Hi,
I've been migrating one of our projects from JBoss 5.1 to 7.1.1, all was done without too much problems but I'm stuck on the security configuration for a Web Service (which does not have WS-Security Policy):
In JBoss 5.1, configuring WS-Security was done within the file "META-INF/jboss-wsse-server.xml"
<jboss-ws-security>
<key-store-file>${wsse.keystore}</key-store-file>
<key-store-type>jks</key-store-type>
<key-store-password>${wsse.keystore.password}</key-store-password>
<trust-store-file>${wsse.truststore}</trust-store-file>
<trust-store-type>jks</trust-store-type>
<trust-store-password>${wsse.truststore.password}</trust-store-password>
<config>
<timestamp ttl="3000" />
<sign type="x509v3" alias="${wsse.keystore.alias}" />
<requires>
<timestamp maxAge="3000" />
<signature />
</requires>
</config>
</jboss-ws-security>
So, I just need requests and responses to be signed and timestamped but I have a hard time understanding how to achieve this in AS7.1.1.
I've read the page https://docs.jboss.org/author/display/JBWS/WS-Security, but it didn't help.
Do I need to configure this via jbossws-cxf.xml? (tried this but seems to be ignored)
Is it available out-of-the-box in JBoss AS7.1.1? (I see spring is being used but there are no spring jars in the distribution)
I must be missing something...
Thanks,
Xavier