This article shows how to implement a HTTPS web service connection where the server only allows trusted clients to connect. It extends and uses the information given in this article “Java Webservice using HTTPS part 1”.
First, it is necessary to create a certificate for the client and to store it in the client’s keystone:
keytool -genkey -keystore client_keystore.ks -alias client This certificate must be exported from the client’s keystore…
This article describes how to offer a web service over a secure HTTPS connection. In this first step of securing the connection, the server will accept any client without verifying the client’s identity.
First it is necessary to have a server certificate. For this example, we are using the keytool program which is shipped with Java and we create a self signed certificate and store it in a Keystore file named server_keystore.
To have a JAX-WS Webservice in Java 6 or higher with multiple threads, it is necessary to assign an corresponding Executor to the endpoint (the sample uses 5 threads).
import java.util.concurrent.Executors; import javax.xml.ws.Endpoint; import com.sun.net.httpserver.HttpContext; import com.sun.net.httpserver.HttpServer; httpServer = HttpServer.create(new InetSocketAddress(interfaceName, port), 0); HttpContext httpContext = httpServer.createContext("/path"); Endpoint endpoint = Endpoint.create(serviceImpl); endpoint.setExecutor(Executors.newFixedThreadPool(5)); endpoint.publish(httpContext);