[jboss-user] [JBoss Web Services] - Re: WS-Security on JBoss 6 (with CXF)
Alessio Soldano
do-not-reply at jboss.com
Thu Feb 3 04:45:46 EST 2011
Alessio Soldano [http://community.jboss.org/people/alessio.soldano%40jboss.com] created the discussion
"Re: WS-Security on JBoss 6 (with CXF)"
To view the discussion, visit: http://community.jboss.org/message/585113#585113
--------------------------------------------------------------
If you want to use the full WS-Security facilities coming with Apache CXF and hence JBossWS-CXF, you need to go through the Spring configuration, which covers the stack specific aspect of configuring the security engine, similarly to what you did with the jboss-wsse-endpoint.xml on JBossWS-Native stack.
The documentation on WS-Security w/ JBossWS-CXF is at http://community.jboss.org/docs/DOC-13562 http://community.jboss.org/wiki/JBossWS-StackCXFUserGuide#WSSecurity . Please also consider taking a look at the mentioned Apache CXF doc there.
On the countrary, if you just want to implement and home brew solution for checking some of the WS-Security headers, you can avoid setting up security at all and install your custom handlers / interceptors. Handlers configuration is covered by standard specs and hence can be done in a stack agnostic way (see the @HandlerChain annotation). Alternatively, you can use CXF interceptors, declared through @InInterceptor/@OutInterceptor/.. (see Apache CXF doc on that).
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/585113#585113]
Start a new discussion in JBoss Web Services at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110203/7295ffe1/attachment.html
More information about the jboss-user
mailing list