[jboss-user] [Security & JAAS/JBoss] - Invoking external WebService over https

[stbutler11]

I would like to invoke a WebService over https from within my web application.  The WebService is running on an external server. Is there a way to specify the keystore and truststore that are used without using the system properties for these values?

I've tried using a security domain by adding the following to $JBOSS_HOME/server/[my_profile]/conf/jboss-service.xml:


  | <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
  |         name="jboss.security:service=JaasSecurityDomain,domain=my-domain">
  |         <depends>jboss.security:service=JaasSecurityManager</depends>
  |         <constructor>
  |         <arg type="java.lang.String" value="my-domain" />
  |         </constructor>
  | 
  |         <attribute name="ManagerServiceName">jboss.security:service=JaasSecurityManager</attribute>
  |         <attribute name="KeyStoreURL">/tmp/keystore</attribute>
  |         <attribute name="KeyStorePass">password</attribute>
  |         <attribute name="TrustStoreURL">/tmp/keystore</attribute>
  |         <attribute name="TrustStorePass">password</attribute>
  |    </mbean>
  | 

and in the jboss-web.xml of my web app:

  | <jboss-web>
  |    <security-domain>java:/jaas/my-domain</security-domain>
  |    ...
  | 

I've set the system property  javax.net.debug=ssl in run.sh. It looks like the default keystore and truststore  are being used when the connection is made from my web app. The debug prints out :
trustStore is: /usr/jdk/instances/jdk1.6.0_07/jre/lib/security/cacerts

Should this work or is there a better way to invoke an external webservice from jboss over https?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4193046#4193046

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4193046