[jboss-user] [Remoting] - Re: https invoke with Remoting

jopersson do-not-reply at jboss.com
Thu Oct 30 12:14:18 EDT 2008 

Thing is our Jboss server is not https aware but we have confirmed 
by enabling https on Jboss that Swing app can talk to Jboss server with:

  |        // Swing client.
  |        service = new KService(wsdlURL, new QName(namespaceURI, localpart));
  |        port = service.getKPort();        
  |        ((StubExt)port).setConfigName("Standard WSSecurity Client");   
  |        Map<String, Object> reqContext = ((BindingProvider) port).getRequestContext();
  |        reqContext.put(StubExt.PROPERTY_AUTH_TYPE, StubExt.PROPERTY_AUTH_TYPE_WSSE);
  |        reqContext.put(StubExt.PROPERTY_KEY_STORE, "C:/k/client.keystore");
  |        reqContext.put(StubExt.PROPERTY_KEY_STORE_PASSWORD, "123456");
  |        reqContext.put(StubExt.PROPERTY_TRUST_STORE, "C:/k/client.truststore");
  |        reqContext.put(StubExt.PROPERTY_TRUST_STORE_PASSWORD, "123456");                  
  |        String kEnpointAddress = "https://test.k.se/KService";
  |        ((BindingProvider) port).getRequestContext().put(
  |                 BindingProvider.ENDPOINT_ADDRESS_PROPERTY, 
  |                         kassagirotEnpointAddress);
  |                         
  | 	// C:\jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml
  | 	     <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
  | 		        maxThreads="150" scheme="https" secure="true" 
  | 		        clientAuth="true" sslProtocol="TLS" strategy="ms" 
  | 		        address="${jboss.bind.address}" 
  | 		        keystoreFile="C:/k/server.keystore" 
  | 		        keystorePass="123456"
  | 		        truststoreFile="C:/k/server.truststore" 
  | 	        truststorePass="123456" />
  | 
This gives correct certificate exchange and everything works fine.

Our problem is that a security product Portwise sits between Swing client
and Jboss server. Portwise is configured to do client cert authentication and after that call Jboss placed in DMZ:
swing-soap-https--->portwise-https--->jboss-http

We are looking for a way to work around this problem by configuring JbossWS or JbossRemoting in the Swing client app, would like to try ssl socket factory but not sure how to do this when soap/jax-ws is involved (having ws-security in client with endorsed jboss binaries)?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185783#4185783

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185783

More information about the jboss-user mailing list