JBoss Community

Re: Problem with securing web service with ws security ( username token )

created by Erick Jeronimo Diaz in JBoss Web Services - View the full discussion

hi Lukasz, i've tested ws-security with jboss-4.2.3 and jbossws-native-3.1.1.GA; and it worked!!!

 

this is my jboss-wsse-server.xml:


<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                   xsi:schemaLocation="http://www.jboss.com/ws-security/config
                   http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
     <key-store-file>META-INF/master-sign_enc.jks</key-store-file>
        <key-store-password>password</key-store-password>
        <key-store-type>jks</key-store-type>
        <trust-store-file>META-INF/wsse10.truststore</trust-store-file>
        <trust-store-password>password</trust-store-password>
     <config>
          <timestamp ttl="300"/>
          <sign alias="master" includeTimestamp="true"/>
          <encrypt alias="facturacion"/>
           <requires>
             <signature/>
             <encryption/>      
           </requires>
        </config>

</jboss-ws-security>

 

of course, you must to create the keystores(master-sign_enc.jks) y truststores(wsse10.truststore) and their certificates,see keytool command.

 

Then for client, i use a java client class:

 

public class SecureAgency extends Agency

{

   public SecureAgency(URL url)

   {

      super(url);

      ((StubExt)endpoint).setConfigName("Standard WSSecurity Client");

   }


   public static void main(String[] args)

   {

      try

      {

       if (args.length == 3)

         {

            Agency agency = new SecureAgency(new URL(args[0]));

            agency.run(args[1], args[2]);

            System.out.println("Press release sent.");

         }

         else

         {

            System.out.println("SecureAgency client usage:");

            System.out.println("./wsrunclient.sh -classpath agency.jar org.jboss.test.ws.jaxws.samples.news.SecureAgency " +

                        "http://localhost:8080/bills/ billRelease?wsdl title body");

         }

      }

      catch (Exception e)

      {

         e.printStackTrace();

      }

   }

}

 

where we add: ((StubExt)endpoint).setConfigName("Standard WSSecurity Client");   forget about hierarchy......

 

YOU MUST ADD:   jbossws-native-saaj.jar, jbossws-native-jaxws.jar, jaxb-api.jar  FILES TO %JBOSS_HOME%/lib/endorsed   AND

-Djava.endorsed.dirs=%JBOSS_HOME%/lib/endorsed  AS ARGUMENTS OF VM TO RUN THE EXAMPLE

 

REMEMBER THE CLIENT HAVE TO GET standard-jaxws-client-config.xml FILE

 

i hope it help 'u

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community