[jboss-user] [JBossWS] - Web client for WS Secure web service: how to?

[garyng]

Hello, 

I have a simple web service created, and an equally simple web-based (servlet) client.  Both are deployed to the same JBoss instance. 

Everything works, but now I'd like to enable encryption.

>From reading through the docs and the forum posts, I've managed to get the service to expect a secured message.  So, now, when I try to connect to the service from my client, I get back the expected message:

javax.xml.rpc.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.

This is fine.  So now the question is this: how do I enable security in my web client? 

I understand that jboss-wsse-client.xml is required on the client side - but  this XML file does not specify the location of the key or trust.

The docs say this: 

"We did not specify a key store or trust store, because client apps instead use the wsse System properties instead. If this was a web or ejb client (meaning a webservice client in a war or ejb jar file), then we would have specified them in the client descriptor."

Can anyone clarify this?  Has anyone figured out how to specify these settings in a client descriptor? 

For that matter, has anyone actually managed to get an encrypted web service message working with anything except a stand-alone client?

Thanks!


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3961333#3961333

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3961333