Skip to main content

By clicking Submit, you agree to the developerWorks terms of use.

The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

  • Close [x]

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

By clicking Submit, you agree to the developerWorks terms of use.

All information submitted is secure.

  • Close [x]

Select a language:

  • Close [x]
  • Close [x]

Building a secure SOAP client for J2ME, Part 2: Enhancing stub classes in Web services APIs (WSA) for J2ME

Implementing security algorithms

Bilal Siddiqui, Freelance consultant
Bilal Siddiqui is an electronics engineer, an XML consultant, and the founder of XML4Java.com, a company focused on simplifying e-business. After graduating in 1995 with a degree in electronics engineering from the University of Engineering and Technology, Lahore, he began designing software solutions for industrial control systems. Later, he turned to XML and used his experience of programming in C++ to build Web- and WAP-based XML processing tools, server-side parsing solutions, and service applications. He is a technology evangelist and a frequently published technical author.

Summary:  In this three-part tutorial series you'll learn how to build a secure Web services client based on Java™ 2, Micro edition (J2ME). This second installment considers stub classes for a secure email service and explains how to enhance them to provide security features. We also explore some important security algorithms in detail and demonstrate how to implement them in a J2ME device.

View more content in this series

Date:  04 Aug 2006
Level:  Intermediate
PDF:  A4 and Letter (792 KB | 54 pages)Get Adobe® Reader®

Activity:  9360 views
Comments:  

Before you start

About this tutorial series

This series demonstrates how to incorporate security in Java 2, Micro Edition (J2ME)-based wireless access to Web services. We use the following components and technologies together in a J2ME MIDlet:

  1. Web Services APIs (WSA) for J2ME
  2. Cryptography
  3. XML Digital Signature (XMLDS)
  4. Java Card

In Part 1 of this series, you have already seen how WSA stub classes work. The remainder of this tutorial series demonstrates how to enhance WSA stub classes and integrate other technology components such as cryptography, XML signatures and Java Card into WSA stub classes.

This tutorial series also demonstrates various testing and debugging arrangements that you can use to integrate different technology components. The series concludes by putting together all the concepts into a "stub enhancer tool". This tool will enhance functionality of WSA stub classes by incorporating security features.

Back to top

About this tutorial

In Part 1 of this tutorial, we took a deep look inside WSA by considering simple and extended email services. Part 1 concluded with an introduction to a secure version of the email service.

Part 2 explores the secure email service in detail. In this part, you will generate stub classes for the secure email service. You will take each individual class among the stub classes of the secure email service and learn how to enhance it to provide required security features.

You will also come across a few helper classes in the secure email service that handles XML and security issues like authoring canonical form of XML and calculating digest values.

Therefore Part 2 also teaches you why you need canonicalization and digest algorithms to secure wireless access to your Web services. Part 2 also demonstrates techniques of implementing these algorithms, especially suitable for wireless devices with memory constraints.

Back to top

Prerequisites

The first prerequisite is to read Part 1 of this series.

You will come across various technology components in this tutorial. Therefore, it's important for you to have a basic understanding of the components. Specifically, the following background is assumed:

  1. You should be familiar with Java programming and have a basic understanding of J2ME MIDlets.
  2. WSA uses Web Services Definition Language (WSDL) and Simple Object Access Protocol (SOAP). Therefore, you need to know how WSDL interfaces are mapped to SOAP method invocation calls.

Moreover, some background on XML signatures will be useful.

IBM developerWorks has many excellent articles and tutorials about these topics. The Resources section lists some for ready reference.

Back to top

Who should take this tutorial?

The primary purpose of this series of tutorials is to help you allow wireless access to your Web services -- with or without security.

This part of the series discusses the customization of WSA stub classes for security. Therefore, whenever you feel that standard set of WSA stub classes doesn't suit your application, you can refer to this tutorial for some ideas about customization.

Another point: This part demonstrates how to implement canonicalization and digest calculation algorithms in a memory restrained wireless device. So, this tutorial can also help you implement similar algorithms in wireless devices.

Back to top

Tutorial topics

Part 2 consists of the following eight sections:

  1. Tutorial introduction
  2. Explanation of the WSDL file for the secure email service. This section also introduces stub classes for the secure email service
  3. Discussion of how a J2ME MIDlet will use the secure email service. This section also demonstrates how to enhance the main stub class of the secure email service to provide security features
  4. Discussion of how to enhance the Signature stub class
  5. Demonstration of how to enhance rest of the stub classes in the secure email service
  6. Explanation of implementing W3C's canonicalization algorithm for a J2ME application
  7. Demonstration of calculating digest values
  8. Wrap-up

Back to top

Code samples and installation requirements

We used Java Development Kit (JDK) version 1.5, J2ME Wireless Toolkit version 2.2, and Sun Java Wireless Toolkit version 2.3 Beta to generate and try the code for Part 2.

We also used XML Security Suite for Java (XSS4J) from IBM alphaWorks and Xalan from Apache to debug the code for this tutorial. Both of these are open source tools, which you can download by referring to the Resources section of this tutorial.

We will build a Java Card application in Part 3 of this tutorial. Therefore, the third part will also use Java Card Development Kit from the Sun Web site to try the Java Card application.

1 of 11 | Next

Comments

Back to top

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=SOA and web services
ArticleID=152047
TutorialTitle=Building a secure SOAP client for J2ME, Part 2: Enhancing stub classes in Web services APIs (WSA) for J2ME
publish-date=08042006
author1-email=bsiddiqui@xml4java.com
author1-email-cc=

Table of contents

1 of 11 | Next

Dig deeper into SOA and Web services on developerWorks

IBM SmartCloud trial. No charge.

IBM PureSystems on a kaleideoscope background

Unleash the power of hybrid cloud computing today!

Public and private solutions in one trial.

Special offers

On demand demos: An easy way to watch and learn

Get recognized! W Author Program

Cloud Computing resources for IT professionals

Trial software offers

Share this page:

  • Close [x]

Follow developerWorks:

  • Close [x]