Client giving error when invoking a secured web se

2019-04-17 23:30发布

I have written a client that invokes webservice. My client is:

String publisherEPR = "https://abc:8280/services/ProviderPublication";
        protected void publicationOpenSession(HttpServletRequest request, HttpServletResponse response)
                    throws ServletException, IOException {

                System.out.println("Inside publicationOpenSession");
                date = new Date();
                namespace = "http://www.openoandm.org/xml/ISBM/";
                fac = OMAbstractFactory.getOMFactory();
                OMNamespace ns = fac.createOMNamespace(namespace, "ns1");

                OMElement result = null;
                channelURI = request.getParameter("TxtPublisher1ChannelURI");
                textfield = request.getParameter("TxtAreaServicePublisherLog");
                String finalChannelURI = "";
                int count = 0;
                try {
                    if (channelURI != null && (channelURI.indexOf(".") > -1)) {
                        System.out.println("Inside If Checking Channel URI");
                        String[] tempChannelURI = channelURI.split("\\.");
                        for (count = 0; count < tempChannelURI.length - 1; count++) {
                            finalChannelURI = finalChannelURI + tempChannelURI[count];
                            if (count < tempChannelURI.length - 2) {
                                finalChannelURI = finalChannelURI + ".";
                            }
                        }
                        System.out.println("Inside If Checking Channel URI : " + finalChannelURI);
                    }
                    System.out.println("OpenPublicationSession" + finalChannelURI);
                    System.out.println(publisherEPR);
                    OMElement OpenPublicationSessionElement = fac.createOMElement("OpenPublicationSession", ns);
                    OMElement ChannelURIElement = fac.createOMElement("ChannelURI", ns);
                    ChannelURIElement.setText(finalChannelURI);
                    OpenPublicationSessionElement.addChild(ChannelURIElement);

                    String webinfFolder = request.getSession().getServletContext().getRealPath("/WEB-INF");
                    ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(
                            webinfFolder, webinfFolder + "/conf/axis2.xml");

                    Options options = new Options();
                    ServiceClient client = new ServiceClient(ctx, null);
                    EndpointReference targetEPR = new EndpointReference(publisherEPR);
                    options.setTo(targetEPR);
                    options.setAction("urn:OpenPublicationSession");
                    options.setManageSession(true);
                    options.setUserName(user_name);                 
                    java.util.Map<String, Object> m = new java.util.HashMap<String, Object>();
                    /*m.put("javax.net.ssl.trustStorePassword", "wso2carbon");
                    m.put("javax.net.ssl.trustStore", "wso2carbon.jks");
                    */

                    System.out.println(new Date() + " Checkpoint1");
                    // We are accessing STS over HTTPS - so need to set trustStore parameters.
                    System.setProperty("javax.net.ssl.trustStore", "client.jks");
                    System.setProperty("javax.net.ssl.trustStorePassword", "apache");
                    /*m.put("javax.net.ssl.trustStore", "client.jks");
                    m.put("javax.net.ssl.trustStorePassword", "apache");*/
                    /*m.put("org.apache.ws.security.crypto.provider","org.apache.ws.security.components.crypto.Merlin");
                    m.put("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
                    m.put("org.apache.ws.security.crypto.merlin.keystore.password","apache");
                    m.put("org.apache.ws.security.crypto.merlin.file", "client.jks");*/
                    //options.setProperties(m);
                    System.out.println(new Date() + " Checkpoint2");

                    client.setOptions(options);

                    MessageContext messageContext = new MessageContext();
                    messageContext.setOptions(options);
                    messageContext.setMessageID("MyMessageID");
                    System.out.println("provider:user_name: " + user_name);
                    messageContext.setProperty("username", user_name);
                    messageContext.setProperty("password", user_password);
                    MessageContext.setCurrentMessageContext(messageContext);
                    messageContext.setProperty("myproperty", "mypropertyvalue");

                    String falconNS = "http://cts.falcon.isbm";
                    falcon = fac.createOMNamespace(falconNS, "falcon");
                    OMElement falconUserElement = fac.createOMElement("FalconUser", falcon);
                    falconUserElement.setText(user_name);
                    client.addHeader(falconUserElement);

                    // invoke web-service
                    try {
                        errorText = "Client Didnt Respond.";

                        result = client.sendReceive(OpenPublicationSessionElement);
                        System.out.println(result.toString());
                        OMElement SessionIDElement = null;
                        SessionIDElement = result.getFirstChildWithName(new QName(namespace, "SessionID"));
                        SessionID = SessionIDElement.getText();

                        request.setAttribute("PublisherSession", SessionID);

                        StringBuffer text = new StringBuffer();
                        text.append((request.getParameter("TxtAreaServicePublisherLog")).trim());
                        text.trimToSize();

                        SessionID = SessionIDElement.getText();

                        StringBuffer publisherLog = new StringBuffer();
                        publisherLog.append((request.getParameter("TxtAreaServicePublisherLog")).trim());

                        publisherLog.trimToSize();
                        System.out.println("Checkpoint1");

                        publisherLog.append("\n" + new Date().toString() + " " + PUBLISHER_SESSION_SUCCESS_MSG + SessionID);

                        request.setAttribute("textMessageService2", publisherLog);
                        request.setAttribute("PublisherSession", SessionID);
                        System.out.println("Checkpoint3");

                        RequestDispatcher rd = request.getRequestDispatcher("/Provider.jsp");// hard-coded

                        try {
                            rd.forward(request, response);
                        } catch (IOException ioe) {
                            ioe.printStackTrace();
                        } catch (ServletException se) {
                            se.printStackTrace();
                        }

                    } catch (Exception e) {

                        errorText = "Client not responding";
                        buildErrorLog(request, response, e);
                        e.printStackTrace();
                    }

                    //buildCallLog(request, response, result);

                } catch (Exception e) {
                    e.printStackTrace();
                    buildErrorLog(request, response, e);
                }
            }

And i have a proxy service upon which i have implemented security and its url is:

https://abc:8280/services/ProviderPublication.

My handle method inside callback handler is:

public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
        System.out.println("\n \n " + new Date() + " ISBMClient.PWCBHandler.handle");
        if(MessageContext.getCurrentMessageContext() == null){
            System.out.println("CurrentMessageContext is null");                
        }else{
            //get the credentials from the jsp
            System.out.println("MessageID: " + MessageContext.getCurrentMessageContext().getMessageID());
            dynamicUser = MessageContext.getCurrentMessageContext().getProperty("username").toString();
            dynamicPassword = MessageContext.getCurrentMessageContext().getProperty("password").toString();
            System.out.println("MessageContext user_name: " + dynamicUser);
            System.out.println("MessageContext user_password: " + dynamicPassword);         
        }
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
            pwcb.setIdentifier(dynamicUser);
            String id = pwcb.getIdentifier();
            System.out.println("Invoking service with user: " + id);
            if(dynamicUser.equals(id)){
                pwcb.setPassword(dynamicPassword);
            }
        }
    }

Now the problem is when i invoke this proxy service through my client code i am getting exception as

[INFO] Unable to sendViaPost to url[https://abc:8280/services/ProviderPublication]
org.apache.axis2.AxisFault: Trying to write END_DOCUMENT when document has no root (ie. trying to output empty document).
    at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
    at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:78)
    at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:84)
    at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
    at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
    at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:621)
    at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:193)
    at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
    at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
    at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
    at cts.falcon.isbm.client.Provider.publicationOpenSession(Provider.java:557)
    at cts.falcon.isbm.client.Provider.doPost(Provider.java:852)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at java.lang.Thread.run(Thread.java:722)
Caused by: javax.xml.stream.XMLStreamException: Trying to write END_DOCUMENT when document has no root (ie. trying to output empty document).
    at com.ctc.wstx.sw.BaseStreamWriter.throwOutputError(BaseStreamWriter.java:1473)
    at com.ctc.wstx.sw.BaseStreamWriter.reportNwfStructure(BaseStreamWriter.java:1502)
    at com.ctc.wstx.sw.BaseStreamWriter.finishDocument(BaseStreamWriter.java:1663)
    at com.ctc.wstx.sw.BaseStreamWriter.close(BaseStreamWriter.java:288)
    at org.apache.axiom.util.stax.wrapper.XMLStreamWriterWrapper.close(XMLStreamWriterWrapper.java:46)
    at org.apache.axiom.om.impl.MTOMXMLStreamWriter.close(MTOMXMLStreamWriter.java:222)
    at org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:192)
    at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:74)
    ... 38 more

But the same code is working for another web service written in eclipse. What am i doing wrong? Looking forward to your answers. Thanks in advance

2条回答
混吃等死
2楼-- · 2019-04-18 00:21

You need to set SOAP envelope along with SOAP body which carries your payload from Service Client. I think that cause this problem. Please refer this blog post and refactor your code to add that. http://amilachinthaka.blogspot.com/2009/09/sending-arbitrary-soap-message-with.html

查看更多
3楼-- · 2019-04-18 00:28

A little late on the response here, but I ran into the same error message and after further digging it was due to some SSL certificate failures.

There were 2 ways to fix this:

  • Adding trusted certificate to Java using the keytool command.

OR

  • Using your own custom code to accept all certs (ex. below with a acceptallCerts() method)

    public class SslUtil {
    
    private static class SmacsTrustManager implements X509TrustManager {
    
        @Override
        public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
    
        @Override
        public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {}
    
        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }
    
    
    public static void acceptAllCerts(){
        try{
            SSLContext ctx = SSLContext.getInstance("TLS");
            ctx.init(new KeyManager[0], new TrustManager[] {new SmacsTrustManager()}, new SecureRandom());
            SSLContext.setDefault(ctx);
    
        }catch (Exception e){
    
        }
      }
    }
    
查看更多
登录 后发表回答