Skip to main content

wsimport for WCF using wsHttpBinding

40 replies [Last post]
billa1
Offline
Joined: 2006-03-29

Hi all,

I have a WCF configuration with a wsHttpBinding which looks like this:

what does my wsimport command has to look like in order to generate the java artifacts? I am currently using a build.xml from the samples directory to generate the artifacts. It looks like this:

Do I need to specify more options?

I always get the warning: SOAP port "WSHttpBinding_IDWService": uses a non-standard SOAP 1.2 binding.

What Do I need to do to implement this security on the Java side?

Thanks

Mirco

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
billa1
Offline
Joined: 2006-03-29

Hi,

OK I am using the libs you told me.
Is it OK if I use activation.jar from NB directory. C:\Program Files\netbeans-5.5.1\ide7\modules\ext\jaxws21 ??

Now I also get the message that the wsit-client.xml is loaded.
But I also get this error.

init:
deps-jar:
wsimport-init:
wsimport-client-check-DWService:
wsimport-client-DWService:
wsimport-client-generate:
wsimport-client-compile:
compile:
run:
25.10.2007 13:06:47 [com.sun.xml.ws.policy.jaxws.PolicyConfigParser] parseModel
INFO: WSP1049: Loaded WSIT configuration from file: file:/D:/netbeans-workspace/wsitTest/build/classes/META-INF/wsit-client.xml
1
25.10.2007 13:06:48 com.sun.xml.ws.security.impl.policy.Constants log_invalid_assertion
WARNUNG: SP0100: Policy assertion Assertion {
assertion data {
namespace = 'http://schemas.microsoft.com/ws/2005/07/securitypolicy'
prefix = 'mssp'
local name = 'SslContextToken'
value = 'null'
attributes {
name = 'http://schemas.xmlsoap.org/ws/2005/07/securitypolicy:IncludeToken', value = 'http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient'
}
}
no parameters
nested policy {
id = 'null'
name = 'null'
vocabulary {
1. entry = 'http://schemas.microsoft.com/ws/2005/07/securitypolicy:RequireClientCertificate'
2. entry = 'http://schemas.xmlsoap.org/ws/2005/07/securitypolicy:RequireDerivedKeys'
}
assertion set {
Assertion {
assertion data {
namespace = 'http://schemas.microsoft.com/ws/2005/07/securitypolicy'
prefix = 'mssp'
local name = 'RequireClientCertificate'
value = 'null'
no attributes
}
no parameters
no nested policy
}
Assertion {
assertion data {
namespace = 'http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'
prefix = 'sp'
local name = 'RequireDerivedKeys'
value = 'null'
no attributes
}
no parameters
no nested policy
}
}
}
} is not supported under Token assertion.
Exception in thread "main" java.lang.NullPointerException
at com.sun.xml.ws.security.impl.policyconv.BindingProcessor.addPrimaryTargets(BindingProcessor.java:188)
at com.sun.xml.ws.security.impl.policyconv.SymmetricBindingProcessor.process(SymmetricBindingProcessor.java:143)
at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process(XWSSPolicyGenerator.java:173)
at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process(XWSSPolicyGenerator.java:135)
at com.sun.xml.wss.jaxws.impl.SecurityPipeBase.constructPolicyHolder(SecurityPipeBase.java:1152)
at com.sun.xml.wss.jaxws.impl.SecurityClientPipe.addIncomingProtocolPolicy(SecurityClientPipe.java:399)
at com.sun.xml.wss.jaxws.impl.SecurityPipeBase.buildProtocolPolicy(SecurityPipeBase.java:1105)
at com.sun.xml.wss.jaxws.impl.SecurityPipeBase.collectPolicies(SecurityPipeBase.java:671)
at com.sun.xml.wss.jaxws.impl.SecurityPipeBase.(SecurityPipeBase.java:286)
at com.sun.xml.wss.jaxws.impl.SecurityClientPipe.(SecurityClientPipe.java:109)
at com.sun.xml.ws.assembler.PipelineAssemblerFactoryImpl$WsitPipelineAssembler.createClient(PipelineAssemblerFactoryImpl.java:219)
at com.sun.xml.ws.api.pipe.TubelineAssemblerFactory$TubelineAssemblerAdapter.createClient(TubelineAssemblerFactory.java:136)
at com.sun.xml.ws.client.WSServiceDelegate.createPipeline(WSServiceDelegate.java:411)
at com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:572)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:320)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:302)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:295)
at javax.xml.ws.Service.getPort(Service.java:92)
at wsittest.DWService.getWSHttpBindingIDWService(DWService.java:51)
at wsittest.Main.main(Main.java:30)
Java Result: 1
BUILD SUCCESSFUL (total time: 2 seconds)

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

This is now a big improvement....
So your WCF service is using mssp:SslContextToken assertion. This is a WCF proprietary assertion and WSIT does not support this.

You should change the Authentication Mode in WCF service configuration from MutualSslNegotiated/UserNameForSslNegotiated (i am not sure which of the two modes your service is using) to MutualCertificate

http://msdn2.microsoft.com/en-us/library/aa738565.aspx

Alternatively just attach your WCF service configuration and i will take a look.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I have attached my WCF service configuration.

Please tell me what needs to be changed.

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

I see the following : negotiateServiceCredential="true" , can you set this to false.

thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

negotiateServiceCredential is used in Binding2 which I am not using anywhere. It is only defined.
The relevant Binding which I use in the Services is Binding4.
This is assigned to the services through bindingConfiguration="Binding4"

Bye

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Can you try :

OR

The second one should result in a Secure Conversation session being established after initial certificate authentication.

Message was edited by: kumarjayanti

billa1
Offline
Joined: 2006-03-29

Hi,

I am using the second configuration you mentioned because the first breaks the WSDL.
Now when using the second configuration I get the following:

run:
26.10.2007 14:19:07 [com.sun.xml.ws.policy.jaxws.PolicyConfigParser] parseModel
INFO: WSP1049: Loaded WSIT configuration from file: file:/D:/netbeans-workspace/wsitTest/build/classes/META-INF/wsit-client.xml
1
2
26.10.2007 14:19:10 com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor encryptData
SCHWERWIEGEND: WSS1906: Invalid key provided for encryption/decryption.
java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Exception in thread "DataHandler.getInputStream" com.sun.xml.wss.impl.XWSSecurityRuntimeException: Unable to calculate cipher value as invalid key was provided
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:255)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
... 5 more
26.10.2007 14:19:10 com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor encryptData
SCHWERWIEGEND: WSS1906: Invalid key provided for encryption/decryption.
java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Exception in thread "DataHandler.getInputStream" com.sun.xml.wss.impl.XWSSecurityRuntimeException: Unable to calculate cipher value as invalid key was provided
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:255)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
... 5 more
26.10.2007 14:19:11 com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor encryptData
SCHWERWIEGEND: WSS1906: Invalid key provided for encryption/decryption.
java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Exception in thread "DataHandler.getInputStream" com.sun.xml.wss.impl.XWSSecurityRuntimeException: Unable to calculate cipher value as invalid key was provided
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:255)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
... 5 more
26.10.2007 14:19:11 com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor encryptData
SCHWERWIEGEND: WSS1906: Invalid key provided for encryption/decryption.
java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Exception in thread "DataHandler.getInputStream" com.sun.xml.wss.impl.XWSSecurityRuntimeException: Unable to calculate cipher value as invalid key was provided
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:255)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encrypt(CryptoProcessor.java:140)
at com.sun.xml.ws.security.opt.impl.util.CVDataHandler.writeTo(CVDataHandler.java:69)
at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:883)
at javax.activation.DataHandler$1.run(DataHandler.java:265)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.initCipher(CryptoProcessor.java:116)
at com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor.encryptData(CryptoProcessor.java:209)
... 5 more
Exception in thread "main" javax.xml.ws.WebServiceException: com.sun.xml.ws.rm.RMException: javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message.
at com.sun.xml.ws.rm.jaxws.runtime.client.RMClientPipe.process(RMClientPipe.java:651)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
at com.sun.xml.ws.client.Stub.process(Stub.java:248)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:134)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:244)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:224)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:117)
at $Proxy42.login(Unknown Source)
at wsittest.Main.main(Main.java:33)
Caused by: com.sun.xml.ws.rm.RMException: javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message.
at com.sun.xml.ws.rm.jaxws.runtime.client.ClientOutboundSequence.connect(ClientOutboundSequence.java:382)
at com.sun.xml.ws.rm.jaxws.runtime.client.RMClientPipe.initialize(RMClientPipe.java:319)
at com.sun.xml.ws.rm.jaxws.runtime.client.RMClientPipe.process(RMClientPipe.java:595)
... 12 more
Caused by: javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message.
at com.sun.xml.ws.security.secconv.WSSCPlugin.sendRequest(WSSCPlugin.java:296)
at com.sun.xml.ws.security.secconv.WSSCPlugin.process(WSSCPlugin.java:179)
at com.sun.xml.wss.jaxws.impl.SecurityClientPipe.invokeSCPlugin(SecurityClientPipe.java:265)
at com.sun.xml.wss.jaxws.impl.SecurityClientPipe.process(SecurityClientPipe.java:157)
at com.sun.xml.ws.rm.jaxws.runtime.client.ProtocolMessageSender.sendCreateSequence(ProtocolMessageSender.java:173)
at com.sun.xml.ws.rm.jaxws.runtime.client.ClientOutboundSequence.connect(ClientOutboundSequence.java:348)
... 14 more
Java Result: 1
BUILD SUCCESSFUL (total time: 4 seconds)

Thanks

shyam_rao
Offline
Joined: 2006-05-05

It is related to the java security export policy for restricting the key size to be used

Go to

http://java.sun.com/javase/downloads/index_jdk5.jsp

and download

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0.

Unzip the downloaded file and put the jars in the directory JAVA_HOME\jre\lib\security by override the existing one.

billa1
Offline
Joined: 2006-03-29

Yes, this was the problem.

It is all working now. Thanks everyone for the help.

Mirco

billa1
Offline
Joined: 2006-03-29

Hi,

running without security works also for the Java client.

Regards

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

You have to select JAXWS and not JAXRPC. Can you take a Thread Dump as i suggested and send it.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

OK I ran the application on the command line. This is the stack trace which was produced when I hit ctrl-break

D:\netbeans-workspace\wsitTest\dist>java -jar wsitTest.jar
1
2
2007-10-22 09:21:41
Full thread dump Java HotSpot(TM) Client VM (1.6.0_03-b05 mixed mode):

"Low Memory Detector" daemon prio=6 tid=0x0aa9d000 nid=0x2c4 runnable [0x00000000..0x00000000]
java.lang.Thread.State: RUNNABLE

"CompilerThread0" daemon prio=10 tid=0x0aa98400 nid=0xb28 waiting on condition [0x00000000..0x0acef71c]
java.lang.Thread.State: RUNNABLE

"Attach Listener" daemon prio=10 tid=0x0aa97000 nid=0x1a4 runnable [0x00000000..0x00000000]
java.lang.Thread.State: RUNNABLE

"Signal Dispatcher" daemon prio=10 tid=0x0aa96000 nid=0xdc0 waiting on condition [0x00000000..0x00000000]
java.lang.Thread.State: RUNNABLE

"Finalizer" daemon prio=8 tid=0x0aa88400 nid=0x12fc in Object.wait() [0x0abff000..0x0abffc94]
java.lang.Thread.State: WAITING (on object monitor)
at java.lang.Object.wait(Native Method)
- waiting on <0x02e999e8> (a java.lang.ref.ReferenceQueue$Lock)
at java.lang.ref.ReferenceQueue.remove(Unknown Source)
- locked <0x02e999e8> (a java.lang.ref.ReferenceQueue$Lock)
at java.lang.ref.ReferenceQueue.remove(Unknown Source)
at java.lang.ref.Finalizer$FinalizerThread.run(Unknown Source)

"Reference Handler" daemon prio=10 tid=0x0aa84000 nid=0xde0 in Object.wait() [0x0abaf000..0x0abafd14]
java.lang.Thread.State: WAITING (on object monitor)
at java.lang.Object.wait(Native Method)
- waiting on <0x02e99a78> (a java.lang.ref.Reference$Lock)
at java.lang.Object.wait(Object.java:485)
at java.lang.ref.Reference$ReferenceHandler.run(Unknown Source)
- locked <0x02e99a78> (a java.lang.ref.Reference$Lock)

"main" prio=6 tid=0x00296400 nid=0x810 runnable [0x0090f000..0x0090fe5c]
java.lang.Thread.State: RUNNABLE
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at java.io.BufferedInputStream.fill(Unknown Source)
at java.io.BufferedInputStream.read1(Unknown Source)
at java.io.BufferedInputStream.read(Unknown Source)
- locked <0x02a29170> (a java.io.BufferedInputStream)
at sun.net.www.http.HttpClient.parseHTTPHeader(Unknown Source)
at sun.net.www.http.HttpClient.parseHTTP(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
- locked <0x029975a0> (a sun.net.www.protocol.http.HttpURLConnection)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)
at com.sun.xml.ws.transport.http.client.HttpClientTransport.checkResponseCode(HttpClientTransport.java:186)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:137)
at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:74)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:559)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:518)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:503)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:400)
- locked <0x02a803d0> (a com.sun.xml.ws.api.pipe.Fiber)
at com.sun.xml.ws.client.Stub.process(Stub.java:235)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:120)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:230)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:210)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:103)
at $Proxy35.login(Unknown Source)
at wsittest.Main.main(Main.java:33)

"VM Thread" prio=10 tid=0x0aa7f800 nid=0x524 runnable

"VM Periodic Task Thread" prio=10 tid=0x0aaa7800 nid=0x1208 waiting on condition

JNI global references: 678

Heap
def new generation total 960K, used 682K [0x02990000, 0x02a90000, 0x02e70000)
eden space 896K, 71% used [0x02990000, 0x02a2fbc8, 0x02a70000)
from space 64K, 67% used [0x02a80000, 0x02a8ad70, 0x02a90000)
to space 64K, 0% used [0x02a70000, 0x02a70000, 0x02a80000)
tenured generation total 4096K, used 1494K [0x02e70000, 0x03270000, 0x06990000)
the space 4096K, 36% used [0x02e70000, 0x02fe5b08, 0x02fe5c00, 0x03270000)
compacting perm gen total 12288K, used 7817K [0x06990000, 0x07590000, 0x0a990000)
the space 12288K, 63% used [0x06990000, 0x07132778, 0x07132800, 0x07590000)
No shared spaces configured.

The message is still plain text when I look at my TCP Trace, so no encoding.

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

This just seems to be waiting for the http response code using a blocking read

at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at java.io.BufferedInputStream.fill(Unknown Source)
at java.io.BufferedInputStream.read1(Unknown Source)
at java.io.BufferedInputStream.read(Unknown Source)
- locked <0x02a29170> (a java.io.BufferedInputStream)
at sun.net.www.http.HttpClient.parseHTTPHeader(Unknown Source)
at sun.net.www.http.HttpClient.parseHTTP(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
- locked <0x029975a0> (a sun.net.www.protocol.http.HttpURLConnection)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)

And so it seems to indicate server is not sending a response yet....

I am confused and feeling sorry that you have been stuck for such a long time now. Does the hang occur when you try a secure java client against secure java WebService as well ?.

Thanks.

dgilbertcragmont
Offline
Joined: 2007-10-10

Hi kumarjayanti,

I have been working on the same problem and following this thread and I have had the same experience as reported by billa1 - the client hangs when calling a service using a wshttp binding.

I have seen a couple of references to building a client to run as a web app within the glassfish app server - just for explicitness, can I run as a stand alone client? This is what I am doing, but I don't know if WSIT is designed to support this.

If so, are the wsit-client.xml and service.xml config files used by a stand alone client and should they be created by default by the WSIT netbeans plugin? If I do not want to change the defaults or use a client certificate, are these files needed?

Thanks for your help,

David

kumarjayanti
Offline
Joined: 2003-12-10

> have been working on the same problem and following
> this thread and I have had the same experience as
> reported by billa1 - the client hangs when calling a
> service using a wshttp binding.

I am very eager to get to the root cause for this. The Thread Dump sent by billa1 did not help, it just seems to indicate the Java Client is waiting for a Response from the WCF Service.

If one you of you can help find out the root cause it will be great.

>
> I have seen a couple of references to building a
> client to run as a web app within the glassfish app
> server - just for explicitness, can I run as a stand
> alone client? This is what I am doing, but I don't
> know if WSIT is designed to support this.
>

Yes it should work even if it is a standalone client. Try using NetBeans 5.5.1 instead of NB6 and try it out, it should work. The only thing that may happen when using 5.5.1 is that the wsit-client.xml maynot be in classpath so you will just have to add it.

> If so, are the wsit-client.xml and service.xml config
> files used by a stand alone client and should they be
> created by default by the WSIT netbeans plugin?
yes they should be created...

thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I am kind of glad I am not the only having such strange problems ;-)

I think that the root cause is that the Java client produces the wrong request to the WCF service. The attached WCF-call.txt shows how the XML messages look when I use a secure WCF client for the secured WCF service. The messages are encrypted and several messages are sent one after the other probably to negotiate some security mechanisms.
If you look at the XML message produced by the Java wsit client nothing is encrypted at all. I think at that stage the WCF service waits for more data to come since it expects some encrypted or certificate message but the Java side does not deliver this. I think this is the reason for the hanging. I have also found no way of debugging into this problem on the WCF side because it is deep down in the Web Service hosting classes of .NET and, as you know Microsoft is not that open to provide its source code yet. ;-)

Both attached files of course log the call to the exactly same WCF service method.

For some reason it looks like that the wsit client ignores all of the security settings done in the wsit-client.xml and service.xml. I have of course put it on the classpath but it still does not seem to find it.

Bye

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

The negotiation should also happen with Java Client if only the wsit-client.xml was read....

the wsit-client.xml file should be inside META-INF directory and you should add the absolute path to META-INF directory to your classpath. Alternatively if the META-INF and wsit-client.xml are inside your client jar then there is nothing more required other than having the jar in classpath.

Now the wsit-client.xml will be ignored only if you are running JDK6 and or with NB6 (because of some config issues). Essentially the wrong version of JAXWS is getting used somehow (because of which some of the wsit related META-INF/services which read the wsit-client.xml are not getting registered).

Can you try running your Client using NB551 (loaded with wsit-plugin) or just try running it outside NB using JDK5 and just setting the classpath to contain all the webserivces-*.jar files.

thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I have been using NB551 all the time with JDK5 as well as JDK6.
I have also tried running with JDK5 on the command line.
Same problem with all approaches.It still hangs.

I have looked in the Manifest file in my client.jar.

It looks liek this:

lib/activation.jar lib/FastInfoset.jar lib/http.jar lib/ja
xb-api.jar lib/jaxb-impl.jar lib/jaxb-xjc.jar lib/jaxws-api.jar lib/j
axws-rt.jar lib/jaxws-tools.jar lib/jsr173_api.jar lib/jsr181-api.jar
lib/jsr250-api.jar lib/saaj-api.jar lib/saaj-impl.jar lib/sjsxp.jar
lib/stax-ex.jar lib/streambuffer.jar lib/META-INF

I have then created a lib directory parallel to my client jar file and put all the referenced libs into it. I copied the libs from my netbeans installition directory to this lib directory.
C:\Program Files\netbeans-5.5.1\ide7\modules\ext\jaxws21

I have also created a lib/META-INF directory and put my wsit-client.xml and the service.xml into it.

I needed to do all this because NB551 did not create the lib and copy the required libs into it.

Am I missing any libraries?

I don´t get it.

Bye
Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

now i see the problem (if you use all those individual jars shown in manifest then WSIT services will not kick in) . Actually a WSIT client is only expected to make use of

webservices-api.jar; webservices-rt.jar;webservices-tools.jar;activation.jar and nothing else should be required.

Can you run your client as follows (use JDK 1.5)

java -classpath webservices-api.jar; webservices-rt.jar;webservices-tools.jar;activation.jar;lib/META-INF -jar client.jar

If you want to use JDK1.6 make sure webservices-api.jar is present in jre/lib/endorsed

Another option is go to the libraries of your java client NetBeans project and delete all the JARS which it shows there and then just add the following :
webservices-api.jar; webservices-rt.jar;webservices-tools.jar;activation.jar

And then build and run the client (the META-INF containing wsit-client.xml is required in classpath).

Thanks.

billa1
Offline
Joined: 2006-03-29

Hello,

can you please tell me how to use the client certificate which I created for the WCF client also for a Java WS client?

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

The first step for you is to create a Java Client uisng NetBeans. As part of that you will have to create a WebServiceReference inside the Java Client Project, this can be done by selecting "New WebService Client" option (right click on your Client App Node)

Then you select the "wsdl url" option for the WebService client and supply the WSDL URL of the WCF service.

Then you can use NetBeans to actually invoke the webService operation (right click on your WebService client Servlet/JSP and select "call webservice operation"

Once all this is done, the final step is to configure the certificates.

So my question to you is do you have two certificates one of the client and other of server or just One of them. Can you send me the WSDL of your WCF service so i can guide you.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I think I am through with creating the client artifacts now.
I think all I need to do is to configure the certificate stuff. Thank you for you r help already.

I have attached the WSDL and the two certificates I have created. This answers your question. Yes I am using two certificates one for the server and one for the client.

Thanks.

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

So is your Java Client a Standalone Java (J2SE client) or is it a JSP or a Servlet ?. Also i need to know the passwords of your cert files. Alternatively just answer my first question and then i will tell you exactly how to configure the client side certificates.

I looked at the policy and you just need to specify the location of a client keystore containing the client certificate and a client truststore containing the server certificate and identify the aliases (all of this can be done using NetBeans UI but you will have to first import your cert files into the GlassFish Keystore and Truststore if you are running a JSP/Servlet client.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I am running a standalone J2SE client, so just a command line application.
I did not need to specify any password when creating the certificates. I just created them with the makecert.exe command of windows.

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

OK, from the policy of the WCF service we can infer two things.

1. We need the Client Cert and PrivateKey pair to be in client-keystore.jks ( i could not create this for you because what you have sent me is just the cert and it does not have private key. Typically a .pfx file on windows)

2. We need the Server Cert to be in client-truststore.jks and i already created this for you using JDK6 keytool.
>keytool -import -file service.cer -keystore client-truststore.jks -alias server-cert -storepass changeit

I am attaching the client-truststore. You need to create a client-keystore.jks which contains the clients cert and private-key pair.

After that right click on WebServiceReference Node and select Edit-WebServices-Attributes.

Then select the WSIT Configuration tab and expand the Certificates configuration.

Specify the following for the Truststore :

Truststore location :
Truststore password : changeit
Truststore alias : server-cert

Specify similarly the information for the Keystore, save, build and run.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I now created keystore with the command:

keytool.exe -genkey -alias clientapp -keystore client-keystore.jks
and entered the following data:
Password: billa1
Name: Mirco Schoepf
Organizational Unit: ConnGroup
Organization: DocuWare AG
City: Germering
Province: Bavaria
Country code: DE
Password for clientapp: billa1

I then wanted to add the private key to it with the following command:

c:\Java\jdk1.5.0_11\bin\keytool.exe -import -file client-priv.pfx -keystore client-keystore.jks -alias clientapp

This fails with the message:
Keytool-Error: java.security.cert.CertificateParsingException: signed fields invalid

Is there a problem using JDK 1.5?
Am I using keytool correcly?

I have attached the private key and the client certificate.

Thanks

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

Always try and use JDK6 Keytool since it has more features which were missing in JDK5 keytool.

For importing PFX files we have a utility tool pkcs12import which will import a pfx into an existing keystore as a PrivateKeyEntry.

https://xwss.dev.java.net/servlets/ProjectDocumentList?folderID=6645&exp...

I have done it for you right now using the following command :

-----------------------------------------------
pkcs12import>set JAVA_HOME=E:\jdk6skid
pkcs12import>set PATH=%JAVA_HOME%\bin;%PATH%
pkcs12import>.\pkcs12import.bat
Location of pkcs12-file to import is mandatory
Options:
-file
# pkcs12 file to be imported
[ -alias ] # alias to use
# defaults to pkcs12 alias [ -help]
[ -keypass ] # user is prompted if omitted and may
# hit return to use store-password
[ -keystore ] # defaults to {user-home}/.keystore
[ -pass
] # user is prompted if omitted
[ -storepass ] # user is prompted if omitted
[ -storetype ] # defaults to default keystore type

pkcs12import>.\pkcs12import.bat -file client-priv.pfx
-alias billa1 -keystore client-keystore.jks -storepass changeit -pass billa1
key-password:
pkcs12import>keytool -list -keystore client-keystore.
jks -storepass changeit

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

billa1, Oct 17, 2007, PrivateKeyEntry,
Certificate fingerprint (MD5): 15:C8:33:41:3F:E8:DF:CF:52:EC:66:43:6D:A6:A9:25
--------------------------------------------------------------

So now you can have a Keystore assertion that points to the attached keystore location and specifies the alias attribute alias="billa1" and storePass="changeit"

But you will also have to import the CA cert of the client or directly the client-cert itself into the server truststore. You can do that by calling keytool -importcert option.

billa1
Offline
Joined: 2006-03-29

Hi,

How did you initially create client-keystore.jks?
When I create it through the command
keytool.exe -genkey -alias clientapp -keystore client-keystore.jks
there is already an entry added.

I see this with the command.
keytool.exe -list -keystore client-keystore.jks

Keystore-Passwort ein: billa1

Keystore-Typ: jks
Keystore-Provider: SUN

Ihr Keystore enthΣlt 1 Eintrag/-Σge.

billa1, 17.10.2007, keyEntry,
Zertifikatsfingerabdruck (MD5): 84:3F:A4:CC:92:48:C2:F8:8D:30:21:9C:FA:73:A0:DE

Was the file you sent me created this way, and did you already add the private key to it using pkcs12import tool? If I add the private key with the same alias I get a message that the alias already exists.
Also, how do I then add the client certificate to the client-keystore.jks?

Also you say:
"But you will also have to import the CA cert of the client or directly the client-cert itself into the server truststore. You can do that by calling keytool -importcert option."
I do not quite understand. I created a truststore and added the server certificate to it with.
keytool.exe -import -file service.cer -keystore client-truststore.jks -alias server-cert -storepass billa1

Does your statement referr to the WCF side? I have already added the client certificate in the servers truststore on the WCF side.

Thanks

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

You can create an empty keystore by using the java Keystore API's.

Once you add a keyEntry (it is a pair, containing both the cert and private key) So you do not have to import the client cert again.

And yes, since you have WCF on the server side, there is nothing more you need to do. Just configure the keystore and truststore on the client side and then run.

If you want to delete the entry which i added using pkcs12import and add your own again then you can use

keytool -delete -alias billa1 -keystore client-keystore.jks -storepass changeit

And then you can do pkcs12import again.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I have created the cleint-keystore and client-truststore as you said.
I have also configured the Web Service as shown on the attached screenshot.
I did a refresh of the Web Services.
I am even using the keytool of Java6 now.

My test code looks like this:

DWService dwService = new DWService();
System.out.println("1");
IDWService ser = dwService.getWSHttpBindingIDWService();
System.out.println("2");
ClientServiceSession sess = ser.login("admin", "admin", "Test Organization Inc");
System.out.println("3");

It goes to step 2 and then the application hangs and does not react anymore.
When I look in the TCP trace the message is plain text, no encryption.

What am I doing wrong? I can access the secured WCF service with a WCF client. So the certificates which I generated on the WCF side should be OK but Java still seems to have a problem with them.

You can look at the attched files with the following passwords.

keytool.exe -list -keystore client-keystore.jks
password: changeit

The password of the private key is: billa1

keytool.exe -list -keystore client-truststore.jks

password: billa1

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

Your settings look fine to me.

Make sure wsit-client.xml which is basically generated under META-INF directory is on the classpath. When you run the client application you should see a Log Message of the form :

WSP1049: Loaded WSIT configuration from file: file:/E:/GLASSFISH/SecureWSClient/build/web/WEB-INF/classes/META-INF/wsit-client.xml

Do you see such a message on the client side.

Do you see META-INF/wsit-client.xml created as part of your client application jar. I believe Netbeans generally builds a jar for standalone clients.

billa1
Offline
Joined: 2006-03-29

Hi,

this is the output generated when I build the project with netbeans.

init:
deps-clean:
Deleting directory D:\netbeans-workspace\wsitTest\build
Deleting directory D:\netbeans-workspace\wsitTest\dist
clean:
init:
deps-jar:
wsimport-init:
Created dir: D:\netbeans-workspace\wsitTest\build\generated\wsimport\client
Created dir: D:\netbeans-workspace\wsitTest\build\generated\wsimport\binaries
wsimport-client-check-DWService:
wsimport-client-DWService:
Consider using /
so that wsimport won't do unnecessary compilation
parsing WSDL...

[WARNING] SOAP port "WSHttpBinding_IDWService": uses a non-standard SOAP 1.2 binding.
line 1 of file:/D:/netbeans-workspace/wsitTest/xml-resources/web-service-references/DWService/wsdl/schoepf_nb_10001/DWService.wsdl

generating code...
wsimport-client-generate:
Created dir: D:\netbeans-workspace\wsitTest\build\classes
wsimport-client-compile:
Compiling 40 source files to D:\netbeans-workspace\wsitTest\build\classes
Compiling 1 source file to D:\netbeans-workspace\wsitTest\build\classes
Copying 2 files to D:\netbeans-workspace\wsitTest\build\classes
compile:
Created dir: D:\netbeans-workspace\wsitTest\dist
Building jar: D:\netbeans-workspace\wsitTest\dist\wsitTest.jar
To run this application from the command line without Ant, try:
java -jar "D:\netbeans-workspace\wsitTest\dist\wsitTest.jar"
jar:
BUILD SUCCESSFUL (total time: 6 seconds)

The wsit-client.xml and the DWService.xml are in the META-INF directory. They also end up in the wsitTest.jar file

When running the program within netbeans I get the following output:

init:
deps-jar:
wsimport-init:
wsimport-client-check-DWService:
wsimport-client-DWService:
wsimport-client-generate:
wsimport-client-compile:
compile:
run:
1
2

So there is no line in the log as you mentioned it. How can I add the META-INF directory to the classpath?

I have also attached the wsit-client.xml and the DWService.xml from META-INF directory.

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

Your DWService.xml (the keystore etc inside) look fine to me. Now you can right click on your app select
1. properties (a panel will pop-up)
2. select libraries (from the left of the poped up panel)
3. select Add Jar/Folder (from the right side)
4. select your META-INF directory inside your client Application's build directory.

In any case there should never be a hang on the WCF server side because we have done several interop tests and whenever the client message is incorrect we get back a SOAP Fault from the WCF server. I hearing such of such a problem for the first time.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

OK, I know this is really strange, but it does not even come that far that anything is received by the WCF. I have also cheched this. It is stuck somewhere in the WSIT.

Maybe the environment I use causes trouble.

I am using NetBeans 5.5.1 which is avaiblable here http://www.netbeans.info/downloads/all.php?b_id=3095
I think there is the latest WSIT 1.0 FCS release included, right?
I use Java 1.5.0_11

This is where the program hangs. I have also tried to debug into the source code but I could not find the appropriate source code version for the 1.0 release. Where can I get it? Maybe then I can see in more detail what goes wrong.

I have also tried using Java 6 but there some other classloading problems occur.
I tried JDK 1.6.0_03-b05

Exception in thread "main" java.lang.LinkageError: JAXB 2.0 API is being loaded from the bootstrap classloader, but this RI (from jar:file:/C:/Program%20Files/netbeans-5.5.1/ide7/modules/ext/jaxws21/jaxb-impl.jar!/com/sun/xml/bind/v2/model/impl/ModelBuilder.class) needs 2.1 API. Use the endorsed directory mechanism to place jaxb-api.jar in the bootstrap classloader. (See http://java.sun.com/j2se/1.5.0/docs/guide/standards/)
at com.sun.xml.bind.v2.model.impl.ModelBuilder.(ModelBuilder.java:136)
at com.sun.xml.bind.v2.runtime.JAXBContextImpl.getTypeInfoSet(JAXBContextImpl.java:406)
at com.sun.xml.bind.v2.runtime.JAXBContextImpl.(JAXBContextImpl.java:270)
at com.sun.xml.bind.v2.ContextFactory.createContext(ContextFactory.java:103)
at com.sun.xml.bind.v2.ContextFactory.createContext(ContextFactory.java:81)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
(...)

So with Java 6 the JAXB seems to be included already.

Thanks.

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

copy webservices-api.jar into jre/lib/endorsed directory of JDK6 and try.

billa1
Offline
Joined: 2006-03-29

Hi,

OK I have done this now there errors are gone but the behaviour is now just as with Java 5.
The program hangs on position (2) in the code.

DWService dwService = new DWService();
System.out.println("1");
IDWService ser = dwService.getWSHttpBindingIDWService();
System.out.println("2");
ClientServiceSession sess = ser.login("admin", "admin", "Test Organization Inc");
System.out.println("3");

Where can I get the source code webservices-api.jar, so I can debug?
Am I maybe doing something wrong in my test code? Do I need to do any more initialization between instantiating the service and calling the first method of the service?

Thanks

Mirco

kumarjayanti
Offline
Joined: 2003-12-10

Nothing more needs to be done...

What happens when you run without any security with a WCF service does it work ?.

Also is your CPU Usage becoming 100% when it hangs (does the program do some busy-waiting). Can you get a Thread Dump of the Java Client.

"ctrl+break or kill -SIGQUIT pid depending on which platform your JVM are running." You may need to run your client app jar outside of NB for this.

The sourcecode if you are using WSIT 1.0 FCS can be obtained by checking out the source code using cvs

cvs -d:pserver:billa1@cvs.dev.java.net:/cvs co -r wsit-integration-2007-08-02-b26 wsit

Also do you now see the log message indicating reading wsit-client.xml ?. Is the message secure now ?.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

I started again creating a new project in NB and adding a new Web Service client.

For the Web Service client there is a dialog in NB where I can choose the JAX Version, either JAX-WS or JAP-RPC. I have chosen JAX-WS so far. I s this OK or shoudl I use JAX-RPC?

Thanks

kumarjayanti
Offline
Joined: 2003-12-10

Hi,

Please note : the interoperability contract is based on the WSDL and the Policies inside the WSDL, so first try to access the WSDL of the WCF service using a URL (you should see security and other policies inside the WSDL, do you see that already ?).

Since it is a WCF service you should be able to do the following .

1. Use NetBeans Loaded with WSIT Plugin and then create a

a. Web Application
b. Create a New WebService Client under the Web Application (right click on WebApplication to see the option to create the WebService Client)
c. When creating the WebService Client specify the WSDL URL option and specify the WSDL URL of the WCF service over there. (if the WCF service is a remote service you may have to do proxy server settings etc inside netbeans)

d. now You can create a new Servlet inside your Web App in NetBeans
e. right Click inside the Servlet Code and you will see the option to invoke the WebService operation.
f. You can then write code to invoke the WebService operation (NB will generate the dummy skeleton for you in the step above)
h. Once all that is done you will need to right click on the WebService Reference inside the WebApplication and select Edit-WebService-Attributes
i. There depending on what Security Policies are present in the WCF service you will need to configure one or more things (such as keystores, username/password etc) under the WSIT Configuration Tab,

After all this is done you are ready to deploy your client App on GlassFish and Run it against the WCF service.

It appears you are inclined to do this manually instead of using Netbeans is that correct ?. But i would suggest use Netbeans to generate the initial artifacts (especially it generates something called as wsit-client.xml ) which a plain ws-import would not.

A plain wsimport would suffice if the Service is just a WebService with no WS-* in it. But a WCF Service as you have configured will have WS-Security in it.

Also please note that you seem to have used the default WCF service configuration :

I have to say that WSIT/Metro does not support this because this uses something called as SPNego which is currently not supported by WSIT (it is under development).

So can you please change your WCF service Configuration to :

After you create the client using NetBeans you may need help in security configuration, i can help you out at that time over this thread.

Thanks.

billa1
Offline
Joined: 2006-03-29

Hi,

It has taken a while but now Ii am able to access the WSDL of the WCF Service.
As you suggested I am using this now in the WCF service configuration for the wsHttpBinding.



I have also added a behavior section in the configuration to be able to specify the certificate.










I have also managed to create a WCF client for this service and to interchange data.

Now I would need help to do the same in the java world. I have followed your suggestion to use Netbeans to create the artifacts. Please tell me what I need to configure to acces these WCF services now from the java side.

I have also generated a client.cer file which is a certificate file which is used by the WCF client. Can I also use this as a certificate for the communication with the java client?

Thanks

Mirco