Geek Answers Handbook

Equivalent to org.apache.axis.components.net.SunFakeTrustSocketFactory for wsimport

When I create webservice client stubs using Apache Axis, I will disable server certificate trust verification in my code using client stubs by calling the following method

AxisProperties.setProperty("axis.socketSecureFactory", "org.apache.axis.components.net.SunFakeTrustSocketFactory");

How to disable trust verification with client stubs that were generated when wsimport started?

I use this when I run some test code.

+8
java web-services jax-ws wsimport axis
source share
1 answer

All that happens in this class is to provide a fake trust store manager that trusts anything . Knowing this, you can use this article and put something together.

  • First a simple trust manager

     public class EasyTrustManager implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) { //do nothing } public void checkServerTrusted(X509Certificate[] chain, String authType) { //do nothing } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }

  • Then feed your trust manager into the SSLContext instance as the axis :

     SSLContext sCtxt = SSLContext.getInstance("SSL"); sCtxt.init(null, new TrustManager[]{new EasyTrustManager()}, new java.security.SecureRandom());

  • Set a custom context by calling HttpsURLConnection#setDefaultSSLSocketFactory based on the fact that all web service calls are based on a base instance of HttpsURLConnection . This call will set the context using SSLContext#getContext for all https calls

     HttpsURLConnection.setDefaultSSLSocketFactory(sCtxt.getSocketFactory());
+6
source share

More articles:


All Articles