![]() ![]() The source code for the client is in the HelloClient.java file of the /docs/tutorial/examples/jaxrpc/security directory. Setting Security Properties in the Client Code To learn how to update the tomcat-users.xml file with admintool, see Managing Roles. Note that the element specifies manager, a role that has already been specified in the /conf/tomcat-users.xml file. For authentication over SSL, the web.xml file includes the and elements: The files for this example are in the /docs/tutorial/examples/jaxrpc/security directory. Make sure that the SSL Connector has been added by following the instructions in Verifying SSL Support.docs/tutorial/examples/jaxrpc/security/server.keystore Table 9-3 SSL Connector Values for admintool Field In the right pane displayed by admintool, enter the values shown in Table 9-3. Follow the instructions in Adding an SSL Connector in admintool.For more information on the tool, see the appendix, Tomcat Administration Tool In this section you will add the SSL Connector by running admintool, a utility that is included with the Java WSDP. Server -file server.cer -keystore client.keystore -keypass $JAVA_HOME/bin/keytool -import -v -trustcacerts -alias tomcat. The keytool command is the same for UNIX and Windows. For basic authentication, it is only necessary to import the server certificate into the client keystore. Import the server certificate into the client's keystore.%JAVA_HOME%\bin\keytool -genkey -alias tomcat-client -keyalg Note that you must enter the server name in response to the first prompt, which asks for first and last names. Windows: The keytool utility prompts you to enter the client's server name, organizational unit, organization, locality, state, and country code. Keypass changeit -storepass changeit -keystore client.keystore $JAVA_HOME/bin/keytool -genkey -alias tomcat-client -dname $JAVA_HOME/bin/keytool -export -alias tomcat-server -storepassĬhangeit -file server.cer -keystore server.keystore ![]() Export the generated server certificate.RSA -keypass changeit -storepass changeit -keystore %JAVA_HOME%\bin\keytool -genkey -alias tomcat-server -keyalg Windows: The keytool utility prompts you to enter the server name, organizational unit, organization, locality, state, and country code. Keypass changeit -storepass changeit -keystore server.keystore $JAVA_HOME/bin/keytool -genkey -alias tomcat-server -dname UNIX: Specify the server name, such as localhost, and user identity information as arguments to keytool. Run keytool to generate the server keystore with a default password of changeit.Go to the /docs/tutorial/examples/jaxrpc/security directory.Keep in mind that the server and client keystores are created in the directory from which you run keytool. You use keytool to generate SSL certificates and export them to the appropriate server and client keystores. Generating SSL Certificates for Basic Authentication Refer to the section Mutual Authentication Over SSL for the steps for configuring the same service with mutual authentication. The steps for configuring a Web service for basic authentication over HTTP/S are outlined here. ĭetailed instructions for these steps follow. Set some properties in the client code.Add security elements to the web.xml deployment descriptor.Add an SSL Connector to Tomcat by running admintool, which is part of the Java WSDP.Use keytool, which is part of the J2SE SDK, to generate certificates and keystores.There are certain steps you take to configure a JAX-RPC Web service endpoint for HTTP/S basic and mutual authentication: Note: The instructions in this section apply only to version 1.4 of the J2SE SDK. If the topic of authentication is new to you, please refer to the chapter Web Application Security. In this section, you'll learn how to create JAX-RPC service applications that use HTTP/SSL for basic or mutual authentication. Security for JAX-RPC The Java TM Web Services Tutorial ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |