Plirkee Plirkee - 1 month ago 17
Java Question

java web service jax-ws client authentication Tomcat not working

I have the following client that consumes web service that is running on tomcat (local host)

Client

import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.handler.MessageContext;

public class NewClass {
static {
//for localhost testing only
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier(){
public boolean verify(String hostname,
javax.net.ssl.SSLSession sslSession) {
if (hostname.equals("localhost")) {
return true;
}
return false;
}
});
}
public static void main(String[] args) {

System.out.println(receive(5));

}
private static java.util.List<java.lang.Object> receive(int resNumber) {

System.setProperty("javax.net.ssl.trustStore","c:\\mylocalhost.jks"); //path to jks
System.setProperty("javax.net.ssl.trustStorePassword","****"); //path to jks
System.setProperty("javax.net.ssl.keyStore","c:\\myclient.jks"); //path to jks
System.setProperty("javax.net.ssl.keyStorePassword","*****"); //path to jks
System.setProperty("javax.net.debug","all");

client.NewWebService_Service service = new client.NewWebService_Service();
client.NewWebService port = service.getNewWebServicePort();
java.util.Map<String,Object> rmap = ((BindingProvider)port).getRequestContext();
java.util.Map<String,List<String>> header= new HashMap();
header.put("Username", Collections.singletonList("1"));
header.put("Password", Collections.singletonList("1"));

rmap.put(MessageContext.HTTP_REQUEST_HEADERS , header);
rmap.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,"https://localhost:8443/WSTest1/NewWebService");
return port.receiveData(resNumber);

}

}


Now on tomcat I have the following in server.xml

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true"

keystoreFile="conf/mytomcatkeystore.jks" clientAuth="false" scheme="https" secure="true"
/>


and I am using following options to start tomcat

set JAVA_OPTS="-Djavax.net.ssl.trustStore=file:///c:/mylocalhost.jks" "-Djavax.net.ssl.trustStorePassword=****" "-Djavax.net.debug=all"


Now, web service call over ssl works fine when
clientAuth="false"
however if
I set
clientAuth="true"
in server.xml I get the following error.

com.sun.xml.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?


Tried to search for solution on many sites - with no luck.
If somebody can help - will be grateful.

Answer

O.K. After many frustrating hours, I finally found the solution, thanks to this SO post.

So the solution was to comment out the following line inside the server.xml

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />