In a very old project we are using a client developed with Axis 1.4 to call a SOAP web service. This web service use mutual authentication mechanism, so we have a private certificate installed inside a keystore and a public key installed inside a truststore.
The SOAP client is used inside a task of a BPM process. We can't and we don't want to use JVM global truststore and keystore. Then we can't configure programmatically JVM global trustore and keystore:
// Keystore
System.setProperty("javax.net.ssl.keyStore", fileKeystore);
System.setProperty("javax.net.ssl.keyStorePassword", pwdKeystore);
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
// Truststore
System.setProperty("javax.net.ssl.trustStore", fileTruststore);
System.setProperty("javax.net.ssl.trustStorePassword", pwdTruststore);
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
An approach like that will force us to synchronize the process on the JVM properties and we don't want to do that. Moreover, there are other java processes running on the machine.
My question is: Does Axis 1.4 offer some API to specify which keystore and truststore to use for a specific web service call?
Ok, googling a little I've found the answer to my question. The answer is that using solely Axis 1.4 it is not possible to specify a different keystore/truststore for each service invocation. We need an external library, called axistools.
The library implements a particular kind of
EngineConfiguration
that allows you to specify for each service call a keystore and/or a truststore.The following example will be explicative:
And that's all, folks!!!