[jboss-user] [JBossWS] - Re: WS-Security Newbie Question...

Thu Jan 17 07:51:25 EST 2008

Alessio.. yes... I've already read that link. Thanks anyway ;)

Peter.. Also I've already read that post, but I'm still lost (sorry.. these are my first days working with web services and I'm getting a bit crazy hehe)

I'm gonna write everything I'm doing (surely there will be a lot of mistakes, but well.. all the beginnings are tough... :P) and I would appreciate a lot if you could give me a hand in this...

First... SERVER

Hello.java

  | package wssec;
  | 
  | import javax.jws.WebMethod;
  | import javax.jws.WebParam;
  | import javax.jws.WebService;
  | import javax.jws.soap.SOAPBinding;
  | 
  | import org.jboss.ws.annotation.EndpointConfig;
  | 
  | @WebService(name = "Hello", targetNamespace = "urn:ws.sec")
  | @EndpointConfig(configName = "Standard WSSecurity Endpoint") 
  | @SOAPBinding(style = SOAPBinding.Style.DOCUMENT)            
  | public class Hello
  | {
  |    @WebMethod
  |    public String echo(@WebParam(name = "param1") String param1)
  |    {
  |       return param1;
  |    }
  | }
  | 

I compiled it with

  | javac -d . -classpath jboss-jaxws.jar;jboss-client.jar *.java
  | 

I've made my keystore with the command:

  | keytool -genkey -keystore wsse.keystore -storepass jbossws -keyalg RSA -alias wsse -validity 365
  | 

Then I exported the certificate with:

  | keytool -export -file wsse.cer -keystore wsse.keystore -storepass jbossws -alias wsse
  | 

And created the truststore with

  | keytool -import -alias wsse -file wsse.cer -keystore wsse.truststore -storepass jbossws
  | 

web.xml

  | <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
  |   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  |   xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
  |   version="2.4">
  |   <display-name>Hello</display-name>
  |   <servlet>
  |     <servlet-name>Hello</servlet-name>
  |     <servlet-class>wssec.Hello</servlet-class>
  |     <load-on-startup>1</load-on-startup>
  |   </servlet>
  | 
  |   <servlet-mapping>
  |     <servlet-name>Hello</servlet-name>
  |     <url-pattern>/Hello</url-pattern>
  |   </servlet-mapping>
  | </web-app>
  | 

jboss-wsse-server.xml

  | <?xml version="1.0" encoding="UTF-8"?>
  | 
  | <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  |   xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_
  | 0.xsd">
  |   <key-store-file>WEB-INF/wsse.keystore</key-store-file>
  |   <key-store-password>jbossws</key-store-password>
  |   <trust-store-file>WEB-INF/wsse.truststore</trust-store-file>
  |   <trust-store-password>jbossws</trust-store-password>
  |   <config>
  |     <sign type="x509v3" alias="wsse"/>
  |     <requires>
  |       <signature/>
  |     </requires>
  |   </config>
  | </jboss-ws-security>
  | 

I create my .war with

  | jar cvf Hello.war WEB-INF
  | 

and the structure of WEB-INF is
WEB-INF
| jboss-wsse-server.xml
| wsse.keystore
| wsse.truststore
| web.xml
| classes
|      |    Hello.class

Once done this I copy Hello.war into jboss4-2-2GA\server\default\deploy and everything seems to be OK

Once that I have the WS deployed on the server which are the steps I have to follow for build my client? I only want to transmit signed messages, not interested in encryption...

This might seem a stupid topic, but I'm getting lost, 'cause this is new for me and I'm not able to find any "very very very basic" documents...

Thanks ;)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4120850#4120850

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4120850