WL10 client application calling webservices over 2-way SSL

Similar Messages

• How to get the correct client certificate used in the two way ssl

  how to export the certificate in browser to the correct client certificate format needed by the WLSSSLAdaptor?
  I can export the certificate in browser to p12 or pfx format, but how to retrieve the private key from it and convert to PKCS#8?
  anyone did this before?
  Thanks

  Hi,
  Use the event after_user_command.When the user clicks any other buttons in the toolbar,this event will be triggered after the processing and you can handle the sub-total for % columns here.
  Regards,
  Archna Raja

• 2-way SSL when WL7 is client; get "Required peer certificates not supplied by peer"

  Background: WL7 is properly configured to use 2-way SSL, and works fine whenever
  its acting as the Server; i.e., I have 2-way SSL working between a Web Browser
  and WL7, or between Tomcat and WL7. However, when trying to get 2-way SSL (mutual
  authentication) working between a WL7 server acting as a client and another server
  such as Tomcat, acting as the server, I get a "Required peer certificates not
  supplied by peer" error. The initial ServerHello handshake is fine; the problem
  arises when the Tomcat server, for example, then requests WL7 to serve up its
  client certificate. It's as if WL7 does not know where to locate its "client"
  certificate.
  I had the same problem with Tomcat initially, where it would also not know how
  to locate its "client" certificte. I resolved the problem by setting the following
  system properties:
  javax.net.ssl.keyStore=...
  javax.net.ssl.keyStorePassword=...
  javax.net.ssl.trustStore=...
  javax.net.ssl.trustStorePassword=...
  Are their analogous system properties I need to set on the WL7 side of things,
  as I noticed that WL7 seems to use its own proprietary version of JSSE API's?
  How do I configure WL7 to locate its "client" certificate?
  Thanks! Your help is greatly appreciated.
  -Dan

  Weblogic uses Certicom SSL implementation which has classes that conflict with
  JSSE classes. As a result opening SSL connection from WLS over JSSE or API like
  SOAPConnection that uses JSSE does not work as expected. The javax.net.ssl properties
  are not supported and there is no replacement for the default identity keystore
  property.
  The best workaround I can think of in this case is to pass as the second parameter
  to SOAPConnection.call() method a URL instance created with a custom URLStreamHandler
  extending the weblogic.net.http.Handler. This handler can override the Handler.openConnection(URL)
  method and use the HttpsURLConnection.loadLocalIdentity method to initialize identity
  of the returned connection. For example:
  public class MyHandler extends weblogic.net.http.Handler {
  protected URLConnection openConnection(URL u) throws IOException {
  URLConnection c = super.openConnection();
  if (c instanceof weblogic.net.http.HttpsURLConnection) {
  // initialize ssl identity
  ((weblogic.net.http.HttpsURLConnection) c).loadLocalIdentity(certChain,
  privateKey);
  return c;
  URL someHTTPSUrlEndpoint = new URL("https", "localhost", 7002, "myfile", new MyHandler());
  replyMessage = con.call(someSOAPMessageInstance, someHTTPSUrlEndpoint);
  Pavel.
  "ddumitru" <[email protected]> wrote:
  >
  Thanks, Pavel, for replying,
  I've been reading and re-reading that page for quite a while now. Unfortunately,
  the examples given are for when WL7 is acting as the "server" and not
  the "client";
  i.e., when some other server, such as Tomcat, WebSphere, or Oracle 9IAS,
  reaches
  out to the WL7 instance first, or when one WL7 instance talks to another
  WL7 instance
  via JNDI.
  In my case, my WL7 instance needs to initiate a Web Service call; i.e.,
  needs
  to reach out to another server via a SAAJ (SOAP with Attachments) API
  call. My
  sending servlet uses the SAAJ (SOAP with attachments) API to make a Web
  Service
  call to another server, as follows:
  SOAPConnectionFactory scf = SOAPConnectionFactory.newInstance();
  SOAPConnection con = scf.createConnection();
  SOAPMessage replyMessage = con.call( someSOAPMessageInstance, someHTTPSUrlEndpoint
  With the SAAJ API, as illustrated above, I don't see a direct way of
  configuring
  (using URLConnection, SSLContext, SSLSocketFactory, etc.) the SSL connection
  prior
  to making a call, as suggested in the link you mentioned. Also, the
  receiving
  server may implement its Web Services using a non-BEA application server
  that
  may not even use the J2EE platorm. As such, I don't believe I can use
  the JNDI
  solution provided in that same link.
  Again, I was able to make 2-way SSL (Mutual Authentication) connections
  between
  Tomcat and WL7 instances using the SAAJ API's when Tomcat was the client
  initiating
  the SAAJ call. In this scenario, Tomcat requested WL7 for its certificate,
  WL7
  served it up, and Tomcat then verified it. Then, in turn, WL7 asked
  Tomcat for
  its certificate, Tomcat presented it, and WL7 was able to verify Tomcat's
  certificate.
  I suppose I was able to make it all work under this scenario because
  I was able
  to configure Tomcat, which is using native JSSE API's, to locate its
  "client"
  certificate by setting the following system properties, as mentioned
  previously:
  javax.net.ssl.keyStore=...
  javax.net.ssl.keyStorePassword=...
  javax.net.ssl.trustStore=...
  javax.net.ssl.trustStorePassword=...
  Based upon your feedback, I now understand that WL7 cannot be configured
  in a
  similar manner because WL7 uses its own version of the JSSE API's. Any
  ideas
  on what I might try next?
  Thanks!
  -Dan
  "Pavel" <[email protected]> wrote:
  WLS SSL API does not support any system properties for SSL identity.
  The client's
  identity has to be configured via methods of SSL API. The trust configuration
  of SSL client running on WL server and using WLS SSL API will be the
  same as of
  the WL server.
  See http://e-docs.bea.com/wls/docs70/security/SSL_client.html#1019570
  for more information on this. "Writing Applications that Use SSL" contains
  code
  examples that use different SSL APIs to connect over two-way SSL.
  Pavel.
  "ddumitru" <[email protected]> wrote:
  Background: WL7 is properly configured to use 2-way SSL, and worksfine
  whenever
  its acting as the Server; i.e., I have 2-way SSL working between a
  Web
  Browser
  and WL7, or between Tomcat and WL7. However, when trying to get 2-way
  SSL (mutual
  authentication) working between a WL7 server acting as a client andanother
  server
  such as Tomcat, acting as the server, I get a "Required peer certificates
  not
  supplied by peer" error. The initial ServerHello handshake is fine;
  the problem
  arises when the Tomcat server, for example, then requests WL7 to serve
  up its
  client certificate. It's as if WL7 does not know where to locate its
  "client"
  certificate.
  I had the same problem with Tomcat initially, where it would also not
  know how
  to locate its "client" certificte. I resolved the problem by setting
  the following
  system properties:
  javax.net.ssl.keyStore=...
  javax.net.ssl.keyStorePassword=...
  javax.net.ssl.trustStore=...
  javax.net.ssl.trustStorePassword=...
  Are their analogous system properties I need to set on the WL7 sideof
  things,
  as I noticed that WL7 seems to use its own proprietary version of JSSE
  API's?
  How do I configure WL7 to locate its "client" certificate?
  Thanks! Your help is greatly appreciated.
  -Dan

• Two-Way SSL does not work until "Use Server Certs" is selected on client

  We have a web service application and a client application. Both applications are deployed in WebLogic 10.3. The web service application is secured by Two-Way SSL. When the client attempts to access the service, we got the following error logs on the server side:
  <Dec 8, 2009 3:25:42 PM EST> <Warning> <Security> <BEA-090508> <Certificate chain received from ... was incomplete.>
  CertPathTrustManagerUtils.certificateCallback: certPathValStype = 0
  CertPathTrustManagerUtils.certificateCallback: validateErr = 4
  CertPathTrustManagerUtils.certificateCallback: returning false because of built-in SSL validation errors
  We got the same error even if the WebLogic 10.3 domain on the client side uses the same identity and trust keystores as the server side.
  The problem was solved when we selected Environment -> Servers -> <server> -> SSL, expanded "Advanced" and selected "Use Server Certs". Could anyone tell me what "Use Server Certs" does to make the difference?
  Another question is how we can invoke this web service in a Java application since "Use Server Certs" solution only works for web application deployed in weblogic.

  "Use Server Certs" means that a client application running within Weblogic will use the WL managed server's identity certificate as its client certificate. Otherwise, the client application is responsible for selecting the keystore, and presenting the certificate as part of the handshake.
  This is a great feature in 9 & 10; client SSL was much more difficult in WL 8.
  If you are using a standalone client application to invoke anything over 2-way SSL, you are responsible for presenting the certificate. For instance, if you invoke the page from your browser, your browser can maintain client certificates and you'll get a popup to select which cert to use.

• Can an EJB client application access to EJBs on two domains concurrently?

  It is well-known that there can be multiple domains in a SUN application server. If two domains are started up, can the same EJB client application call different EJB methods from the two domains? If can, how to implement? Please kindly give a snippet of sample codes.
  Another question: can EJBs among multiple domains communicate with each other? If can, tell me how to implement and had better provide some sample codes as well.

  I have my client working now!
  I was looking around on other forums and found a guy who said that javax.comm has problems with security. here is the address
  http://lists.dalsemi.com/maillists/java-powered-ibutton/2002-February/002168.html
  He said,
  "This is an error generated by the javax.comm packages when initializing
  the
  serial ports. It's basically a security related bug. Officially, all
  packages stored in your lib/ext folder should be considered trusted
  code,
  running with the same permissions as your trusted main application. But
  it
  seems that isn't the case with comm.jar.
  I've heard that signing the comm.jar file might fix it, but I wasn't
  able to
  verify that myself (but I didn't test with Netscape's java plugin). I
  found
  a workaround that should take care of it (as long as your main
  application
  has "all-permissions"). Try adding this line to the top of your main
  method:
  System.setSecurityManager(null);
  So I did that and it worked except for one thing. at the end of my program the client tells me
  The system cannot find the path specified.
  Do you think this is a major problem? What is it trying to find??
  Michael B

• Urgent: How to execute a Client application

  Hi All,
  I have deployed a very simple ear file ( consisting of 1 session bean ) called
  HelloEjbsApp.ear in Weblogic 6.1. I want to access the method in this ejb from
  a client application. Please can anybody tell me the steps to do the same? I have
  referred to the documentation, but it isn't too clear.
  I have a HelloClient.java class inside a jar file called HelloClientJAR.jar,
  which is inside the client application called HelloClientApp.ear. As I understand,
  I should have the following 3 files for the same.
  application.xml
  application-client.xml
  HelloClientJAR.runtime.xml ( This exists in the same directory as the HelloClientApp.ear
  I then ran the following command
  java appclient.ClientDeployer HelloClientApp.ear HelloClientJAR
  It deployed properly, without any errors.
  After this, how do I exceute the HelloClient class? Please if anybody knows the
  solution to my problem, help me.
  Thanks,
  Vani

  Unless it's a J2EE "application client" which is packaged in the ear.
  Unfortunately 6.1 still doesn't support that standard.
  "Vani" <[email protected]> wrote in message
  news:[email protected]...
  >
  Thank you very much. It works now. As you said, I should use only the JNDIname
  to do lookup outside an ejb.
  Thanks,
  Vani
  "Cameron Purdy" <[email protected]> wrote:
  That means that you can only look up java:comp/env/* from inside (for
  example) an EJB. You cannot do that from a Java client. From a Java
  client,
  you look up the EJB using its "global" JNDI name. Use the WL console
  to
  peruse your JNDI tree.
  Peace,
  Cameron Purdy
  Tangosol Inc.
  Tangosol Coherence: Clustered Coherent Cache for J2EE
  Information at http://www.tangosol.com/
  "Vani" <[email protected]> wrote in message
  news:[email protected]...
  Hi All,
  I am able to execute the client application. But when I do that,I get
  the following
  exception.
  javax.naming.NamingException: java:comp/env namespace is only availablefrom within
  a J2EE component
  at
  com.sun.enterprise.naming.java.javaURLContext.getComponentContext(javaURLCon
  text.java:392)
  at
  com.sun.enterprise.naming.java.javaURLContext.lookup(javaURLContext.java:51)
  at javax.naming.InitialContext.lookup(InitialContext.java:350)
  at HelloClient.main(Unknown Source)
  Please if anybody knows the reason for this, help me.
  Thanks,
  Vani
  "Vani" <[email protected]> wrote:
  Hi All,
  I have deployed a very simple ear file ( consisting of 1 session
  bean
  ) called
  HelloEjbsApp.ear in Weblogic 6.1. I want to access the method in this
  ejb from
  a client application. Please can anybody tell me the steps to do the
  same? I have
  referred to the documentation, but it isn't too clear.
  I have a HelloClient.java class inside a jar file calledHelloClientJAR.jar,
  which is inside the client application called HelloClientApp.ear.As
  I understand,
  I should have the following 3 files for the same.
  application.xml
  application-client.xml
  HelloClientJAR.runtime.xml ( This exists in the same directory asthe
  HelloClientApp.ear
  I then ran the following command
  java appclient.ClientDeployer HelloClientApp.ear HelloClientJAR
  It deployed properly, without any errors.
  After this, how do I exceute the HelloClient class? Please if anybody
  knows the
  solution to my problem, help me.
  Thanks,
  Vani

• Two way SSL with jax-ws on weblogic 10.3.1.1

  I'm desperately trying to create a webservice client using jax-ws for two way ssl (mutual authentication). The client shoud be a web service (war) not a normal fat java client (jar).Could someone please give me any help? I've tried with the ssl context but it dosn't work :(
  BlokIzmenjava service= new BlokIzmenjava(new URL("https://wwwt.ajpes.si/wsBlokIzmenjava/BlokIzmenjava.asmx?WSDL"), new QName("http://www.ajpes.si/blok_izmenjava", "BlokIzmenjava"));
  BlokIzmenjavaSoap port=service.getBlokIzmenjavaSoap();
  KeyStore ks = KeyStore.getInstance("JKS");
  ks.load(new FileInputStream("D:/Podatki/Workspace1031/TestWorkSpace/TestWS/src/nkbm/ws/Ajpes.jks"), "trustpass".toCharArray());
  KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
  kmf.init(ks, "trustpass".toCharArray());
  javax.net.ssl.SSLContext sslCtx = SSLContext.getInstance("SSL");
  TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
  tmf.init(ks);
  TrustManager tms[] = tmf.getTrustManagers();
  sslCtx.init(kmf.getKeyManagers(), tms, null);
  javax.net.ssl.SSLSocketFactory ssl = (javax.net.ssl.SSLSocketFactory) sslCtx.getSocketFactory();
  Map<String, Object> requestContext = ((BindingProvider) port).getRequestContext();
  requestContext.put(com.sun.xml.internal.ws.developer.JAXWSProperties.SSL_SOCKET_FACTORY, ssl);
  port.test("aaaaa");
  The thing is that this solution works on a fat client(as a jar) but it dosn't work as a client (webservice) deployed on weblogic server. I've also set the everything in the weblogic console (SSL,keystores) and it still dosn't work :(
  any help would b appretiated!
  thank you!
  Edited by: user10677650 on 30.6.2010 6:37

  Isn't the SSL adapter meant to be used for jax-rpc webservices?
  "JAX-RPC clients can use the SSLAdapter mechanism described in Using a Custom SSL Adapter with Reliable Messaging to persist the state of a request over an SSL connection"
  I have already tried with weblogic.wsee.jaxws.sslclient.SSLClientUtil...still I always get the error (this error is with ssl debug mode on)....
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 31921099>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write SSL_20_RECORD>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received HANDSHAKE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 994001646
  Issuer:C=si, O=state-institutions, OU=sigen-ca
  Subject:C=si, O=state-institutions, OU=sigen-ca, OU=org-web, OU=AJPES - 14717468, CN=WWWT.AJPES.SI + ?=2345775710058
  Not Valid Before:Fri Nov 17 14:26:17 CET 2006
  Not Valid After:Thu Nov 17 14:56:17 CET 2011
  Signature Algorithm:SHA1withRSA
  >
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 994001646
  Issuer:C=si, O=state-institutions, OU=sigen-ca
  Subject:C=si, O=state-institutions, OU=sigen-ca, OU=org-web, OU=AJPES - 14717468, CN=WWWT.AJPES.SI + ?=2345775710058
  Not Valid Before:Fri Nov 17 14:26:17 CET 2006
  Not Valid After:Thu Nov 17 14:56:17 CET 2011
  Signature Algorithm:SHA1withRSA
  >
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: wwwt.ajpes.si>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(sock): 12457751>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <close(): 27314217>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 31288249>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 262>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received CHANGE_CIPHER_SPEC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received HANDSHAKE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 342>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 493>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <5095980 read(offset=0, length=8192)>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received HANDSHAKE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: HelloRequest>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 147>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received HANDSHAKE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 994001646
  Issuer:C=si, O=state-institutions, OU=sigen-ca
  Subject:C=si, O=state-institutions, OU=sigen-ca, OU=org-web, OU=AJPES - 14717468, CN=WWWT.AJPES.SI + ?=2345775710058
  Not Valid Before:Fri Nov 17 14:26:17 CET 2006
  Not Valid After:Thu Nov 17 14:56:17 CET 2011
  Signature Algorithm:SHA1withRSA
  >
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 994001646
  Issuer:C=si, O=state-institutions, OU=sigen-ca
  Subject:C=si, O=state-institutions, OU=sigen-ca, OU=org-web, OU=AJPES - 14717468, CN=WWWT.AJPES.SI + ?=2345775710058
  Not Valid Before:Fri Nov 17 14:26:17 CET 2006
  Not Valid After:Thu Nov 17 14:56:17 CET 2011
  Signature Algorithm:SHA1withRSA
  >
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 0>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: wwwt.ajpes.si>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: CertificateRequest>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <No suitable identity certificate chain has been found.>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 7>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 262>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received CHANGE_CIPHER_SPEC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received HANDSHAKE>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 SSL3/TLS MAC>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <32946105 received APPLICATION_DATA: databufferLen 0, contentLength 2073>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <5095980 read databufferLen 2073>
  <1.7.2010 8:38:39 CEST> <Debug> <SecuritySSL> <BEA-000000> <5095980 read A returns 2073>
  1.7.2010 8:38:39 com.sun.xml.ws.server.sei.EndpointMethodHandler invoke
  SEVERE: The server sent HTTP status code 403: Forbidden
  com.sun.xml.ws.client.ClientTransportException: The server sent HTTP status code 403: Forbidden
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.checkStatusCode(HttpTransportPipe.java:225)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:191)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:101)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
       at com.sun.xml.ws.client.Stub.process(Stub.java:246)
       at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89)
       at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118)
       at $Proxy166.blokVrni(Unknown Source)
       at nkbm.ws.TestAjpes1.hello(TestAjpes1.java:59)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:101)
       at weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker.invoke(WLSInstanceResolver.java:83)
       at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:152)
       at com.sun.xml.ws.server.sei.EndpointMethodHandler.invoke(EndpointMethodHandler.java:264)
       at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:93)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:604)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:563)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:548)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:445)
       at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:249)
       at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:453)
       at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:250)
       at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:140)
       at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:298)
       at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:211)
       at weblogic.wsee.jaxws.JAXWSServlet.doPost(JAXWSServlet.java:297)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
       at weblogic.wsee.jaxws.JAXWSServlet.service(JAXWSServlet.java:87)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3590)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  <1.7.2010 8:39:01 CEST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
       at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
       at weblogic.net.http.HttpClient.closeServer(HttpClient.java:528)
       at weblogic.net.http.KeepAliveCache$1.run(KeepAliveCache.java:111)
       at java.util.TimerThread.mainLoop(Timer.java:512)
       at java.util.TimerThread.run(Timer.java:462)
  >
  <1.7.2010 8:39:01 CEST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <1.7.2010 8:39:01 CEST> <Debug> <SecuritySSL> <BEA-000000> <close(): 5095980>
  <1.7.2010 8:39:01 CEST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 31921099>
  any ideas?
  thank you again!
  Edited by: user10677650 on 30.6.2010 23:42

• Call webservice from PJC over https protocol

  Hello!
  I have problem calling webservice from PJC.
  The webservice is on https server so I must declare the keystore and truststore...
  I have generated java classes from wsdl file with SOPAUI and axis 1.0...
  Then I have made a code which integrate axis library, jsee ...
  On the client side all works fine (with jdk 1.3 compiler)
  When I deploy it on oracle forms server and call it from oracle form I get the error:
  java.net.MalformedURLException: unknown protocol: https
  in this way I register the certificate..
  private void registrirajCertifikat(String direktorij, String password,
          String keyStore, String trustStore) {
         System.out.println("keystore: " + direktorij + keyStore);
          System.out.println("trust: " + direktorij + trustStore);
          System.out.println("========================================");
          System.setProperty("javax.net.ssl.keyStore", direktorij + keyStore);
          System.setProperty("javax.net.ssl.keyStorePassword", password);
          System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
          System.setProperty("javax.net.ssl.trustStore", direktorij + trustStore);
          System.setProperty("javax.net.ssl.trustStorePassword",   password);
          System.setProperty("javax.net.ssl.trustStoreType", "jks");
          System.out.println("========================================");
          System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
          Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );     
      }I have my kestore and truststore located on http server..
  Every time the bean is initializzed I download the keystore and truststore to my java.tmp.dir
  The same code in Jdeveloper works fine.. also in cmd prompt.. but in oracle forms I can't get it to run..
  anybody can help me?
  this is my console output when running a form:
  Oracle JInitiator: Version 1.3.1.22
  Using JRE version 1.3.1.22-internal Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\peterv.IN2SLO
  Proxy Configuration: no proxy
  JAR cache enabled
       Location: C:\Documents and Settings\peterv.IN2SLO\Oracle Jar Cache
       Maximum size: 50 MB
       Compression level: 0
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  l:   dump classloader list
  m:   print memory usage
  q:   hide console
  s:   dump system properties
  t:   dump thread list
  x:   clear classloader cache
  0-5: set trace level to <n>
  Loading http://dekani:7777/forms/java/frmall_jinit.jar from JAR cache
  Loading http://dekani:7777/forms/java/images.jar from JAR cache
  Cached copy of http://dekani:7777/forms/java/in2kartica.jar
  ** DOKUMENTNI SISTEM   **
  ** PJC bean                     **
  zacetek
  http://10.1.2.235/in2/asarh.pfx
  Copying resource (type: application/octet-stream, modified on: Dec 18, 2009 12:39:35 PM)... to: C:\DOCUME~1\PETERV~1.IN2\LOCALS~1\Temp\asarh.pfx
  3794 byte(s) copied
  http://10.1.2.235/in2/arhaskeystore.jks
  Copying resource (type: application/octet-stream, modified on: Dec 18, 2009 12:39:35 PM)... to: C:\DOCUME~1\PETERV~1.IN2\LOCALS~1\Temp\arhaskeystore.jks
  3800 byte(s) copied
  Registriramo nastavitve za SSL
  keystore: C:\DOCUME~1\PETERV~1.IN2\LOCALS~1\Temp\asarh.pfx
  trust: C:\DOCUME~1\PETERV~1.IN2\LOCALS~1\Temp\arhaskeystore.jks
  ========================================
  po registraciji nastavitev za SSL
  ========================================
  https://hosting.arhiviraj.si/webservice2/InDocArchiveWS.asmx
  --> napaka: *java.net.MalformedURLException: unknown protocol: https*
  java.net.MalformedURLException: unknown protocol: https
       at java.net.URL.<init>(Unknown Source)
       at java.net.URL.<init>(Unknown Source)
       at java.net.URL.<init>(Unknown Source)
       at in2.mikrocop.Test.dokumenti(Test.java:94)
       at in2.mikrocop.Test.testiranje(Test.java:66)
       at in2.mikrocop.Test.<init>(Test.java:49)
       at java.lang.Class.newInstance0(Native Method)
       at java.lang.Class.newInstance(Unknown Source)
       at oracle.forms.ui.VBean.instantiateBean(Unknown Source)
       at oracle.forms.ui.VBean.setProperty(Unknown Source)
       at oracle.forms.handler.UICommon.instantiate(Unknown Source)
       at oracle.forms.handler.UICommon.onCreate(Unknown Source)
       at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
       at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
       at oracle.forms.engine.Runform.processMessage(Unknown Source)
       at oracle.forms.engine.Runform.processSet(Unknown Source)
       at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
       at oracle.forms.engine.Runform.onMessage(Unknown Source)
       at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
       at oracle.forms.engine.Runform.startRunform(Unknown Source)
       at oracle.forms.engine.Main.createRunform(Unknown Source)
       at oracle.forms.engine.Main.start(Unknown Source)
       at sun.applet.AppletPanel.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)

  I have tryed tu run my example with Jinitiator "java" like
  c:\java -jar c:\in2kartica.jar
  and all works fine..
  I don't know why the same example won't run inside oracle form as javabean?!?
  this is my cmd console
  C:\jdk\bin>java -jar c:\in2kartica.jar
  ** DOKUMENTNI SISTEM   **
  ** PJC bean            **
  keystore: C:\DOCUME~1\PETERV~1.IN2\LOCALS~1\Temp\asarh.pfx
  trust: C:\DOCUME~1\PETERV~1.IN2\LOCALS~1\Temp\arhaskeystore.jks
  ========================================
  po registraciji nastavitev za SSL
  ========================================
  https://hosting.arhiviraj.si/webservice2/InDocArchiveWS.asmx
  unknown attr1.3.6.1.4.1.311.17.1
  Dolzina: 91  <------------ this is the result from webservice located on address above

• Ways to Configure Which UNIX Server a PC Client Application Communicates With

  We have several different MS VC++ "fat client" applications that we want to run
  on the same NT 4.0 PC.
  Each application uses the Tuxedo 7.1 client to communicate with Tuxedo services
  located on a UNIX server.
  Each application needs to communicate with a different UNIX server (e.g., application
  A1 needs Tuxedo
  service T1 located on UNIX server S1, application A2 needs Tuxedo service T2 located
  on UNIX server
  S2). We'd like to load the Tuxedo 7.1 client software in such a way that each
  individual application
  controls which server it uses. One way to do that is through registry entries
  specific to each application.
  We are looking for some documentation or tips on other/better ways to configure
  which server the PC
  application communicates with. We are also looking for some documentation or
  tips on how to best
  configure an application that needs to subscribe to services from several different
  servers (e.g.,
  application A needs Tuxedo service T1 on server S1 and Tuxedo service T2 on server
  S2). Thanks.

  Matt,
  This sounds quite unusual, and I am not sure why you want to do things this way.
  Generally, I would expect that the services would be distributed on the server side over
  different boxes as you describe, but the location would be transparent to a client app.
  which would tpinit once, and Tuxedo would route the requests appropriately. Maybe that's
  not how you want to do things because the apps are all logically independent? I'm not
  sure about that though, since you describe needing services on different servers in
  individual clients... Can you do the integration at the back end?
  To do what you describe, however, you need to control the value of the WSNADDR
  environment variable before you call tpinit() - it is the network address in this
  variable that tells the client libraries which server to connect to. Simply set the
  value (from a command line parameter, the registry, an ini file or wherever) with the
  tuxputenv() API before you call tpinit()
  In Tuxedo 7.1 and higher, it is also possible to connect to multiple different servers
  simultaneousy by calling tpinit multiple times and having multiple contexts in the
  client.
  I hope that helps.
  Regards,
  Peter.
  Got a Question? Ask BEA at http://askbea.bea.com
  The views expressed in this posting are solely those of the author, and BEA
  Systems, Inc. does not endorse any of these views.
  BEA Systems, Inc. is not responsible for the accuracy or completeness of the
  information provided
  and assumes no duty to correct, expand upon, delete or update any of the
  information contained in this posting.
  Matt wrote:
  We have several different MS VC++ "fat client" applications that we want to run
  on the same NT 4.0 PC.
  Each application uses the Tuxedo 7.1 client to communicate with Tuxedo services
  located on a UNIX server.
  Each application needs to communicate with a different UNIX server (e.g., application
  A1 needs Tuxedo
  service T1 located on UNIX server S1, application A2 needs Tuxedo service T2 located
  on UNIX server
  S2). We'd like to load the Tuxedo 7.1 client software in such a way that each
  individual application
  controls which server it uses. One way to do that is through registry entries
  specific to each application.
  We are looking for some documentation or tips on other/better ways to configure
  which server the PC
  application communicates with. We are also looking for some documentation or
  tips on how to best
  configure an application that needs to subscribe to services from several different
  servers (e.g.,
  application A needs Tuxedo service T1 on server S1 and Tuxedo service T2 on server
  S2). Thanks.

• Regarding errors in client Application to invoke the webservices

  hi,
  i am using weblogic workshop to develop webservices on weblogic server8.1
  i develop webservice and wsdl file also
  but when i am writing dynamic client application to invoke the webservice( particular method)
  then it gives error like this
  javax.xml.rpc.JAXRPCException: failed to invoke operation 'requestContactList' due to an error in the soap layer (SAAJ); nested exception is: Message[ failed to serialize interface javax.xml.soap.SOAPElementweblogic.xml.schema.binding.SerializationException: mapping lookup failure. class=interface javax.xml.soap.SOAPElement class context=TypedClassContext{schemaType=['http://www.openuri.org/']:requestContactList}]StackTrace[
  javax.xml.soap.SOAPException: failed to serialize interface javax.xml.soap.SOAPElementweblogic.xml.schema.binding.SerializationException: mapping lookup failure. class=interface javax.xml.soap.SOAPElement class context=TypedClassContext{schemaType=['http://www.openuri.org/']:requestContactList}
       at weblogic.webservice.core.DefaultPart.invokeSerializer(DefaultPart.java:332)
       at weblogic.webservice.core.DefaultPart.toXML(DefaultPart.java:297)
       at weblogic.webservice.core.DefaultMessage.toXML(DefaultMessage.java:645)
       at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:206)
       at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
       at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:471)
       at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
       at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:566)
       at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:419)
       at test.Client.main(Client.java:57)
  Caused by: weblogic.xml.schema.binding.SerializationException: mapping lookup failure. class=interface javax.xml.soap.SOAPElement class context=TypedClassContext{schemaType=['http://www.openuri.org/']:requestContactList}
       at weblogic.xml.schema.binding.RuntimeUtils.lookup_serializer(RuntimeUtils.java:151)
       at weblogic.xml.schema.binding.RuntimeUtils.invoke_serializer(RuntimeUtils.java:187)
       at weblogic.xml.schema.binding.RuntimeUtils.invoke_serializer(RuntimeUtils.java:174)
       at weblogic.webservice.core.DefaultPart.invokeSerializer(DefaultPart.java:328)
       ... 9 more
       at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:586)
       at weblogic.webservice.core.rpc.CallImpl.invoke(CallImpl.java:419)
       at test.Client.main(Client.java:57)
  Debugging Finished
  Exception in thread "main"
  my client program is
  import java.net.URL;
  import javax.xml.rpc.ServiceFactory;
  import javax.xml.rpc.Service;
  import javax.xml.rpc.Call;
  import javax.xml.rpc.ParameterMode;
  import javax.xml.namespace.QName;
  * This class demonstrates a java client invoking a WebService.
  * @author Copyright (c) 2005 by BEA Systems, Inc. All Rights Reserved.
  public class Client {
  public static void main(String[] args) throws Exception {
  // Setup the global JAXM message factory
  System.setProperty("javax.xml.soap.MessageFactory",
  "weblogic.webservice.core.soap.MessageFactoryImpl");
  // Setup the global JAX-RPC service factory
  System.setProperty( "javax.xml.rpc.ServiceFactory",
  "weblogic.webservice.core.rpc.ServiceFactoryImpl");
  // create service factory
  ServiceFactory factory = ServiceFactory.newInstance();
  // define qnames
  String targetNamespace =
  "http://www.openuri.org/"
  + "wsdl/http://192.168.2.98:7001/ContactListWeb/ContactListJWS/ContactTest.jws";
  QName serviceName =
  new QName(targetNamespace,
  "ContactTest");
  QName portName =
  new QName(targetNamespace,
  "ContactTestSoap");
  QName operationName = new QName("targetNamespace",
  "requestContactList");
  URL wsdlLocation =
  new URL("http://192.168.2.98:7001/ContactListWeb/ContactListJWS/ContactTest.jws?WSDL");
  // create service
  Service service = factory.createService(wsdlLocation, serviceName);
  // create call
  Call call = service.createCall(portName, operationName);
  // invoke the remote web service
  String result =(String)call.invoke(new Object[] {
  "BEAS"
  System.out.println("\n");
  System.out.println("This example shows how to create a dynamic client application that invokes a non-WebLogic Web service.");
  System.out.println("The webservice used was: http://services.xmethods.net/soap/urn:xmethods-delayed-quotes.wsdl");
  System.out.println("The quote for BEAS is: ");
  System.out.println(result);
  }

  Hi I am also facing the issue. If any one got the solutoin for this please post it
  Thanks
  Kaal

• How to Use a Certificate for Two Way SSL and another certificate for WS Security Header at Client Console Application(C# Dotnet)

  Hi,
  I want to consume a Java Web service from Dotnet based client Application. The service require one Certificate("abc.PFX") for Two Way SSL purpose and another certificate("xyz.pfx") for WS security purpose to be passed from client Application(Dotnet
  Console based). I tried configuring the App.config of Client application to pass both the certs but getting Error says:
  Could not establish secure channel for SSL/TLS with authority "******aaaa.com"
  Please suggest how to pass both the certs from client Application..

  Hi,
  This problem can be due to an Untrusted certificate. So you need just full permissions to certificates.
  And for more information, you could refer to:
  http://contractnamespace.blogspot.jp/2014/12/could-not-create-secure-channel-fix.html
  Regards

• Calling Java - Client application Through Servlet/JSP/HTML

  Hi,
  I have a Java Client Application to display presentation(BI Bean) , made thru wizard provided in JDev.
  Now i want to open this application from a link in HTML page.
  I am running the application thru J Developer only.
  please help,
  thanks,
  Vaibhav

  Hi,
  Thanx for ur help..
  My application is a JSP one..
  My J Client application is named :-
  BIApplication1.java.
  When i call it thru JSP..
  BIApplication1 bi=new BIApplication1();
  bi.setSize(800, 620);
  bi.setVisible(true);
  the application opens..
  but when i attempt to open a presentation..
  it give me the following error..
  "no configuration file found"
  but when i open BIApplication independently..it works just fine...
  thanks,
  Vaibhav

• Call webservice through URL (without client implementation)

  Hello,
  I am a newbie in webservices development. I have created my webservice, invoked it with a java client and everything works well.
  But I was wondering if it is possible to call a webservice directly by entering a URL in my browser.
  What I really need to do is to change the href property of the <a> tag in HTML like this :
  <a href="url_to_call_my_webservice"> my link to webservice </a>Can I do this?

  So, how do I do to call my webservice? Do I have to link to another page which creates a client and call my webservice ?
  What if I need a webservice to get an image like this :
  <img src="my_webservice_to_get_my_image">Is a servlet a better solution?
  Thanks for your help!

• Problem in accessing webservice over https with auth cert enabled...Urgent

  Hi All,
  I am stuck in accessing webservices using ssl and auth certificate.
  I am using jdk 6 and it is not any issue with the problem I am facing...
  This is what I do...
  I have a webservice deployed which is accessible over https.
  On server, I run..
  - to generate keystoye
  keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
  generate server certificate
  keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
  On client, i run..
  To generate client keystore-
  keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
  To generate client certificate -
  keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
  Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
  import server's cer to client keystore -
  keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
  inport client's cer to server keystore -
  keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
  when i try to call webservices through a java client (which is called by a python script), I get error as
  *"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
  *"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
  complete log is as following
  C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
  Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
  INFO: details=before SSL change
  Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
  INFO: details=after SSL change
  log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
  log4j:WARN Please initialize the log4j system properly.
  trigger seeding of SecureRandom
  done seeding SecureRandom
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
  , 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
  Session ID: {}
  Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
  28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
  DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
  _EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
  TH_DES40_CBC_SHA]
  Compression Methods: { 0 }
  main, WRITE: TLSv1 Handshake, length = 73
  main, WRITE: SSLv2 client hello message, length = 98
  main, READ: TLSv1 Handshake, length = 7873
  *** ServerHello, TLSv1
  RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
  5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
  Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
  , 177, 153, 9, 235, 160, 228, 124, 191, 206}
  Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
  ** SSL_RSA_WITH_RC4_128_MD5
  *** Certificate chain
  chain [0] = [
  Version: V3
  Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 1024 bits
  modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
  007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
  56749486566093981751121311864618619780132448329770352303648687445023336431685957
  public exponent: 65537
  Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
                 To: Sun Sep 21 14:17:18 GMT+05:30 2008]
  Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
  SerialNumber: [    485f6316]
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
  0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
  0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
  0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
  0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
  0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
  0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
  0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
  *** CertificateRequest
  Cert Types: RSA, DSS
  Cert Authorities:
  <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
  <[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
  Consulting, L=Cape Town, ST=Western Cape, C=ZA>
  <[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
  L=Cape Town, ST=Western Cape, C=ZA>
  <CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
  <CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
  <CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
  <CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
  <CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
  ref. (limits liab.), O=Entrust.net>
  <OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
  <CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
  y ref. (limits liab.), O=Entrust.net, C=US>
  <CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
  <[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
  lting cc, L=Cape Town, ST=Western Cape, C=ZA>
  <CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
  ncorp. by ref. limits liab., O=Entrust.net, C=US>
  <CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
  rt, Inc.", L=ValiCert Validation Network>
  <CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
  <CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
  <OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
  <OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
  <CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
  <CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
  <OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
  ion Authority - G2, O="VeriSign, Inc.", C=US>
  <OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
  <CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
  <CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
  <CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
  p. by ref. (limits liab.), O=Entrust.net>
  <OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
  <[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
  onsulting, L=Cape Town, ST=Western Cape, C=ZA>
  <[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
  lting, L=Cape Town, ST=Western Cape, C=ZA>
  <CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
  <CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
  <OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
  <CN=Sonera Class1 CA, O=Sonera, C=FI>
  <OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
  <CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
  y, ST=UT, C=US>
  <CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
  , OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
  <CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
  <CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
  ref. (limits liab.), O=Entrust.net>
  <CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
  <CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
  <CN=Sonera Class2 CA, O=Sonera, C=FI>
  <CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
  *** ServerHelloDone
  *** Certificate chain
  *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
  main, WRITE: TLSv1 Handshake, length = 141
  SESSION KEYGEN:
  PreMaster Secret:
  0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
  0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
  0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
  CONNECTION KEYGEN:
  Client Nonce:
  0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
  0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
  Server Nonce:
  0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
  0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
  Master Secret:
  0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
  0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
  0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
  Client MAC write Secret:
  0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
  Server MAC write Secret:
  0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
  Client write key:
  0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
  Server write key:
  0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
  ... no IV used for this cipher
  main, WRITE: TLSv1 Change Cipher Spec, length = 1
  *** Finished
  verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
  main, WRITE: TLSv1 Handshake, length = 32
  main, waiting for close_notify or alert: state 1
  main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
  main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
  Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
  INFO: details=Exception occured while calling Login service in callLoginWebService
  AxisFault
  faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
  faultSubcode:
  faultString: java.net.SocketException: Software caused connection abort: recv failed
  faultActor:
  faultNode:
  faultDetail:
  {http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
  at java.net.SocketInputStream.socketRead0(Native Method)
  at java.net.SocketInputStream.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
  at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
  at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
  at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
  at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
  at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
  at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
  at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
  at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
  at org.apache.axis.client.Call.invoke(Call.java:2767)
  at org.apache.axis.client.Call.invoke(Call.java:2443)
  at org.apache.axis.client.Call.invoke(Call.java:2366)
  at org.apache.axis.client.Call.invoke(Call.java:1812)
  at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
  at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
  at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
  {http://xml.apache.org/axis/}hostname:anuj
  java.net.SocketException: Software caused connection abort: recv failed
  at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
  at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
  at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
  at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
  at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
  at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
  at org.apache.axis.client.Call.invoke(Call.java:2767)
  at org.apache.axis.client.Call.invoke(Call.java:2443)
  at org.apache.axis.client.Call.invoke(Call.java:2366)
  at org.apache.axis.client.Call.invoke(Call.java:1812)
  at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
  at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
  at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
  Caused by: java.net.SocketException: Software caused connection abort: recv failed
  at java.net.SocketInputStream.socketRead0(Native Method)
  at java.net.SocketInputStream.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
  at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
  at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
  at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
  at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
  at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
  at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
  at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
  at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
  ... 12 more
  Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
  INFO: details=Login response is null, login was not successful
  Login was unsuccessful
  *In apache's server.xml, My webservice is deployed as*
  <Connector className="org.apache.catalina.connector.http.HttpConnector"
       port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
       acceptCount="10" debug="0"
       protocol="HTTP/1.1" SSLEnabled="true" secure="true"
  maxThreads="150" scheme="https"
       keystoreFile="lib/server.keystore"
  keystorePass="changeit" clientAuth="true"
            >
            <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
       protocol="TLS"/>
  </Connector>
  Please note clientAuth="true" parameter,
  when I set it to false, My test runs smoothly and no exception/issue is reported
  Not to forget, my javaclient has following lines too..
  //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
  //System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
  //System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
  //System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
  System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
  System.setProperty("javax.net.ssl.trustStorePassword","changeit");
  //System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
  //System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
  //System.setProperty("javax.net.ssl.keyStorePassword","changeit");
  System.setProperty("javax.net.debug", "ssl");
  s_log.info("after SSL change");
  I tried all possible combinbations of these properties but nothing worked...
  Please let me know if I am missing any required step.. here
  Ask me if you want to know more details about my problem.
  This is very urgent and critical.. Many thanks in advance.

  Hi ejp,
  thanks for your reply. I did read your post in other thread that you pointed.
  I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
  but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
  Please let me know if you need any other info from my side regarding the code.
  Thanks a Ton!
  Anuj

• How can I make my application as webservice

  Hi All,
  I'd like to know ,how can I make my application as webservice which has built on strut framework.
  with regards
  Babu H

  I'm not quite sure what you mean by application, but you can not turn whole applications to webservices. What you can do easily is to turn your services, e.g. the public methods in your stateless session bean layer as web services. There is different ways to do this, but you might want to check out Axis (http://ws.apache.org/axis ), which is a OS tool for creating WS call stacks over existing objects.