[esb-users] [esb-dev] Consuming WS-Security service

Tom Fennelly tfennell at redhat.com
Wed Nov 24 10:26:10 EST 2010 

I think if you've already got JAX-WS in the equation, I'd look at using 
the WS-Security framework.  Otherwise, you could implement a custom 
Smooks Visitor class for manipulating the security headers.  In fact, an 
extension like this is something we've talked about doing a few times 
(http://jira.codehaus.org/browse/MILYN-80), but have never actually done it.

T.

On 24/11/2010 14:35, Keith Babo wrote:
>
> I'm pretty sure anything is possible with Smooks, but I can't speak to 
> how messy it would get.  If you are looking to sign and encrypt, my 
> guess is that you be best off using a WS-Security framework inside of 
> a custom JAX-WS handler rather than using Smooks.
>
> Care to correct me, Tom?
>
> ~ keith
>
> On 11/24/10 9:27 AM, David Borja wrote:
>> Hi!
>>
>> Thanks for your response ...
>>
>> I checked both samples, buth they use UsernameToken WS-Security, is 
>> easy to make a smooks transformation, however the BinarySecurityToken 
>> needs more complex transformation: Digest signature, Timestamps, 
>> Encryption, etc.
>>
>> I can do this with single smooks transformations??
>>
>>
>> Regards!
>>
>> On Wed, Nov 24, 2010 at 7:58 AM, Keith Babo <kbabo at redhat.com 
>> <mailto:kbabo at redhat.com>> wrote:
>>
>>
>>     Have you checked out the webservice_consumer_wise3 and
>>     webservice_consumer_wise4 quickstarts?  The former demonstrates
>>     how to add a SOAP header using Smooks and the latter shows how to
>>     add your own custom JAX-WS handler.  Either approach can be used
>>     to add WS-Security headers to the outbound SOAP request message.
>>
>>     hth,
>>     keith
>>
>>
>>     On 11/23/10 8:24 PM, David Borja wrote:
>>>     Any ideas??
>>>
>>>
>>>     Regards
>>>
>>>     On Tue, Nov 23, 2010 at 7:59 AM, David Borja <adborja at gmail.com
>>>     <mailto:adborja at gmail.com>> wrote:
>>>
>>>         Hi devs/users!
>>>
>>>         I am new with JBoss ESB but i have some experience with
>>>         other open source ESB solutions.
>>>
>>>         I am trying to consume a web service with ws-security
>>>         enabled. I am doing this with SOAPClient component.
>>>
>>>         The web service is using BinarySecurity token with X509
>>>         certificates. Is there any sample for doing this? or blog or
>>>         something? i just found samples with SAML or exposing
>>>         services with ws-security but not for consuming.
>>>
>>>         Hope you can help me!!
>>>
>>>
>>>         Regards
>>>
>>>
>>>
>>>     _______________________________________________
>>>     esb-dev mailing list
>>>     esb-dev at lists.jboss.org  <mailto:esb-dev at lists.jboss.org>
>>>     https://lists.jboss.org/mailman/listinfo/esb-dev
>>>        
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/esb-users/attachments/20101124/d940fc98/attachment.html

More information about the esb-users mailing list