1

I have a wsdl service and an android client which connects to the service via HttpsUrlConnection. The wsdl service contains two ways to call a test method:

HostnameVerifier hostnameVerifier = new HostnameVerifier() {

    @Override
    public boolean verify(String hostname, SSLSession session)
    {
        if (hostname.equals(SSL_HOSTVERIFIER_TAG))
            return true;
        else
            return false;
    }
};

CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = mContext.getResources().openRawResource(R.raw.firm_gmbh);

Certificate ca;
try
{
    ca = cf.generateCertificate(caInput);
} finally{
    caInput.close();
}

String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);

String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);

SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);

String authString = mUserName + ":" + mPassword;
byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());
String authStringEnc = new String(authEncBytes);

URL url = new URL(SSL_URL);
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setRequestProperty("Authorization", "Basic " + authStringEnc);
urlConnection.setSSLSocketFactory(context.getSocketFactory());
urlConnection.setHostnameVerifier(hostnameVerifier);
urlConnection.setRequestMethod("GET");
urlConnection.setRequestProperty("soapaction", SOAP_ACTION);

int res = urlConnection.getResponseCode();
String message = urlConnection.getResponseMessage();
InputStream in = urlConnection.getInputStream();
String msg = convertStreamToString(in);

I get a connection and now I want to call a service method but Im not sure how to do this. I tried to use the ksoap2 lib so I could use the HttpTransport.call method which calls the service soap actions. But in combination with a ssl connection it didn't work.

My question now is: How can I call a specific Soap action or wsdl element with my code without loosing any security features like TrustAllCerts or NullHostnameVerifier.

PS: I already tried to addRequestProperties("SOAPAction",SOAP_ACTION") but it responded with FileNotFoundException.

jww
  • 97,681
  • 90
  • 411
  • 885
miron123
  • 81
  • 1
  • 9
  • Reference Link : http://stackoverflow.com/questions/4064810/using-client-server-certificates-for-two-way-authentication-ssl-socket-on-androi – VVB Jul 24 '14 at 11:40
  • This link is not very helpful. I already have a ssl connection but my problem is that I cant call a specific method from the wsdl service. Normally I would work with ksoap but I want to use a correct TrustManager and HostnameVerifier which is complicated with ksoap. So I worked with HttpsUrlConnection and it worked but now I just cant call the service method. I already tried to write my own SoapEnvelope but Im just not sure how its suppose to look like. Please help – miron123 Aug 04 '14 at 08:40

0 Answers0