Monday, June 29, 2009

Web Service Security

Web Service Security Encryption with Rampart 1.4 and Axis2 1.4.1

Writing Client Based on the .JKS and .CER files

  • Download (Standard Binary Distribution) from axis site, the URL is
  • Download (Standard Binary Distribution) from Apache Rampart, the URL is
  • Copy these 2 zip files in C:\ and extract it.
Creating Project in Eclipse AND CREATING CLIENT AND STUB
  • Create a new Project in C:\ using Eclipse with the name TestWSS. File --> New --> Java Project
  • Set your class path to JAVA_HOME
  • Open Command Prompt and Go to C:\axis2-1.4.1-bin\axis2-1.4.1\bin
  • Execute axis2.bat
  • Copy your wsdl file into C:\axis2-1.4.1-bin\axis2-1.4.1\bin (Assume the wsdl file name is meal.wsdl).
  • Execute the below command from command prompt
  • C:\axis2-1.4.1-bin\axis2-1.4.1\bin>wsdl2java -uri C:\axis2-1.4.1-bin\axis2-1.4.1\bin\meal.wsdl
  • After executing the above command you will get the stub and Handler class in the C:\axis2-1.4.1-bin\axis2-1.4.1\bin with package.
Placing Client Files in Project SRC and applying signature through Rampart 1.4
  • Copy generated file into C:\TestWSS\src folder.
  • Create a folder parallel to src with the name client-repo and copy module directory from C:\rampart-dist-1.4-bin\rampart-1.4\ to C:\TestWSS\client-repo.
  • This module folder should contain rampart-1.4.mar and addressing-1.41.mar
  • Add all .jar files present in the C:\rampart-dist-1.4-bin\rampart-1.4\lib directory needs to add to the Eclipse Project build path.
  • Add all .jar files present in the C:\axis2-1.4-bin\axis2-1.4\lib directory needs to add to the Eclipse Project build path.
  • Refresh the project in Eclipse and compile it this time you won’t get any compilation errors because we already set the required jars to the class path.
Writing Client Policy File
As you can see, the above security policy contains two main security assertions: an asymmetric binding assertion and a signed parts assertion. Asymmetric binding defines what keys to be used and a few additional properties such as which algorithms to be used in cryptographic operations, layout of the security header, etc. Signed parts assertion defines what parts of the message should be signed. In this tutorial we will be signing the SOAP body of the message.

No comments:

Post a Comment