独立的Java代码来调用wso2安全的Web服务

Question

I have a secured web service on wso2esb. It is based on Username token.

Now, I want to create a standalone java program to invoke this web service. I m having hard time figuring out how to do this.

Can you please help me in this.

Thanks and Regards.

Answer 1

Access to a secure web service in this way, I presume you use UT scenario:

String trustStore = null;  
ConfigurationContext ctx = null;
String policyFilePath = "[file_system_path]/secure_sample_policy.xml";

trustStore = "[file_system_path]/wso2carbon.jks";  
System.setProperty("javax.net.ssl.trustStore",trustStore);  
System.setProperty("javax.net.ssl.trustStorePassword","pass_store");  

ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(null,
        null);
this.stub = new ProxyStub(ctx);
stub._getServiceClient().engageModule("rampart");
stub._getServiceClient().engageModule("addressing");

Options options = this.stub._getServiceClient().getOptions();
options.setUserName("user");
        options.setPassword("pass");

options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyFilePath));
this.stub._getServiceClient().setOptions(options);

At this point you coul use the stub just like another web service call.

the method loadPolicy:

private static Policy loadPolicy(String xmlPath) throws Exception {
    StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
    return PolicyEngine.getPolicy(builder.getDocumentElement());
}

And an example policy file:

<?xml version="1.0" encoding="UTF-8"?>

<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
    <wsp:ExactlyOne>
      <wsp:All>
        <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
          <wsp:Policy>
            <sp:TransportToken>
              <wsp:Policy>
                <sp:HttpsToken RequireClientCertificate="false"/>
              </wsp:Policy>
            </sp:TransportToken>
            <sp:AlgorithmSuite>
              <wsp:Policy>
                <sp:Basic256/>
              </wsp:Policy>
            </sp:AlgorithmSuite>
            <sp:Layout>
              <wsp:Policy>
                <sp:Lax/>
              </wsp:Policy>
            </sp:Layout>
            <sp:IncludeTimestamp/>
          </wsp:Policy>
        </sp:TransportBinding>
        <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <wsp:Policy>
                <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
          </wsp:Policy>
        </sp:SignedSupportingTokens>

      </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>

Answer 2

You could try taking a look at the Rampart samples. Basic Sample 01 is UsernameToken Authentication.

The source code is here: link

Answer 3

I found this tutorial
http://wso2.com/library/3190
Hope this helps