I'm trying to consume a service that does not need a certificate.
It only receives username and password as the property of the request.
I'm using the maven-jaxb2-plugin plugin to generate the code.
I tried copying using the following commands:
mvn generate-sources -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true
and
mvn generate-sources
But I have received the following error:
org.springframework.ws.client.WebServiceIOException: I/O error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
This is my setup method:
#Bean
Jaxb2Marshaller jaxb2Marshaller() {
Jaxb2Marshaller jaxb2Marshaller = new Jaxb2Marshaller();
jaxb2Marshaller.setPackagesToScan("ce.gov.s2gpr.compras.licita.business.model.service.bean");
return jaxb2Marshaller;
}
#Bean
public WebServiceTemplate webServiceTemplate() {
WebServiceTemplate webServiceTemplate = new WebServiceTemplate();
webServiceTemplate.setMarshaller(jaxb2Marshaller());
webServiceTemplate.setUnmarshaller(jaxb2Marshaller());
webServiceTemplate.setDefaultUri(defaultUri);
webServiceTemplate.setMessageSender(webServiceMessageSender());
return webServiceTemplate;
}
#Bean
public WebServiceMessageSender webServiceMessageSender() {
HttpComponentsMessageSender httpComponentsMessageSender = new HttpComponentsMessageSender();
// timeout for creating a connection
httpComponentsMessageSender.setConnectionTimeout(timeout);
// when you have a connection, timeout the read blocks for
httpComponentsMessageSender.setReadTimeout(timeout);
httpComponentsMessageSender.setCredentials(new UsernamePasswordCredentials(userName, userPassword));
return httpComponentsMessageSender;
}
This is my method that consumes the service:
#SuppressWarnings("unchecked")
public AtualizacaoItensGruposResponse testeSoap(PgeTO dto) {
ObjectFactory factory = new ObjectFactory();
AtualizacaoItensGrupos itens = factory.createAtualizacaoItensGrupos();
itens.setArg0(dto);
JAXBElement<AtualizacaoItensGrupos> request = factory.createAtualizacaoItensGrupos(itens);
try {
// webServiceTemplate.marshalSendAndReceive(request);
webServiceTemplate.marshalSendAndReceive(itens);
return null;
} catch (Exception e) {
log.error(e.getMessage());
}
}
Related
I am trying to make a client to a SOAP with Spring Boot. The requests must have a digital certificate (public key) in the header, but when I try to add it to the secuityInterceptor.
I'm deploying the client on a WildFly server, I thought maybe I would have to add the certificate to the server somehow but I don't know for sure. In principle it is in the resources folder of the project and when generating the war it is still there.
Config:
private static final Resource KEYSTORE_LOCATION = new ClassPathResource("client-keystore.jks");
private static final String KEYSTORE_PASSWORD = "password";
private static final String KEY_ALIAS = "alias";
#Bean
TrustManagersFactoryBean trustManagers() throws Exception {
TrustManagersFactoryBean factoryBean = new TrustManagersFactoryBean();
factoryBean.setKeyStore(keyStore().getObject());
return factoryBean;
}
#Bean
HttpsUrlConnectionMessageSender messageSender() throws Exception {
HttpsUrlConnectionMessageSender sender = new HttpsUrlConnectionMessageSender();
KeyManagersFactoryBean keyManagersFactoryBean = new KeyManagersFactoryBean();
keyManagersFactoryBean.setKeyStore(keyStore().getObject());
keyManagersFactoryBean.setPassword(KEYSTORE_PASSWORD);
keyManagersFactoryBean.afterPropertiesSet();
sender.setKeyManagers(keyManagersFactoryBean.getObject());
sender.setTrustManagers(trustManagers().getObject());
return sender;
}
#Bean
KeyStoreFactoryBean keyStore() throws GeneralSecurityException, IOException {
KeyStoreFactoryBean factoryBean = new KeyStoreFactoryBean();
factoryBean.setLocation(KEYSTORE_LOCATION);
factoryBean.setPassword(KEYSTORE_PASSWORD);
return factoryBean;
}
#Bean
public Jaxb2Marshaller marshaller() {
Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
marshaller.setContextPath("contextpath");
return marshaller;
}
#Bean
Wss4jSecurityInterceptor securityInterceptor() throws Exception {
Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();
securityInterceptor.setSecurementActions("Signature");
securityInterceptor.setSecurementUsername(KEY_ALIAS);
securityInterceptor.setSecurementPassword(KEYSTORE_PASSWORD);
securityInterceptor.setSecurementSignatureCrypto(cryptoFactoryBean().getObject());
return securityInterceptor;
}
#Bean
SOAPConnector client() throws Exception {
SOAPConnector client = new SOAPConnector();
System.out.println("client(): ");
client.setInterceptors(new ClientInterceptor[] { securityInterceptor() });
client.setMessageSender(messageSender());
client.setMarshaller(marshaller());
client.setUnmarshaller(marshaller());
client.afterPropertiesSet();
return client;
}
Error:
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Error during Signature:
Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [certificado]
Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [certificado]
at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:174)
at org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:238)
at org.springframework.ws.soap.security.wss4j2.Wss4jHandler.doSenderAction(Wss4jHandler.java:58)
at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage(Wss4jSecurityInterceptor.java:609)
... 80 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [certificado]
Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [certificado]
at org.apache.wss4j.dom.message.WSSecSignature.computeSignature(WSSecSignature.java:615)
at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:166)
... 83 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [certificado]
at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:696)
at org.apache.wss4j.dom.message.WSSecSignature.computeSignature(WSSecSignature.java:558)
In case it is useful, I am basing myself on this repository to make the client
I think the error is that the functions I'm using are to add certificates with a private key but I try to do it with a public one, in that case I don't know how to add the public one
this is the sing of the setSecurementUsername method:
public void setSecurementUsername(String securementUsername)
Sets the username for securement username token or/and the alias of the private key for securement signature
I'm having a rough time getting a very simple Keycloak ProtocolMapper working in Keycloak 6.0.1.
I'm trying to add extra claims to an access token. When I copy the built jar to the deployment directory I get the following NullPointerException in the deployment directory with the below contents in .failed file.
{"WFLYCTL0080: Failed services" => {"jboss.deployment.unit.\"token-enhancer-1.0-SNAPSHOT.jar\".POST_MODULE" => "WFLYSRV0153: Failed to process phase POST_MODULE of deployment \"token-enhancer-1.0-SNAPSHOT.jar\"
Caused by: java.lang.NullPointerException"}}
The logs show the same exception right below
21:18:46,697 INFO [org.keycloak.subsystem.server.extension.KeycloakProviderDeploymentProcessor] (MSC service thread 1-1) Deploying Keycloak provider: token-enhancer-1.0-SNAPSHOT.jar
21:18:46,718 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service jboss.deployment.unit."token-enhancer-1.0-SNAPSHOT.jar".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."token-enhancer-1.0-SNAPSHOT.jar".POST_MODULE: WFLYSRV0153: Failed to process phase POST_MODULE of deployment "token-enhancer-1.0-SNAPSHOT.jar"
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:183)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1738)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1700)
at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1558)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.NullPointerException
at org.keycloak.services.DefaultKeycloakSessionFactory.isInternal(DefaultKeycloakSessionFactory.java:370)
at org.keycloak.services.DefaultKeycloakSessionFactory.loadFactories(DefaultKeycloakSessionFactory.java:219)
at org.keycloak.services.DefaultKeycloakSessionFactory.deploy(DefaultKeycloakSessionFactory.java:115)
at org.keycloak.provider.ProviderManagerRegistry.deploy(ProviderManagerRegistry.java:42)
at org.keycloak.subsystem.server.extension.KeycloakProviderDeploymentProcessor.deploy(KeycloakProviderDeploymentProcessor.java:55)
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:176)
... 8 more
21:18:46,719 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 1) WFLYCTL0013: Operation ("full-replace-deployment") failed - address: ([]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit.\"token-enhancer-1.0-SNAPSHOT.jar\".POST_MODULE" => "WFLYSRV0153: Failed to process phase POST_MODULE of deployment \"token-enhancer-1.0-SNAPSHOT.jar\"
Caused by: java.lang.NullPointerException"}}
I've upload sample code to github.
My implemented ProtocolMapper class is below.
I'm having a rough time because I don't understand where to troubleshoot with such a vague error message. What would be a good strategy to investigate this issue?
import org.keycloak.models.ClientSessionContext;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.mappers.*;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.IDToken;
import java.util.*;
public class KeycloakTokenEnhancer extends AbstractOIDCProtocolMapper implements OIDCAccessTokenMapper, OIDCIDTokenMapper, UserInfoTokenMapper {
public static final String PROVIDER_ID = "oidc-token-enhancer-mapper";
private static final List<ProviderConfigProperty> configProperties = new ArrayList<>();
static {
OIDCAttributeMapperHelper.addIncludeInTokensConfig(configProperties, KeycloakTokenEnhancer.class);
}
#Override
public AccessToken transformAccessToken(AccessToken accessToken, ProtocolMapperModel protocolMapperModel, KeycloakSession keycloakSession, UserSessionModel userSessionModel, ClientSessionContext clientSessionContext) {
return accessToken;
}
#Override
public String getDisplayCategory() {
return "Token Enhancer mapper";
}
#Override
public String getDisplayType() {
return "Token Enhancer Mapper";
}
#Override
public String getHelpText() {
return "Add to claims for the User Service";
}
#Override
public List<ProviderConfigProperty> getConfigProperties() {
return configProperties;
}
#Override
public String getId() {
return PROVIDER_ID;
}
protected void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession) {
token.getOtherClaims().put("fruit", "pear, apple, tangerine");
}
public static ProtocolMapperModel create(String name, boolean accessToken, boolean idToken, boolean userInfo) {
ProtocolMapperModel mapper = new ProtocolMapperModel();
mapper.setName(name);
mapper.setProtocolMapper(PROVIDER_ID);
mapper.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
Map<String, String> config = new HashMap<String, String>();
if (accessToken) config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ACCESS_TOKEN, "true");
if (idToken) config.put(OIDCAttributeMapperHelper.INCLUDE_IN_ID_TOKEN, "true");
if (userInfo) config.put(OIDCAttributeMapperHelper.INCLUDE_IN_USERINFO, "true");
mapper.setConfig(config);
return mapper;
}
}
Try adding a package statement at the top of your class (KeycloakTokenEnhancer) and moving your class into the package.
NPE is thrown from line 370 in DefaultKeycloakSessionFactory:
String packageName = factory.getClass().getPackage().getName();
See also:
Javadoc of Class.html#getPackage
Returns:
the package of the class, or null if no package information is available from the archive or codebase.
How to validate SAML assertion signatures?
for (Assertion assertion : samlResponse.getAssertions()) {
try {
if (assertion.getSignature() != null) {
Optional<X509Certificate> x509Certificate = assertion.getSignature().getKeyInfo().getX509Datas()
.stream()
.findFirst()
.map(x509Data -> x509Data.getX509Certificates()
.stream()
.findFirst()
.orElse(null)
);
if (x509Certificate.isPresent()) {
BasicX509Credential credential = new BasicX509Credential();
credential.setEntityCertificate(KeyInfoHelper.getCertificate(x509Certificate.get()));
// what pub key credential to use here?
SignatureValidator validator = new SignatureValidator(credential);
validator.validate(assertion.getSignature());
}
}
} catch (ValidationException | CertificateException e) {
throw new SAMLException(e.getMessage(), e);
}
}
Basically what to put in new SignatureValidator(credential)
As far as I understand, A SAML assertion with KeyInfo supplied and a X809 cert should at least validate (SAML: Why is the certificate within the Signature?)
I also have an x509 cert from the idps metadata which I guess should general be used if there is no x509 cert in the assertion or within a trust chain (?)
Basically neither the x509 cert in the assertion nor the cert from the idp metadata seems to work. What am I missing here?
Turned out I did everything correctly.
When printing an opensaml object xml you should NOT use the following code:
public static String xmlObjectToString(XMLObject xmlObject) {
try {
Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(xmlObject);
StringWriter sw = new StringWriter();
Element authDOM = marshaller.marshall(xmlObject);
toString(sw, authDOM);
return sw.toString();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
private static void toString(StringWriter rspWrt, Element authDOM) throws ParserConfigurationException, TransformerException {
DOMSource domSource = new DOMSource(authDOM);
StreamResult result = new StreamResult(rspWrt);
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = tf.newTransformer();
transformer.transform(domSource, result);
}
The above code changes some internal states of the original object
Instead go for
org.opensaml.xml.util.XMLHelper.prettyPrintXML(message.getDOM())
A similar question has been asked before on this forum, but the accepted answer hasn't been helpful to me. My server has a Kerberos keytab file that I'd like to use to validate a service ticket sent by a client.
Following Sun's documentation and sample code scattered elsewhere this is what I currently have:
Client requests a service ticket from the KDC for MYSPN
Client sends the file to the Service Server to request access to the service.
Server grants access after validating service ticket with keytab for MYSPN it already has.
I'm having trouble getting #3 to work. The specific error I get is:
GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:100)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:128)
at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:200)
at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:231)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:319)
at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285)
at cms.gssapi.Server$1.run(Server.java:188)
at cms.gssapi.Server$1.run(Server.java:1)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:357)
at cms.gssapi.Server.acceptSecurityContext(Server.java:182)
at cms.gssapi.Server.main(Server.java:59)
Caused by: javax.security.auth.login.LoginException: Unable to obtain Princpal Name for authentication
at com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:750)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:646)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:559)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$5.run(LoginContext.java:721)
at javax.security.auth.login.LoginContext$5.run(LoginContext.java:719)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:718)
at javax.security.auth.login.LoginContext.login(LoginContext.java:590)
at sun.security.jgss.GSSUtil.login(GSSUtil.java:264)
at sun.security.jgss.krb5.Krb5Util.getKeys(Krb5Util.java:202)
at sun.security.jgss.krb5.Krb5AcceptCredential$1.run(Krb5AcceptCredential.java:95)
at sun.security.jgss.krb5.Krb5AcceptCredential$1.run(Krb5AcceptCredential.java:93)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:92)
... 11 more
This is a snippet of the server code that tries to validate the client's service ticket using keytab:
public static void main( String[] args) {
Properties props = new Properties();
props.load( new FileInputStream( "server.properties"));
System.setProperty( "sun.security.krb5.debug", "true");
System.setProperty( "java.security.krb5.realm", props.getProperty( "realm"));
System.setProperty( "java.security.krb5.kdc", props.getProperty( "kdc"));
System.setProperty( "java.security.auth.login.config", "./jaas.conf");
System.setProperty( "javax.security.auth.useSubjectCredsOnly", "false");
krb5Oid = new Oid( "1.2.840.113554.1.2.2");
Server server = new Server();
server.login();
byte serviceTicket[] = readClientTicketFromFile();
String clientName = server.acceptSecurityContext(serviceTicket);
}
private static byte[] readClientTicketFromFile() throws IOException {
BufferedReader in = new BufferedReader( new FileReader( "serviceticket.token"));
String str;
StringBuffer buffer = new StringBuffer();
while ((str = in.readLine()) != null) {
buffer.append( str + "\n");
}
in.close();
BASE64Decoder decoder = new BASE64Decoder();
return decoder.decodeBuffer( buffer.toString());
}
private static Oid krb5Oid;
private Subject login() throws LoginException {
LoginContext loginCtx = null;
loginCtx = new LoginContext( "Server", new LoginCallbackHandler(null,null));
System.out.println("Attempting to do Login...");
loginCtx.login();
Subject ret_sub = loginCtx.getSubject();
return ret_sub;
}
private String acceptSecurityContext( final byte[] serviceTicket)
throws GSSException {
krb5Oid = new Oid( "1.2.840.113554.1.2.2");
return Subject.doAs( subject, new PrivilegedAction<String>() {
public String run() {
try {
GSSManager manager = GSSManager.getInstance();
GSSContext context = manager.createContext( (GSSCredential) null);
context.acceptSecContext( serviceTicket, 0, serviceTicket.length);
return context.getSrcName().toString();
}
catch ( Exception e) {
e.printStackTrace();
return null;
}
}
});
}
Here is my server.properties
realm=MYREALM
kdc=192.168.1.1
and jaas.conf file
Client {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=false
useKeyTab=false
storeKey=false
isInitiator=true
debug=true
;
};
Server {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
storeKey=true
doNotPrompt=true
isInitiator=false
keyTab="/etc/krb5.keytab"
principal="MYSPN/host.domain.com#MYREALM"
debug=true
;
};
I'm sure the service ticket is valid because the server can authenticate if I provide password for the service account, but I want to use a keytab file instead of password.
Am new to web services. Am trying to generate unique session id for every login that a user does, in web services.
What I thought of doing is,
Write a java file which has the login and logout method.
Generate WSDL file for it.
Then generate web service client(using Eclipse IDE), with the WSDl file which I generate.
Use the generated package(client stub) and call the methods.
Please let me know if there are any flaws in my way of implementation.
1. Java file with the needed methods
public String login(String userID, String password) {
if (userID.equalsIgnoreCase("sadmin")
&& password.equalsIgnoreCase("sadmin")) {
System.out.println("Valid user");
sid = generateUUID(userID);
} else {
System.out.println("Auth failed");
}
return sid;
}
private String generateUUID(String userID) {
UUID uuID = UUID.randomUUID();
sid = uuID.toString();
userSessionHashMap = new HashMap<String, String>();
userSessionHashMap.put(userID, sid);
return sid;
}
public void logout(String userID) {
Set<String> userIDSet = userSessionHashMap.keySet();
Iterator<String> iterator = userIDSet.iterator();
if (iterator.equals(userID)) {
userSessionHashMap.remove(userID);
}
}
2. Generated WSDL file
Developed the web service client from the wsdl.
4. Using the developed client stub.
public static void main(String[] args) throws Exception {
ClientWebServiceLogin objClientWebServiceLogin = new ClientWebServiceLogin();
objClientWebServiceLogin.invokeLogin();
}
public void invokeLogin() throws Exception {
String endpoint = "http://schemas.xmlsoap.org/wsdl/";
String username = "sadmin";
String password = "sadmin";
String targetNamespace = "http://WebServiceLogin";
try {
WebServiceLoginLocator objWebServiceLoginLocator = new WebServiceLoginLocator();
java.net.URL url = new java.net.URL(endpoint);
Iterator ports = objWebServiceLoginLocator.getPorts();
while (ports.hasNext())
System.out.println("ports Iterator size-->" + ports.next());
WebServiceLoginPortType objWebServiceLoginPortType = objWebServiceLoginLocator
.getWebServiceLoginHttpSoap11Endpoint();
String sid = objWebServiceLoginPortType.login(username, password);
System.out.println("sid--->" + sid);
} catch (Exception exception) {
System.out.println("AxisFault at creating objWebServiceLoginStub"
+ exception);
exception.printStackTrace();
}
}
On running the this file, I get the following error.
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.ConnectException: Connection refused: connect
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:java.net.ConnectException: Connection refused: connect
Can anyone suggest an alternate way of handling this task ? And what could probably be the reason for this error.
Web services are supposed to be stateless, so having "login" and "logout" web service methods doesn't make much sense.
If you want to secure web services calls unfortunately you have to code security into every call. In your case, this means passing the userId and password to every method.
Or consider adding a custom handler for security. Read more about handlers here.