The goal
Running a JAX-WS SOAP webservice on Glassfish using client certificates for authentication. The client certificates will be issued by self appointed Certificate Authority (CA). We will develop sample clients for the webservice with Java and PHP (CURL). The CURL client should be easily portable to other platforms (Python, Perl, ...) as well.
The parts
1. Server key/certificate
2. CA key/certificate
3. Client keys/certificates
4. A JAX-WS webservice running on Glassfish V2.1 server
5. PHP CURL client
6. Java SOAP client
The process
1. User generates a private key and a Certificate request (CSR)
2. Provider signs the CSR and provides the user with a certificate
3. User connects to the webservice using his "client certificate" and private key
This article consists of 3 parts (each as a separate posting):
I. Part 1: Setting up the webservice
II. Part 2: The PHP-CURL client
III. Part 3: The Java client
Resources
1. OpenSSL Keytool Cheatsheet
2.
No comments:
Post a Comment