Java applet using web services over ssl

Question

I need to have my java applet use a soap based web service over ssl. I know that you can have a servlet act as a go-between/proxy, but I want to have the applet use the web service directly over SSL. The problem is supplying the certs to the web server hosting the web services. I supplied these Java Applet Runtime Settings via the Java Control Panel:

-Djavax.net.ssl.keyStore=<local path to .p12>

-Djavax.net.ssl.keyStorePassword=<password>

I also imported the client cert (.p12) as a Client certificate via the Java Control Panel. I was hoping to do:

KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(System.getProperty("javax.net.ssl.keyStore"), System.getProperty("javax.net.ssl.keyStorePassword").toCharArray());

and use the KeyStore from there. But, no dice! It seems that I can't access those properties from within the applet. I don't want to hardcode the paths, either. I'm using JRE 1.6.0_10

Is there any other way to have the applet use a web service without the servlet proxy approach? It's likely I'm going down the wrong path. Also, I'd be interested in having this work when the web service is different from the one that's hosting the applet, if possible.

BTW: The servlet proxy approach that I want to move away from is spelled out here: http://www.ibm.com/developerworks/xml/library/x-jappws/

Thanks!

Answer 1

To access the properties and to connect to a host other than the one the applet was served from you will need (a) a signed applet, and (b) permissions granting your applet the access it needs.

You may want to look into Java Web Start to deliver the application instead of using an applet.

EDIT: The permissions might be automatic once the applet is signed.

Answer 2

I think you're asking how to have your applet pass your personal client certificate that you loaded in the java control panel to the server, programmatically.

I don't think this can be done. Somebody correct me if i'm wrong.

Answer 3

If your still checking out this thread, I'd like to know what you've found out. I am also trying to get an applet to use web services over an ssl connection. In our case the web server is local but the web service is remote. I first wrote a regular java app residing on the web server that connects to the ssl web service site successfully and returns the required information. Then the plan is to try and make the applet work. I don't even know whether an applet would use a certificate residing on the web server or would it have to be on the client pc. I'm just getting started and I think we may have issues about the class path that the java client application uses versus what the applet could use but I thought I'd try to tackle the certificate issue first. I'd love to know what you've learned.