I have a situation in which my web service client (running in a jsp) needs to be able to dynamically change authentication parameters for accessing a partical service based off of some administrative settings. (I need help with B)
Scenario A: HTTP Basic username/password
Status: It works great, all I need to do is to pass along the username and password from the form login via the context provider object
Scenario B: Multihop with HTTPS with client certificates
User's Browser (with a user cert) to Jboss web client (in a jsp. server has it's own server cert) which then calls the web service, using the server cert as a client-cert.
Status: doesn't work and I'm not sure what I'm missing.
The overal goal is to provide some level of impresonation from the end user, through the web interface, to the web service. I'm doing this by passing along some custom headers (not that's beyond the point right now). So the question really is, what do I need to specify programmatically to setup the web service client in the jsp, in order to setup the SSL connection with client certs.
Ideally, I'd like to just steal the settings from the container, that way configuration is similified.
I've pretty sure I've done this in the past with a console app and jbossws. All I did was specificy the location of the key store via the environment properties (javax.net.ssl ...). Which leaves me a bit puzzled why it wouldn't be picked up from the stack.