Wednesday, May 02, 2012

How easy to test your web service over HTTPS


I have seen many times people having issues with testing web services over HTTPS. This is not an unexpected behavior because number of improvements have been introduced from Axis2 1.5 release for HTTPS transport. With older versions it is possible to use HTTPS transport with Simple HTTPServer and some people already familiar with it too, but recent Axis2 releases no longer support for this option and it is compulsory to use Servlet transport  in order to enable HTTPS.

Above modifications doesn't effect much on production systems because it's always recommend to use an Application server for production systems. When it come to development  stage this changes required to use a Servlet container to test HTTPS services, Apache Tomcat is one of the good choice for this.

In this post I will discuss how to use Maven Jetty Plug-in to test Axis2 HTTPS transport very easily, all you need is to follow few steps that I have given below.

Step -1  Configure Axis2 for HTTPS transport.

It is required to define AxisServletListener in your axis2.xml for HTTPS transport, in case  if you want to use both HTTP ad HTTPS it is possible to define AxisServletListener as two entries with two ports this guide provide more details about this. If you don't have axis2.xml file copy it from binary distribution and replace existing  " transportReceiver " with following entries.

  <transportReceiver name="http"  
     class="org.apache.axis2.transport.http.AxisServletListener">  
     <parameter name="port">8080</parameter>  
   </transportReceiver>  
   <transportReceiver name="https"  
     class="org.apache.axis2.transport.http.AxisServletListener">  
     <parameter name="port">8443</parameter>  
   </transportReceiver>   

Step - 2  Generate KeyStore.

Usually this is kind of a time wasting task but fortunately you can use keytool-maven-plugin to auto-generate keystore in each run. The only required step is add following entries into your POM file and it will save your time a lot.

       <plugin>  
         <groupId>org.codehaus.mojo</groupId>  
         <artifactId>keytool-maven-plugin</artifactId>  
         <executions>  
           <execution>  
             <phase>generate-resources</phase>  
             <id>clean</id>  
             <goals>  
               <goal>clean</goal>  
             </goals>  
           </execution>  
           <execution>  
             <phase>generate-resources</phase>  
             <id>genkey</id>  
             <goals>  
               <goal>genkey</goal>  
             </goals>  
           </execution>  
         </executions>  
         <configuration>  
           <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>  
           <dname>cn=localhost</dname>  
           <keypass>axis2key</keypass>  
           <storepass>axis2key</storepass>  
           <alias>axis2key</alias>  
           <keyalg>RSA</keyalg>  
         </configuration>  
       </plugin>  


Spacial Note - Above approach is not an replacement for production server configurations . It is highly recommend to follow standard procedures to configure production servers for HTTPS.

Step - 3  Configure and Run the service.

Now you need to add SSL Connectors for the Jetty configuration by adding following entries.

  <plugin>  
         <groupId>org.mortbay.jetty</groupId>  
         <artifactId>maven-jetty-plugin</artifactId>  
         <configuration>  
           <webAppConfig>  
             <contextPath>/</contextPath>  
           </webAppConfig>  
           <connectors>  
             <connector  
               implementation="org.mortbay.jetty.security.SslSocketConnector">  
               <port>8443</port>  
               <maxIdleTime>60000</maxIdleTime>  
               <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>  
               <password>axis2key</password>  
               <keyPassword>axis2key</keyPassword>  
             </connector>  
             <connector  
               implementation="org.mortbay.jetty.nio.SelectChannelConnector">  
               <port>8080</port>  
               <maxIdleTime>60000</maxIdleTime>  
             </connector>  
           </connectors>  
         </configuration>  
       </plugin>  

Run "mvn Jetty:run " this will start jetty server with both HTTP and HTTPS connectors . Now you can access to the  WSDL content over HTTPS. According to above example you can fine WSDL file here.


Step- 04 - Configure  Client.

Since now you can access to the WSDL file you are free to use any of your client side preferences to create a WS client , you may generate stub or possible to write service/operation clients. Before you invoke your service you need to perform one more extra step, that is provide your key store details to Java run time . In simply we can use above generated keystore with our client too.

Add following two lines before you invoke your client.

 System.setProperty("javax.net.ssl.trustStore","[location]/jetty-ssl.keystore");  
 System.setProperty("javax.net.ssl.trustStorePassword", "axis2key");  


You can download full source code for this sample from here.








1 comment:

Anonymous said...

Thank you so much

I wasted so much yime on this.... It's So easy....