Client side
From the client side, identify the steps that need to be performed to send and receive secure messages.
The client function consists of sending a message and retrieving messages clients have sent to it.
Before you begin, create the client stub from the WDSL:
fglwsdl -domHandler myservice.wsdl
The client stub references callback handlers:
SecureMessageBox_HandleRequestSecureMessageBox_HandleResponseSecureMessageBox_HandleResponseFault
For more details about client SOAP handlers see Client stub and handlers.
What to do when a message is sent:
- Sign and encrypt the request for the server (WS-Security)
sign with client private key
encrypt with server public key
- Send key information in the request
key to identify the sender/client
key to identify the recipient/server
key used to encrypt the data (usually a symmetric key encrypted by the recipient public key)
- If the message has to be encrypted for the final recipient (XML-Security)
sign the message
encrypt the message
What to do to retrieve messages:
Identify the sender and validate the sender (search in keystore)
Identify the recipient (should be the server itself)
Decrypt the request
Check the signature
Retrieve messages for the recipient