Reputation: 1
Error with soap requests on tomcat
I have a simple SOAP client application which works perfect. But when I put its piece of code into other web project (tomcat 8.5), it doesn't work. It throws exception:
19-Oct-2017 11:10:48.019 SEVERE [http-nio-8080-exec-10] com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post SAAJ0008: Bad Response; Forbidden Ошибка при отправке сообщения SOAP-серверу: com.sun.xml.messaging.saaj.SOAPExceptionImpl: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Bad response: (403Forbidden at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:164) at ls.common.objects.SOAPMessageSender.callSoapWebService(SOAPMessageSender.java:72) at ls.webSite.common.servlets.cli_GetMKBClientByIIN.processRequests(cli_GetMKBClientByIIN.java:49) at common.servlets.prototypes.AbstractServlet.processRequest(AbstractServlet.java:369) at common.servlets.prototypes.AbstractServlet.doPost(AbstractServlet.java:503) at javax.servlet.http.HttpServlet.service(HttpServlet.java:661) at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1457) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Caused by: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Bad response: (403Forbidden at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:276) at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:160) ... 28 more
Why it doesn't work on web project? Is it problem with keystore? Here is example of my code:
public class InsuranceSOAPMessageCreator {
public static SOAPMessage createSOAPMessageFromXML(String soapActionFull, String sourceXmlFile, Map<String, String> params)
throws IOException, SOAPException {
Path path = Paths.get(sourceXmlFile);
String xml = new String(Files.readAllBytes(path));
MessageFactory mf = MessageFactory.newInstance();
if(params != null){
for(Map.Entry entry : params.entrySet()){
xml = xml.replace("##$[" + entry.getKey().toString() + "]$##", entry.getValue().toString());
}
}
SOAPMessage msg = mf.createMessage(new MimeHeaders(),
new ByteArrayInputStream(xml.getBytes(Charset.forName("UTF-8"))));
msg.getMimeHeaders().addHeader("SOAPAction", soapActionFull);
return msg;
}
}
public class SOAPMessageSender {
private String nameSpaceURI;
private String endpointUrl;
private String trustStore;
private String trustStorePassword;
private String keyStore;
private String keyStorePassword;
private SOAPMessage soapResponse;
public SOAPMessageSender(){
}
public SOAPMessageSender(String endpointUrl, String nameSpaceURI, String trustStore, String trustStorePassword,
String keyStore, String keyStorePassword){
this.nameSpaceURI = nameSpaceURI;
this.keyStorePassword = keyStorePassword;
this.keyStore = keyStore;
this.trustStorePassword = trustStorePassword;
this.trustStore = trustStore;
this.endpointUrl = endpointUrl;
setSystemProperties();
}
public void setSystemProperties(){
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
System.setProperty("com.ibm.ssl.performURLHostNameVerification", "true");
System.setProperty("javax.net.ssl.trustStore", trustStore);
System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
System.setProperty("javax.net.ssl.keyStore", keyStore);
System.setProperty("javax.net.ssl.keyStorePassword",keyStorePassword);
System.setProperty("javax.net.ssl.keyStoreType", "jks");
}
public String callSoapWebService(String soapAction, String sourceXml, Map<String, String> params) {
try {
SOAPConnectionFactory scf = SOAPConnectionFactory.newInstance();
SOAPConnection sc = scf.createConnection();
/*SOAPMessage requestMsg = createSOAPMessageFromXML(nameSpaceURI + "/" + soapAction,
sourceXml, params);*/
//doTrustToCertificates();
soapResponse = sc.call(InsuranceSOAPMessageCreator.createSOAPMessageFromXML(soapAction,
sourceXml, params), endpointUrl);
ByteArrayOutputStream out = new ByteArrayOutputStream();
soapResponse.writeTo(out);
sc.close();
return out.toString();
} catch (Exception e) {
System.err.println("Ошибка при отправке сообщения SOAP-серверу:" + endpointUrl);
e.printStackTrace();
}
return null;
}
...
public static void main(String[] args){
//works fine here (on local run main method)
Map <String, String> authenticationData = new HashMap<>();
authenticationData.put("login", "user");
authenticationData.put("password", "pass");
SOAPMessageSender me = new SOAPMessageSender("https://somehost/someservice.asmx",
"https://someuri",
"/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts",
"password",
"/path/to/mykey.jks",
"password");
String resultXml = me.callSoapWebService("someaction",
"/path/to/AuthenticateUser.xml", authenticationData);
System.out.println(resultXml);
}
}
Upvotes: 0
Views: 1874
Answers (1)
Reputation: 1
Problem is Solved. Tomcat just couldn't get jks file specified in System.setProperty() and I solved it by using java.security.KeyStore object. Here is my added method:
public void loadKeyStoreAndDoTrustToCertificates(String ksFile, String ksPass, String tsAlgo) throws Exception {
FileInputStream ksCert = new FileInputStream(ksFile);
KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(ksCert, ksPass.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(tsAlgo);
kmf.init(ks, ksPass.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tsAlgo);
tmf.init(ks);
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(kmf.getKeyManagers(), null, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
if (!urlHostName.equalsIgnoreCase(session.getPeerHost())) {
System.out.println("Ошибка: URL хост '" + urlHostName + "' отличается SSL хоста'" + session.getPeerHost() + "'.");
}
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
Upvotes: 0
Related Questions
- Java connect to SOAP web service using SSL handshake failure
- SOAP Client SSL, failed authentication
- Calling WebService and having SSL / cert issue
- SOAP Request with HTTP Client with client certification connection timed out Exception
- SSLHandshakeException: No subject alternative names present
- Java SSL handshake error - Tomcat keystore
- Tomcat server.xml SSLEnable issue
- ssl handShake failure soap
- Java TLS client can't find certificate when accessing soap service
- ssl tomcat certificate error