[jboss-user] [JBossWS] - Re: WS-Security trouble: {http://www.w3.org/2005/08/addressi

BrettSc do-not-reply at jboss.com
Thu Jul 10 16:48:59 EDT 2008

Any followup to this?

I'm in a similar situation, I've taken a working EJB-backed web service, added a @EndpointConfig and a /META-INF/jboss-wsse-server.xml that should require a plaintext username token. Testing with soapUi shows that no username token is required when I expected it to fail and require the username.

Did I miss a step? 
1) add @EndpointConfig(configName = "Standard WSSecurity Endpoint")
2) create jboss-wsse-server.xml with

  |   <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
  |                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  |                    xsi:schemaLocation="http://www.jboss.com/ws-security/config
  |                    http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
  | 	<config>
  | 		<timestamp ttl="300"/>
  | 		<requires/>
  | 	</config>
  |   </jboss-ws-security>
Client app should fail since I haven't configured it to send any username token at this point.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4163710#4163710

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4163710

More information about the jboss-user mailing list