

Constant Field Values

Method Detail

getSSLSocketFactoryFromSysProperties

public static SSLSocketFactory getSSLSocketFactoryFromSysProperties()

Get SSLSocketFactory from system properties setting, these properties incude:

 javax.net.ssl.keyStore
 javax.net.ssl.keyStorePassword
 javax.net.ssl.trustStore
 javax.net.ssl.trustStorePasswd
 weblogic.wsee.client.ssl.relaxedtrustmanager
      The property set "true" means always trust server, ignoring the 
      properties javax.net.ssl.trustStore and javax.net.ssl.trustStorePasswd.
 

Returns:

SSLSocketFactory

getSSLSocketFactory

public static SSLSocketFactory getSSLSocketFactory(KeyManager[] kms,
                                                   TrustManager[] tms)

Get SSLSocketFactory from input KeyManagers and TrustManagers

NOTE: The system property weblogic.wsee.client.ssl.relaxedtrustmanager takes effect if being set as "true", which will ignore the TrustManagers parameter.

Parameters:

kms -

tms -

Returns:

SSLSocketFactory

getSSLSocketFactory

public static SSLSocketFactory getSSLSocketFactory(PersistentSSLInfo sslInfo)

Get SSLSocketFactory from input PersistentSSLInfo

Parameters:

sslInfo -

Returns:

SSLSocketFactory