Summary:
In this guide, we will see how to invoke REST Auth/AZ web service and pass the required client certificate when it is protected with X.509 certificate authentication scheme.
Environment:
- Web Agent/Policy Server: 12.52 and above
- OS : ANY
Pre-requisites :
- The root resource (/authazws/) for Auth/AZ web service is protected with X.509 Authentication scheme.
- The web server (Apache) component of Apache is configured for SSL connectivity.
- Client (user) certificate for the Authorised users are created.
Instructions:
TEST 1: REST Client (e.g SOAPUI)
This needs configuring SOAPUI with the X.509 certificate authentication.
This has been detailed quite well here : How to configure SoapUI with client certificate authentication
TEST 2: REST Client ( e.g Java)
1. Add the CA cert which signed the SPS Apache server certificate to the java key store as trusted CA:
e.g. keytool -importcert -trustcacerts -alias ad2k8-01 -file RootCA-ad2k8-01.cer -keystore cacerts -storepass changeit -v
2. Modify the following properties in UserAuthenticationServiceImpl.java as per your environment
3. Modify the JDK home in the java-build.bat and java-run.bat (windows)
4. Compile the Test class by running java-build.bat (windows)
5. Execute the class by running java-run.bat (windows)
Sample output :
Additional Information