Securing Spring Web Services: Chapter 1


One of the common approaches for securing web services is to encrypt web service request and response messages between the client and the server.

In a secured web service environment, the web service client will encrypt the request and sends it to the server. The server will decrypt the incoming request, services the request and sends encrypted response back to the client. The client will then decrypt the response and then consumes the response.

In this step by step guide we will first create a server project which will decrypt the incoming web service request and encrypt the outgoing response and second create a client project which will encrypt the outgoing request and decrypt incoming response.

Initial Setup

The Initial Setup required to build and run both client and server project is listed below
·         Install JDK (the version that I have used here is 1.6.0_45).
·         Download and extract the following into C drive (or any other location which you feel is more appropriate.)
o   Apache Maven (version used for the purpose of this guide is 3.1.1)
o   Apache tomcat (version used for the purpose of this guide is 7.0.42)
o   JAXB (version used for the purpose of this guide is jaxb-ri-2.2.7). Add C:\ jaxb-ri-2.2.7\bin to the system path
o   Eclipse IDE (or any other IDE which you are comfortable with)

Creating Server Project

Following is the step by step guide to create server project to decrypt the incoming web service request and encrypt the response

1.       Create a project structure using the following maven command (if you are running the maven command for the first time then it will take a while to create the project structure because all the required dependencies has to be downloaded first)

mvn archetype:generate -DarchetypeArtifactId=spring-ws-archetype -DarchetypeVersion=2.1.2.RELEASE -DartifactId=bookstore-web-service -DgroupId=com.bookstore -DinteractiveMode=false

Same directory structure will be created as shown here. Also web.xml and spring-ws-servlet.xml files are created by default in WEB-INF directory.

2.  Create a new directory by name java under bookstore-web-service/src/main directory as shown here in the image.

3.  Create eclipse project files by running the following maven command. This command has to be executed from inside bookstore-web-service directory where pom.xml is located

mvn eclipse:eclipse

This command will create .settings folder, target folder, .classpath file and .project file

No comments :

Post a Comment