Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using javax.xml.ws.Endpoint with HTTPS

Tags:

java

soap

https

I'm working on a project to control light and heating in buildings. The backend (written in Java) will run on a Mac Mini and should be accessible via SOAP.

I want to keep the complexity of this project to a minimum because I don't want everyone using it having to set up an application server. So up till now I worked with javax.xml.ws.Endpoint:

 Endpoint endpoint = Endpoint.create(frontendInterface);
 String uri = "http://"+config.getHost()+":"+config.getPort()+config.getPath();

 endpoint.publish(uri);

This works surprisingly well (hey, when did you last see something in Java working with just 3 lines of code?), but now I'm looking for a way to use HTTPS instead of HTTP.

Is there a way to do this without using an application server or is there another way to secure this connection?

Greetings, Marek

like image 587
marekventur Avatar asked Jan 07 '11 00:01

marekventur

1 Answers

For server:

SSLContext ssl = SSLContext.getInstance("TLS");

KeyManagerFactory keyFactory = KeyManagerFactory                    .getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore store = KeyStore.getInstance("JKS");

store.load(new FileInputStream(keystoreFile),keyPass.toCharArray());

keyFactory.init(store, keyPass.toCharArray());


TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

trustFactory.init(store);

ssl.init(keyFactory.getKeyManagers(),
trustFactory.getTrustManagers(), new SecureRandom());

HttpsConfigurator configurator = new HttpsConfigurator(ssl);

HttpsServer httpsServer = HttpsServer.create(new InetSocketAddress(hostname, port), port);

httpsServer.setHttpsConfigurator(configurator);

HttpContext httpContext = httpsServer.createContext(uri);

httpsServer.start();

endpoint.publish(httpContext);

For client, be sure you do this:

System.setProperty("javax.net.ssl.trustStore", "path");
System.setProperty("javax.net.ssl.keyStore", "password");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
//done to prevent CN verification in client keystore
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
   @Override
   public boolean verify(String hostname, SSLSession session) {
     return true;
   }
});
like image 81
BeN Avatar answered Oct 03 '22 17:10

BeN
Sign in to Comment

Related questions

Efficiency of while(true) ServerSocket Listen
Java: unmark file is read-only
How to maintain a job history using Quartz scheduler
Sorting a HashMap based on Value then Key? [duplicate]
Highlight when equality operator (==) is used for string comparisons in Eclipse
How to NOT select empty string
Glassfish Security - jdbcRealm: How to configure login with SHA-256 digest
Why is contextInitialized() called multiple times?
java barcode reader [closed]
SimpleAdapter, Text and Image in spinner
java swing vs mvc: is this pattern indeed possible?
updating JTree in java GUI
How to extend/customize a WAR with another project
What time zone does Date.toString() display?
How to force a Java Applet to Load out of Cache
What is the best server client communication protocol to use in Android and iOS?
JSP, can it work similar to yield, layout, content_for in Ruby/Rails/Erb
How to create IN OUT or OUT parameters in Java
max. length of List in Java
Exception handling pattern

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!