Hi, I'm using WS-Security to sign SOAP messages. Currently on endpoint side I know only that I trust the client that called some web service but I don't know which of the clients has called it. Now I would also like to know which client has called the web service. Can you please help me how to extract client information from signature in SOAP message or maybe how to know which alias was used for authentication. Sorry for my English. I'm using (for server and client): - JbossAS : 4.2.1.GA - JbossWS : 1.2.1.GA (build=200704151756) - Eclipse : 3.3.1.1 - JDK : 1.5.0_14 Server side configuration: WsServer.java package app.ws.server; | | import javax.ejb.Remote; | | @Remote | public interface WsServer { | public String hello(String parameter); | } WsServerBean.java package app.ws.server; | | import org.jboss.ws.annotation.WebContext; | import javax.ejb.Stateless; | import javax.jws.WebService; | import javax.jws.soap.SOAPBinding; | import javax.jws.WebMethod; | import javax.jws.WebParam; | import org.jboss.ws.annotation.EndpointConfig; | import org.apache.log4j.Logger; | import org.jboss.annotation.security.SecurityDomain; | | @Stateless | @WebContext(contextRoot="/TestWebServices") | @WebService(serviceName="testws", targetNamespace="http://testuri.org/") | @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED) | @EndpointConfig(configName = "Standard WSSecurity Endpoint") | @SecurityDomain("JBossWS") | public class WsServerBean implements WsServer { | private static final Logger logger = Logger.getLogger(WsServerBean.class.getName()); | | @WebMethod(operationName = "hello", action = "urn:hello") | public String hello(@WebParam(name = "parameter") String parameter) { | logger.info("You have called method hello with parameter : " + parameter); | return "Hello world. You have called method hello with parameter : " + parameter; | } | } META-INF/standard-jaxws-endpoint-config.xml <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xmlns:javaee="http://java.sun.com/xml/ns/javaee" | xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd"> | | <endpoint-config> | <config-name>Standard WSSecurity Endpoint</config-name> | <post-handler-chains> | <javaee:handler-chain> | <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> | <javaee:handler> | <javaee:handler-name>WSSecurity Handler</javaee:handler-name> | <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> | </javaee:handler> | </javaee:handler-chain> | </post-handler-chains> | </endpoint-config> | | </jaxws-config> | META-INF/jboss-wsse-server.xml <?xml version="1.0" encoding="UTF-8"?> | <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> | <key-store-file>META-INF/wsse.keystore</key-store-file> | <key-store-password>jbossws</key-store-password> | <trust-store-file>META-INF/wsse.truststore</trust-store-file> | <trust-store-password>jbossws</trust-store-password> | <config> | <sign type="x509v3" alias="wsse"/> | <requires> | <signature/> | </requires> | </config> | </jboss-ws-security> META-INF/wsse.keystore keytool -genkey -keystore wsse.keystore -storepass jbossws -keyalg RSA -alias wsse -validity 365 META-INF/wsse.cer keytool -export -file wsse.cer -keystore wsse.keystore -storepass jbossws -alias wsse META-INF/wsse.truststore keytool -import -alias wsse -file wsse.cer -keystore wsse.truststore -storepass jbossws | keytool -import -alias wssc -file wssc.cer -keystore wsse.truststore -storepass jbossws output 09:31:27,777 INFO [Reference] Verification successful for URI "#element-1-1216711887170-23623672" | 09:31:27,777 INFO [Reference] Verification successful for URI "#timestamp" | 09:31:27,796 INFO [WsServerBean] You have called method hello with parameter : aaaaa Client side configuration: Generating stubs from WSDL wsconsume.sh -k -p "app.ws.client" "http://10.10.11.173:8080/TestWebServices/WsServerBean?wsdl" I have to change the service implementation class. In my case Testws.java. FROM : public class Testws extends Service TO : public class Testws extends ServiceExt META-INF/wssc.keystore keytool -genkey -keystore wssc.keystore -storepass jbossws -keyalg RSA -alias wssc -validity 365 META-INF/wssc.cer keytool -export -file wssc.cer -keystore wssc.keystore -storepass jbossws -alias wssc META-INF/wssc.truststore keytool -import -alias wssc -file wssc.cer -keystore wssc.truststore -storepass jbossws | keytool -import -alias wsse -file wsse.cer -keystore wssc.truststore -storepass jbossws TestClient.java package app.ws.client; | | import java.io.File; | import java.net.URL; | import javax.xml.namespace.QName; | import org.jboss.ws.core.StubExt; | import org.jboss.ws.core.jaxws.client.ServiceExt; | | public class TestClient { | public static void main(String[] args) { | try{ | System.setProperty("org.jboss.wsse.keyStore", "/workspace/test/src/app/ws/client/META-INF/wssc.keystore"); | System.setProperty("org.jboss.wsse.keyStorePassword", "jbossws"); | System.setProperty("org.jboss.wsse.keyStoreType", "jks"); | System.setProperty("org.jboss.wsse.trustStore", "/workspace/test/src/app/ws/client/META-INF/wssc.truststore"); | System.setProperty("org.jboss.wsse.trustStorePassword", "jbossws"); | System.setProperty("org.jboss.wsse.trustStoreType", "jks"); | | String wsdlLocation = "http://10.10.11.173:8080/TestWebServices/WsServerBean?wsdl"; | URL securityURL = new File("/workspace/test/src/app/ws/client/META-INF/jboss-wsse-client.xml").toURL(); | String targetNamespace = "http://testuri.org/"; | String serviceName = "testws"; | | Testws service = new Testws(new URL(wsdlLocation), new QName(targetNamespace, serviceName)); | ((ServiceExt)service).setSecurityConfig(securityURL.toExternalForm()); | | WsServerBean wsServerBean = service.getWsServerBeanPort(); | ((StubExt)wsServerBean).setConfigName("Standard WSSecurity Client"); | | System.out.println("\n===[ hello ]===================================================================v"); | System.out.println(wsServerBean.hello("aaaaa")); | System.out.println("===============================================================================^"); | | } | catch (Exception e) { | System.out.println("\n===[ Exception handler ]=======================================================v"); | e.printStackTrace(); | System.out.println("===============================================================================^"); | } | } | } META-INF/jboss-wsse-client.xml <?xml version="1.0" encoding="UTF-8"?> | <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> | <key-store-file>/workspace/test/src/app/ws/client/META-INF/wssc.keystore</key-store-file> | <key-store-password>jbossws</key-store-password> | <trust-store-file>/workspace/test/src/app/ws/client/META-INF/wssc.truststore</trust-store-file> | <trust-store-password>jbossws</trust-store-password> | <config> | <sign type="x509v3" alias="wssc"/> | <requires> | <signature/> | </requires> | </config> | </jboss-ws-security> META-INF/standard-jaxws-client-config.xml <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xmlns:javaee="http://java.sun.com/xml/ns/javaee" | xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd"> | | <client-config> | <config-name>Standard WSSecurity Client</config-name> | <post-handler-chains> | <javaee:handler-chain> | <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> | <javaee:handler> | <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name> | <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class> | </javaee:handler> | </javaee:handler-chain> | </post-handler-chains> | </client-config> | | </jaxws-config> I have to add following lines to "wsrunclient.sh". WSRUNCLIENT_CLASSPATH="$WSRUNCLIENT_CLASSPATH:$JBOSS_HOME/client/wsdl4j.jar" | WSRUNCLIENT_CLASSPATH="$WSRUNCLIENT_CLASSPATH:$JBOSS_HOME/lib/jboss-common.jar" | WSRUNCLIENT_CLASSPATH="$WSRUNCLIENT_CLASSPATH:$JBOSS_HOME/client/xmlsec.jar" | WSRUNCLIENT_CLASSPATH="$WSRUNCLIENT_CLASSPATH:$JBOSS_HOME/client/commons-logging.jar" Running the client: wsrunclient.sh -classpath /workspace/test/src/app/ws/client "app.ws.client.TestClient" -/usr/local/jboss/bin output: ===[ hello ]===================================================================v | 08:31:27,890 INFO [Reference] Verification successful for URI "#element-16-1216711887803-747136" | 08:31:27,892 INFO [Reference] Verification successful for URI "#timestamp" | Hello world. You have called method hello with parameter : aaaaa | ===============================================================================^ Thanks and Regards, Peter View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4165812#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...