[jboss-user] [JBossWS] - Re: Need help : JBossWS Security!
helmutdoe
do-not-reply at jboss.com
Mon Jun 30 11:08:39 EDT 2008
Hi all,
yes think you were right i had mixed RPC und JAXWS. Also after a while i was able to fix the <wsse:Securtiy> -Tag missing by using the folloing code
| import java.io.File;
| import java.net.MalformedURLException;
| import java.net.URL;
| import java.util.ArrayList;
| import java.util.List;
| import javax.xml.namespace.QName;
| import javax.xml.ws.BindingProvider;
| import javax.xml.ws.Service;
| import javax.xml.ws.handler.Handler;
| import org.jboss.ws.core.StubExt;
| import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient;
| import org.jboss.ws.extensions.addressing.jaxws.WSAddressingClientHandler;
|
| ...
| System.setProperty("org.jboss.ws.wsse.keyStore","src/WEB-INF/keystore.jks");
| System.setProperty("org.jboss.ws.wsse.trustStore", "src/WEB-INF/cacerts.jks");
| System.setProperty("org.jboss.ws.wsse.keyStorePassword", "changeit");
| System.setProperty("org.jboss.ws.wsse.trustStorePassword", "changeit");
| System.setProperty("org.jboss.ws.wsse.keyStoreType", "jks");
| System.setProperty("org.jboss.ws.wsse.trustStoreType", "jks");
|
|
|
| // Create Service Binding
| URL url = new URL("http://localhost:8080/LottoBean/LottoEJBWS?wsdl");
| QName qName = new QName("urn:com:tools:wsse", "LottoEJBWSService");
|
| //LottoEJBWSService service = new LottoEJBWSService(url,qName);
| LottoEJBWS port = Service.create(url, qName).getPort(LottoEJBWS.class);
|
| ((StubExt) port).setSecurityConfig(new File("src/META-INF/jboss-wsse-client.xml").toURI().toURL().toExternalForm());
| ((StubExt) port).setConfigName("Standard WSSecurity Client");
|
| BindingProvider binding = (BindingProvider)port;
| List<Handler> handlerChain = new ArrayList<Handler>();
| // handlerChain.add(new WSAddressingClientHandler());
| handlerChain.add(new WSSecurityHandlerClient());
| handlerChain.add(new LogHandler());
| binding.getBinding().setHandlerChain(handlerChain);
|
With this code and my configured handlers i be able to sign messages. If i add encryption to the WebService Endponit i run in an other Exception.
| Endpoint {urn:com:tools:wsse}LottoEJBWSPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData
| javax.xml.ws.soap.SOAPFaultException: Endpoint {urn:com:tools:wsse}LottoEJBWSPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData
| at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:72)
| at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:109)
| at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:579)
| ....
|
The code below shows my xml handler files.
standard-jaxws-client-config.xml
|
| <client-config>
| <config-name>Standard WSSecurity Client</config-name>
| <post-handler-chains>
| <javaee:handler-chain>
| <javaee:protocol-bindings>##SOAP11_HTTP ##SOAP11_HTTP_MTOM</javaee:protocol-bindings>
| <javaee:handler>
| <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name>
| <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class>
| </javaee:handler>
| </javaee:handler-chain>
| </post-handler-chains>
| </client-config>
|
standard-jaxws-endpoint-config.xml
|
|
| <endpoint-config>
| <config-name>Standard WSSecurity Endpoint</config-name>
| <post-handler-chains>
| <javaee:handler-chain>
| <javaee:protocol-bindings>##SOAP11_HTTP ##SOAP11_HTTP_MTOM</javaee:protocol-bindings>
| <javaee:handler>
| <javaee:handler-name>WSSecurity Handler</javaee:handler-name>
| <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
| </javaee:handler>
| <javaee:handler>
| <javaee:handler-name>Recording Handler</javaee:handler-name>
| <javaee:handler-class>org.jboss.wsf.framework.invocation.RecordingServerHandler</javaee:handler-class>
| </javaee:handler>
| </javaee:handler-chain>
| </post-handler-chains>
| </endpoint-config>
|
jboss-wsse-client.xml
| <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <config>
| <sign type="x509v3" alias="s1as" includeTimestamp="false"/>
| <encrypt type="x509v3" alias="s1as" />
| <requires>
| <signature/>
| </requires>
| </config>
| </jboss-ws-security>
|
jboss-wsse-server.xml
| <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <key-store-file>WEB-INF/keystore.jks</key-store-file>
| <key-store-password>changeit</key-store-password>
| <key-store-type>jks</key-store-type>
| <trust-store-file>WEB-INF/cacerts.jks</trust-store-file>
| <trust-store-password>changeit</trust-store-password>
| <config>
| <sign type="x509v3" alias="s1as" includeTimestamp="false"/>
| <encrypt type="x509v3" alias="s1as" />
| <requires>
| <signature/>
| </requires>
| </config>
| </jboss-ws-security>
|
Thnx for any hints
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4161537#4161537
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4161537
More information about the jboss-user
mailing list