Consuming a web service in java and SOAPUI

Question

I am consuming a webservice in java. This service is using UserNameToken, Timestamp and Signature for message level security. I have been given SoapUI project file(xml) to try and get the data from the service. Everything works fine in SoapUI.

Now when I am trying to use the same soapUI file to generate the artifacts, I am getting a message "Receiver Policy falsified". Why is that I can connect to the service in soapUI, but I can not in java?

So I found out that I am not sending a keystore using Transport Layer Security. How do I send this in a SOAP request. I have done similar setting in SOAP UI in SSL settings and it works there.

This is my code for SOAP request in java

SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory.newInstance();
SOAPConnection soapConnection = soapConnectionFactory.createConnection();

    String url = "https://abc.org/test/ApplicantInformationService"; // Test System Web Service URL

SSLSocketFactory sslSocketFactory = getSSLSocketFactory();

conn = urlOnly.openConnection();
if (conn instanceof HttpsURLConnection) {
     ((HttpsURLConnection) conn).setSSLSocketFactory(sslSocketFactory);
     ((HttpsURLConnection) conn).setRequestMethod("POST");
 } 

conn.setRequestProperty("Content-Type", "application/soap+xml;charset=UTF-8");    
conn.setDoOutput(true);
SOAPMessage message = createSOAPRequest(user);
ByteArrayOutputStream os1 = new ByteArrayOutputStream();
message.writeTo(os1);
String requestXml = new String(os1.toByteArray()); 

OutputStreamWriter out = new OutputStreamWriter(conn.getOutputStream());
out.write(requestXml);
out.flush();
if(out != null){
    out.close();
}               
String line = "";                
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String responseNewWay = "";
while ((line = in.readLine()) != null) {
    responseNewWay = responseNewWay + line;
}
//SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(user), url);
//soapConnection.close();
//ByteArrayOutputStream os = new ByteArrayOutputStream();
//soapResponse.writeTo(os);
//String responseXml = new String(os.toByteArray());

And SSLFactory Code is like this

  private static SSLSocketFactory getSSLSocketFactory() 
    throws KeyStoreException, NoSuchAlgorithmException, CertificateException,  UnrecoverableKeyException, IOException, KeyManagementException{
    SSLSocketFactory sslsf = null;                  
    String keyStoreFileName = Preference.portalDir() + "mydocs/keystore.jks";           

        String keyStorePath = ClassLoader.getSystemResource(keyStoreFileName).getPath();        
    String keyStoreType = "JKS";
        String keyStorePassword = "mypassword";
        String trustStoreFileName = Preference.portalDir() + "mydocs/keystore.jks";        

        String trustStorePath = ClassLoader.getSystemResource(trustStoreFileName).getPath();
        String trustStorePassword = "mypassword";
        String alias = "clientcertificate";

        Properties systemProps = System.getProperties();
        systemProps.put("javax.net.ssl.keyStore", keyStorePath);
        systemProps.put("javax.net.ssl.keyStorePassword", keyStorePassword);
        systemProps.put("javax.net.ssl.keyStoreType", keyStoreType);

        systemProps.put("javax.net.ssl.trustStore", trustStorePath);
        systemProps.put("javax.net.ssl.trustStoreType", "JKS");
        systemProps.put("javax.net.ssl.trustStorePassword", trustStorePassword);
        System.setProperties(systemProps); 

        KeyManager[] keyManagers = createKeyManagers(keyStoreFileName,keyStorePassword, alias);
        TrustManager[] trustManagers = createTrustManagers(trustStoreFileName, trustStorePassword);
        sslsf = initItAll(keyManagers, trustManagers);

        return sslsf;
    }

And the error SOAP response i am getting is like this

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
    <soapenv:Body>
        <soapenv:Fault>
            <soapenv:Code>
                <soapenv:Value>soapenv:Receiver</soapenv:Value>
            </soapenv:Code>
            <soapenv:Reason>
                <soapenv:Text xml:lang="en-US">Policy Falsified</soapenv:Text>
            </soapenv:Reason>
            <soapenv:Role>https://abc.org/test/ApplicantInformationService</soapenv:Role>
            <soapenv:Detail>
                <l7:policyResult
                    status="Service Not Found.  The request may have been sent to an invalid URL, or intended for an unsupported operation." xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
            </soapenv:Detail>
        </soapenv:Fault>
    </soapenv:Body>

Now I am getting this error

Server returned HTTP response code: 500 for URL: https://abc.org/test/ApplicantInformationService

Answer 1

Maybe you have to append "?wsdl" at the end of the url string:

String url = "https://abc.org/test/ApplicantInformationService?wsdl";

Answer 2

Could you please post your createSOAPRequest method code?, I think you have not any certificate problems with the request because you are receiving a valid SOAP response from server, looks like something is wrong with your security headers, check your request SOAP message for the Timestamp element, maybe you are sending an incorrect value for created or expires tags and the server rejects your request.

Answer 3

It seems you need to set up the SSL Context for being able to send SOAP over HTTPS in the Java code. For doing that you may want to follow this two examples:

1. http://blog.hexican.com/2010/12/sending-soap-messages-through-https-using-saaj/
2. http://ruelajingsantiago.wordpress.com/2013/08/16/saaj-web-service-client-over-ssl/

Also, if you would consider using a framework for doing this, I would recommend you CXF + Apache Camel: Apache Camel: CXF