Java Web Services Developer Pack (Java WSDP) 1.4

Print-friendly Version

Java Live Transcripts Index

Guests: Anita Jindal, Vinay Pai, and Ramesh Mandava
Moderator: Edward Ort (MDR-EdO)

This is a moderated forum.

MDR-EdO: Welcome to today's Java Live chat on the Java Web Services Developer Pack (Java WSDP) 1.4. Our guests today are Anita Jindal, Vinay Pai, and Ramesh Mandava. Anita is the Manager for Core Web Services Technologies and Standards at Sun, Vinay is the Engineering Manager at Sun for the Java WSDP, and Ramesh is the Technical Lead for the Java WSDP. They're here to answer your questions about the Java WSDP 1.4. So let's start with a level-set. Anita, Vinay, and Ramesh, can you give us a brief summary of what's new and significant in the Java WSDP 1.4 package?

Vinay Pai: Java WSDP 1.4 was just released at JavaOne 2004. It introduces three new features:

• Latest support for WS-I 1.1 standards
• Another early-access version of XWS Security
• Support for 3 containers: Sun App Server 8.0 PE, Sun Web Server 6.1, Tomcat 5.0

Anita Jindal: Java WSDP provides a JAX-RPC implementation based on JCP standards, and interoperability profiles based on WS-I BP 1.0, BP 1.1 w/ AP 1.0. We also provide an implementation of XWS Security based on the OASIS WSS spec.

jaxb-user: Were there any changes to JAXB?

Anita Jindal: We added bug fixes and performance enhancements to JAXB that ships in Java WSDP 1.4.

MrXML: When will the latest releases of the JAX* APIs such as JAXP 1.2.6 and JAX-RPC 1.1.2 be incorporated into J2EE?

Ramesh Mandava: The latest releases of JAX* technologies that are part of Java WSDP 1.4 will be part of AppServer 8.1 (PE, SE, EE). Also right now you can use Java WSDP 1.4 and integrate these new implementations into AppServer 8.0.0_01.

jaxb-user: Could you also help with licensing and distribution questions?

Vinay Pai: Sure, what are your questions?

jaxb-user: I am using JAXB. I have identified a minimum set of jar files that I need. Some of them live in the jwsdp-shared\lib and others in the jaxp and jaxb\lib directories. Can I ship them with my application? Also, could I re-jar them into a single jar or is that prohibited by the license?

Ramesh Mandava: Yes. You can ship all the needed JAXB jars in your application. The license would allow that. Also you can re-jar them into single jar, but please be aware that this is not supported through Sun support channels.

jaxb-user: I would like to ship my application in a single jar...or at least a few. Right now specifying the classpath is a nightmare with so many jar files.

Ramesh Mandava: As mentioned in my previous response, this is allowed by the license.

Skrzyp: Hey, I've just started learning Java with the Thinking in Java book, but tell me what compiler should I use, and is it really so hard to learn Java?

Vinay Pai: Sun has a free Java IDE called NetBeans. The IDE is integrated with the JDK.

tmv27: Hi, I have 2 questions on xws-security. I got the xws-security/samples/simple application working successfully with my own keystores. I have 2 questions regarding this sample application.

1. When running the application with the encrypt-server.xml and encrypt-client.xml configuration, why is it necessary to import the client's certificate into the server's truststore and the server's certificate into client's truststore when their certificates have already been signed by a trusted root CA (e.g., Verisign), whose certificate is in both truststores? Shouldn't their certificates containing their public keys get automatically exchanged during the connection request? It's a pain to publish a web service and expect a manual public certificate import for each client wanting to use the service.
2. I use Tomcat to run the sample application and did set up the SSL connector to point to the keystores. When the client connects to the server, it uses a http endpoint not https. I'm aware that htpps is needed for SSL support but not clear on where does h

tmv27: I did look at all of the Java WSDP tutorials, I have a JAX-RPC webservice, which do I need to encrypt username/password (they could be in the http header or soap message), without the need of encrypting the whole soap message or doing public key import?

Ramesh Mandava: You can use XWS Security in Java WSDP 1.4 to achieve this functionality. Please see the XWS Security chapter in the Java WSDP 1.4 tutorial.

Anita Jindal: The Java WSDP includes a version of XWS Security, which is Message Level Security based on the OASIS WSS specification. The implementation has been tested for interoperability with other vendor implementations via participation in OASIS-sponsored virtual interoperability events. You can refer to the Java WSDP 1.4 tutorial for information on how to use XWS Security. If you would like to use SSL, you can refer to the documentation on JAX-RPC to see how you could use HTTP/SSL with JAX-RPC.

AndyV: Are there any plans to incorporate a JAXB wizard in to NetBeans similar to the data binding functionality in XMLSpy? It would be nice to have something simple and easy to use.

Vinay Pai: Now that Java WSDP 1.4 has shipped, we have started working on the next major Java WSDP version (slated for March 2005). We have started some discussion with the NetBeans folks about adding some wizards and updating the JAX* support in NetBeans. This is something that is still being planned right now.

MrXML: Will the JAX* APIs take advantage of the metadata capabilities in Tiger?

Ramesh Mandava: The next revisions of JAX-RPC and JAXB (JAXRPC 2.0 & JAXB 2.0) would take advantage of metadata and annotations facilities in Tiger. You would see this functionality in the Java WSDP release around March 2005.

MrXML: I'm a little confused about the WS-I Attachment Profile 1.0 supported by JAX-RPC 1.1.2. How does it differ from the SOAP with Attachments support provided by previous versions of JAX-RPC?

Anita Jindal: The WS-I AP 1.0 support in JAX-RPC 1.1.2 is based on the Attachments Profile defined by WS-I to enable interoperability for SOAP Attachments. Using this support, you can successfully interoperate with other vendors' implementations. We do ship an Sample App 1.0 w/ Attachments EA in Java WSDP 1.4, which you can use to see how to implement WS-I compliant Apps.

Vinay Pai: Hi, I have two questions. Have you downloaded Java WSDP 1.4? What container are you using to develop your web services (App Server, Web Server, Tomcat or other)?

MrXML: Naive question: what's "Fast Web Services"? Is it something tangible (for example, actual code), design guidance, or something else entirely?

Anita Jindal: "Fast Web Services" is designed to provide improved performance for sending XML messages. The mechanism uses ASN.1 encoding to send messages in binary XML form. JAX-RPC 2.0 will enable pluggability of different encodings and transports. Using JAX-RPC 2.0, one will be able to use ASN.1 encoding for improved Web Services performance.

MrXML: Can you highlight what's going on right now in the java.net communities regarding the JAX* implementations?

Anita Jindal: We are providing binary and source drops of JAX-RPC 1.1 and JAXB 1.0 at java.net. We also have forums to answer any user questions on how they can be using these technologies or any other issues they may run into.

MDR-EdO: I'd like to thank our guests, Anita, Vinay, and Ramesh, for their answers to the questions that were posted.

Vinay Pai: Thanks everyone for joining us today. Good luck with your Web Services development. If you have more questions, you can join the forums at java.net.

Anita Jindal: It was good to provide info in this chat. If you have some follow-up questions, please use the java.net forums.

Ramesh Mandava: Thanks for your questions. If you want to follow up, feel free to send me email at ramesh.mandava@sun.com. Or write to the feedback alias at users@jwsdp.dev.java.net. Also you can participate in development of the Java WSDP technologies by being part of the WS and XML communities at java.net.

MDR-EdO: Last moderator (me) signing off. The forum is now unmoderated.