java NetBeans:如何创建使用 SSL 保护的 Metro 服务的 Web 服务客户端?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7583722/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
NetBeans: How to create a web service client that consumes a SSL protected Metro service?
提问by Daniel Szalay
I am trying to add a web service reference to my application in NetBeans 7.0.1. The Metro webservice is protected with SSL and is hosted on the same computer that I want to run the client on. I am using the 'New Web Service Client' wizard, but when I submit an SSL protected WSDL, I get the following error message:
我正在尝试向 NetBeans 7.0.1 中的应用程序添加 Web 服务引用。Metro 网络服务受 SSL 保护,并托管在我想要运行客户端的同一台计算机上。我正在使用“新建 Web 服务客户端”向导,但是当我提交受 SSL 保护的 WSDL 时,我收到以下错误消息:
Problem with downloading wsdl or schema file.
Check the URL, proxy settings, or whether the server is running.
下载 wsdl 或架构文件时出现问题。
检查 URL、代理设置或服务器是否正在运行。
网址:https: //192.168.0.200: 8181/MyApp/ myService?wsdl
Metro User Guide - To Secure the Example Web Service Client Application (SSL)states:
Metro 用户指南 -保护示例 Web 服务客户端应用程序 (SSL)状态:
In the step where you are directed to cut and paste the URL of the web service that you want the client to consume into the WSDL URL field, type https :// fully-qualified-hostname:8181 /CalculatorApplication/CalculatorWSService?wsdl (changes indicated in bold) to indicate that this client should reference the web service using the secure port. The first time you access this service, accept the certificate (s1as) when you are prompted. This is the server certificate popping up to confirm its identity to the client.
In some cases, you might get an error dialog telling you that the URL https:// fully-qualified-hostname :8181/CalculatorApplication/CalculatorWSService?wsdl couldn't be downloaded. However, this the correct URL, and it does load when you run the service. So, when this error occurs, repeat the steps that create the Web Service Client using the secure WSDL. The second time, the web service reference is created and you can continue creating the client.
在指示您将希望客户端使用的 Web 服务的 URL 剪切并粘贴到 WSDL URL 字段的步骤中,键入 https://fully-qualified-hostname:8181 /CalculatorApplication/CalculatorWSService?wsdl(更改以粗体表示)表示此客户端应使用安全端口引用 Web 服务。首次访问此服务时,请在出现提示时接受证书 (s1as)。这是弹出的服务器证书以向客户端确认其身份。
在某些情况下,您可能会收到一个错误对话框,告诉您无法下载 URL https://fully-qualified-hostname :8181/CalculatorApplication/CalculatorWSService?wsdl。但是,这是正确的 URL,它会在您运行服务时加载。因此,当发生此错误时,请重复使用安全 WSDL 创建 Web 服务客户端的步骤。第二次创建 Web 服务引用,您可以继续创建客户端。
No matter how many times I try I still get the same error message (there are no proxies set and the server is running with the services deployed). The WSDL gets displayed in browser after accepting the certificate. If I enter the basic WSDL URL (the one without HTTPS), the wizard accepts it and generates the client. What do I need to do to get this work?
无论我尝试多少次,我仍然收到相同的错误消息(没有设置代理并且服务器正在运行并部署了服务)。接受证书后,WSDL 将显示在浏览器中。如果我输入基本的 WSDL URL(没有 HTTPS 的 URL),向导会接受它并生成客户端。我需要做什么才能得到这份工作?
UPDATE
更新
The same applies if I run client and service on different machines. I am using the default development certificate. Retriever output:
如果我在不同的机器上运行客户端和服务,这同样适用。我正在使用默认的开发证书。检索器输出:
Error: An I/O error occured. sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target`
错误:发生 I/O 错误。sun.security.validator.ValidatorException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效认证路径`
Do I have to set keytore and truststore in VMargs? What if I want to have this service reference in the same web application that contains the web services?
我是否必须在 VMargs 中设置密钥库和信任库?如果我想在包含 Web 服务的同一个 Web 应用程序中使用此服务引用怎么办?
采纳答案by Daniel Szalay
Answer found here:
答案在这里找到:
You have to run NetBeans with the following options:
您必须使用以下选项运行 NetBeans:
<NETBEANS_HOME>/bin/netbeans.exe
-J-Djavax.net.ssl.trustStore=<AS_HOME>/domains/domain1/config/cacerts.jks
-J-Djavax.net.ssl.keyStore=<AS_HOME>/domains/domain1/config/keystore.jks
-J-Djavax.net.ssl.trustStorePassword=changeit
-J-Djavax.net.ssl.keyStorePassword=changeit
I actually set those in <NETBEANS_HOME>/etc/netbeans.conf, in netbeans_default_options. I still got an error though, this just resulted that I am able to generate client code for SSL protected services. Running a simple WS call results in this:
我实际上将它们设置在<NETBEANS_HOME>/etc/netbeans.conf, in 中netbeans_default_options。但是我仍然遇到错误,这只是导致我能够为受 SSL 保护的服务生成客户端代码。运行一个简单的 WS 调用结果如下:
EDIT IMPORTANTThe following only happens if you are using the older JAX-WS libraries!
编辑重要事项仅当您使用较旧的 JAX-WS 库时才会发生以下情况!
Exception in thread "main" javax.xml.ws.WebServiceException: Cannot find 'https://localhost:8181/myApp/myService?wsdl' wsdl. Place the resource correctly in the classpath.
线程“main”javax.xml.ws.WebServiceException 中的异常:找不到“https://localhost:8181/myApp/myService?wsdl”wsdl。将资源正确放置在类路径中。
This can be solved by setting the clients DATASTOREWS_WSDL_LOCATIONproperty with a method like this:
这可以通过DATASTOREWS_WSDL_LOCATION使用如下方法设置客户端属性来解决:
private static URL getURL() {
try {
return new URL("https://localhost:8181/myApp/myService?wsdl");
} catch (MalformedURLException ex) {
Logger.getLogger(DataStoreWS_Service.class.getName()).log(Level.SEVERE, null, ex);
return null;
}
}
This is needed only if you generate it for a simple Java Application, because the generated client code differs for Java Web Application. Also, I just couldn't get it working with a fully qualified hostname, like my local IP. The only thing that worked was localhost. One important thing: Don't forget to bundle the same Metro libraries as on the service side! NB bug report.
仅当您为简单的 Java 应用程序生成它时才需要这样做,因为生成的客户端代码对于 Java Web 应用程序是不同的。另外,我只是无法使用完全限定的主机名,例如我的本地 IP。唯一有效的是本地主机。一件重要的事情:不要忘记捆绑与服务端相同的 Metro 图书馆!NB错误报告。
