[esb-users] [esb-dev] Consuming WS-Security service
Tom Fennelly
tfennell at redhat.com
Wed Nov 24 10:26:10 EST 2010
I think if you've already got JAX-WS in the equation, I'd look at using
the WS-Security framework. Otherwise, you could implement a custom
Smooks Visitor class for manipulating the security headers. In fact, an
extension like this is something we've talked about doing a few times
(http://jira.codehaus.org/browse/MILYN-80), but have never actually done it.
T.
On 24/11/2010 14:35, Keith Babo wrote:
>
> I'm pretty sure anything is possible with Smooks, but I can't speak to
> how messy it would get. If you are looking to sign and encrypt, my
> guess is that you be best off using a WS-Security framework inside of
> a custom JAX-WS handler rather than using Smooks.
>
> Care to correct me, Tom?
>
> ~ keith
>
> On 11/24/10 9:27 AM, David Borja wrote:
>> Hi!
>>
>> Thanks for your response ...
>>
>> I checked both samples, buth they use UsernameToken WS-Security, is
>> easy to make a smooks transformation, however the BinarySecurityToken
>> needs more complex transformation: Digest signature, Timestamps,
>> Encryption, etc.
>>
>> I can do this with single smooks transformations??
>>
>>
>> Regards!
>>
>> On Wed, Nov 24, 2010 at 7:58 AM, Keith Babo <kbabo at redhat.com
>> <mailto:kbabo at redhat.com>> wrote:
>>
>>
>> Have you checked out the webservice_consumer_wise3 and
>> webservice_consumer_wise4 quickstarts? The former demonstrates
>> how to add a SOAP header using Smooks and the latter shows how to
>> add your own custom JAX-WS handler. Either approach can be used
>> to add WS-Security headers to the outbound SOAP request message.
>>
>> hth,
>> keith
>>
>>
>> On 11/23/10 8:24 PM, David Borja wrote:
>>> Any ideas??
>>>
>>>
>>> Regards
>>>
>>> On Tue, Nov 23, 2010 at 7:59 AM, David Borja <adborja at gmail.com
>>> <mailto:adborja at gmail.com>> wrote:
>>>
>>> Hi devs/users!
>>>
>>> I am new with JBoss ESB but i have some experience with
>>> other open source ESB solutions.
>>>
>>> I am trying to consume a web service with ws-security
>>> enabled. I am doing this with SOAPClient component.
>>>
>>> The web service is using BinarySecurity token with X509
>>> certificates. Is there any sample for doing this? or blog or
>>> something? i just found samples with SAML or exposing
>>> services with ws-security but not for consuming.
>>>
>>> Hope you can help me!!
>>>
>>>
>>> Regards
>>>
>>>
>>>
>>> _______________________________________________
>>> esb-dev mailing list
>>> esb-dev at lists.jboss.org <mailto:esb-dev at lists.jboss.org>
>>> https://lists.jboss.org/mailman/listinfo/esb-dev
>>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/esb-users/attachments/20101124/d940fc98/attachment.html
More information about the esb-users
mailing list