13-2 Programming Advanced Features of JAX-WS Web Services for Oracle WebLogic Server

13.1 Additional Considerations When Specifying WSDL Location

If you use HTTPS to get the Web service from the WSDL, and the hostname definition in the WebLogic Server SSL certificate does not equal the hostname of the peer HTTPS server or is not one of the following, the action fails with a hostname verification error: ■ localhost ■ 127.0.0.1 ■ hostname of localhost ■ IP address of localhost The hostname verification error is as follows: EchoService service = new EchoServicehttps-wsdl, webservice-qName; : : javax.xml.ws.WebServiceException: javax.net.ssl.SSLKeyException: Security:090504 Certificate chain received from host.company.com - 10.167.194.63 failed hostname verification check. Certificate contained {....} but check expected host.company.com The recommended workaround is to use HTTP instead of HTTPS to get the Web service from a WSDL when creating the service, and your own hostname verifier code to verify the hostname after the service is created: EchoService service = Service.createhttp_wsdl, qname; get Port EchoPort port = service.getPort...; set self-defined hostname verifier BindingProvider port.getRequestContext.put com.sun.xml.ws.developer.JAXWSProperties.HOSTNAME_VERIFIER, new MyHostNameVerifier; Optionally, you can ignore hostname verification by setting the binding provider property: BindingProvider port.getRequestContext.put BindingProviderProperties.HOSTNAME_VERIFICATION_PROPERTY, 2 Create the proxy stub. Use the Service.getPort method to create the proxy stub. You can use this stub to invoke operations on the target service endpoint. You must pass the service endpoint interface SEI and optionally the name of the port in the WSDL service description. The method details are as follows: public T T getPortQName portName, ClassT serviceEndpointInterface throws javax.xml.ws.WebServiceException {} public T T getPortClassT serviceEndpointInterface throws javax.xml.ws.WebServiceException {} For example: MyPort port = s.getPortMyPort.class; Table 13–1 Cont. Steps to Create a Dynamic Proxy Client Step Description Creating Dynamic Proxy Clients 13-3 true; However, if you must use HTTPS to get the Web service from the WSDL, there are several possible workarounds: ■ Turn off hostname verification if you are using the WebLogic Server HTTPS connection. To do this, set the global system property to ignore hostname verification: weblogic.security.SSL.ignoreHostnameVerification=true The system property does not work for service creation if the connection is a JDK connection or other non-WebLogic Server connection. ■ Set your own hostname verifier for the connection before you get the Web service from the WSDL, then use HTTPS to get the Web service from the WSDL: set self-defined hostname verifier URL url = new URLhttps_wsdl; HttpsURLConnection connection = HttpsURLConnectionurl.openConnection; connection.setHostnameVerifiernew MyHostNameVerifier; then initiate the service EchoService service = Service.createhttps_wsdl, qname; get port and set self-defined hostname verifier to binding provider ... For the workarounds in which you set your own hostname verifier, an example hostname verifier might be as follows: public class MyHostnameVerifier implements HostnameVerifier { public boolean verifyString hostname, SSLSession session { if hostname.equals“the host you want” return true; else return false; } } 13-4 Programming Advanced Features of JAX-WS Web Services for Oracle WebLogic Server 14 Using XML Catalogs 14-1 14 Using XML Catalogs The following sections describe how to use XML catalogs: ■ Section 3.1, Overview of Asynchronous Web Service Invocation ■ Section 14.2, Defining and Referencing XML Catalogs ■ Section 14.3, Disabling XML Catalogs in the Client Runtime ■ Section 14.4, Getting a Local Copy of XML Resources

14.1 Overview of XML Catalogs