I am consuming a webservice in java. This service is using UserNameToken, Timestamp and Signature for message level security. I have been given SoapUI project file(xml) to try and get the data from the service. Everything works fine in SoapUI.
Now when I am trying to use the same soapUI file to generate the artifacts, I am getting a message "Receiver Policy falsified"
. Why is that I can connect to the service in soapUI, but I can not in java?
So I found out that I am not sending a keystore using Transport Layer Security. How do I send this in a SOAP request. I have done similar setting in SOAP UI in SSL settings and it works there.
This is my code for SOAP request in java
SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory.newInstance();
SOAPConnection soapConnection = soapConnectionFactory.createConnection();
String url = "https://abc.org/test/ApplicantInformationService"; // Test System Web Service URL
SSLSocketFactory sslSocketFactory = getSSLSocketFactory();
conn = urlOnly.openConnection();
if (conn instanceof HttpsURLConnection) {
((HttpsURLConnection) conn).setSSLSocketFactory(sslSocketFactory);
((HttpsURLConnection) conn).setRequestMethod("POST");
}
conn.setRequestProperty("Content-Type", "application/soap+xml;charset=UTF-8");
conn.setDoOutput(true);
SOAPMessage message = createSOAPRequest(user);
ByteArrayOutputStream os1 = new ByteArrayOutputStream();
message.writeTo(os1);
String requestXml = new String(os1.toByteArray());
OutputStreamWriter out = new OutputStreamWriter(conn.getOutputStream());
out.write(requestXml);
out.flush();
if(out != null){
out.close();
}
String line = "";
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String responseNewWay = "";
while ((line = in.readLine()) != null) {
responseNewWay = responseNewWay + line;
}
//SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(user), url);
//soapConnection.close();
//ByteArrayOutputStream os = new ByteArrayOutputStream();
//soapResponse.writeTo(os);
//String responseXml = new String(os.toByteArray());
And SSLFactory Code is like this
private static SSLSocketFactory getSSLSocketFactory()
throws KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, IOException, KeyManagementException{
SSLSocketFactory sslsf = null;
String keyStoreFileName = Preference.portalDir() + "mydocs/keystore.jks";
String keyStorePath = ClassLoader.getSystemResource(keyStoreFileName).getPath();
String keyStoreType = "JKS";
String keyStorePassword = "mypassword";
String trustStoreFileName = Preference.portalDir() + "mydocs/keystore.jks";
String trustStorePath = ClassLoader.getSystemResource(trustStoreFileName).getPath();
String trustStorePassword = "mypassword";
String alias = "clientcertificate";
Properties systemProps = System.getProperties();
systemProps.put("javax.net.ssl.keyStore", keyStorePath);
systemProps.put("javax.net.ssl.keyStorePassword", keyStorePassword);
systemProps.put("javax.net.ssl.keyStoreType", keyStoreType);
systemProps.put("javax.net.ssl.trustStore", trustStorePath);
systemProps.put("javax.net.ssl.trustStoreType", "JKS");
systemProps.put("javax.net.ssl.trustStorePassword", trustStorePassword);
System.setProperties(systemProps);
KeyManager[] keyManagers = createKeyManagers(keyStoreFileName,keyStorePassword, alias);
TrustManager[] trustManagers = createTrustManagers(trustStoreFileName, trustStorePassword);
sslsf = initItAll(keyManagers, trustManagers);
return sslsf;
}
And the error SOAP response i am getting is like this
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Body>
<soapenv:Fault>
<soapenv:Code>
<soapenv:Value>soapenv:Receiver</soapenv:Value>
</soapenv:Code>
<soapenv:Reason>
<soapenv:Text xml:lang="en-US">Policy Falsified</soapenv:Text>
</soapenv:Reason>
<soapenv:Role>https://abc.org/test/ApplicantInformationService</soapenv:Role>
<soapenv:Detail>
<l7:policyResult
status="Service Not Found. The request may have been sent to an invalid URL, or intended for an unsupported operation." xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
</soapenv:Detail>
</soapenv:Fault>
</soapenv:Body>
Now I am getting this error
Server returned HTTP response code: 500 for URL: https://abc.org/test/ApplicantInformationService
Maybe you have to append "?wsdl" at the end of the url string:
String url = "https://abc.org/test/ApplicantInformationService?wsdl";
Could you please post your createSOAPRequest method code?, I think you have not any certificate problems with the request because you are receiving a valid SOAP response from server, looks like something is wrong with your security headers, check your request SOAP message for the Timestamp element, maybe you are sending an incorrect value for created or expires tags and the server rejects your request.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With