[jboss-user] [JBoss Web Services] - Re: Problem with securing web service with ws security ( username token )

[Erick Jeronimo Diaz]

Erick Jeronimo Diaz [http://community.jboss.org/people/erickjd] created the discussion

"Re: Problem with securing web service with ws security ( username token )"

To view the discussion, visit: http://community.jboss.org/message/570351#570351

--------------------------------------------------------------
hi Lukasz, i've tested ws-security with jboss-4.2.3 and *jbossws-native-3.1.1.GA; and it worked!!!*

*this is my* jboss-wsse-server.xml:
+
+
+<jboss-ws-security xmlns=" http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/config"+
+                   xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance"+
+                   xsi:schemaLocation=" http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/config+
+                    http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">+
+     <key-store-file>META-INF/master-sign_enc.jks</key-store-file>+
+        <key-store-password>password</key-store-password>+
+        <key-store-type>jks</key-store-type>+
+        <trust-store-file>META-INF/wsse10.truststore</trust-store-file>+
+        <trust-store-password>password</trust-store-password>+
+     <config>+
+          <timestamp ttl="300"/>+
+          <sign alias="master" includeTimestamp="true"/>+
+          <encrypt alias="facturacion"/>+
+           <requires>+
+             <signature/>+
+             <encryption/>     + 
+           </requires>+
+        </config>+
+</jboss-ws-security>+

of course, you must to create the keystores(++master-sign_enc.jks++) y truststores(++wsse10.truststore++) and their certificates,see *keytool* ++command.++

Then for client, i use a java client class:

+*public* *class* SecureAgency *extends* Agency+
+{+
+   *public* SecureAgency(URL url)+
+   {+
+      *super*(url);+
+      *((StubExt)**endpoint**).setConfigName(**"Standard WSSecurity Client"**);*+
+   }+
+
+
+   *public* *static* *void* main(String[] args)+
+   {+
+      *try*+
+      {+
+       *if* (args.length == 3)+
+         {+
+            Agency agency = *new* SecureAgency(*new* URL(args[0]));+
+            agency.run(args[1], args[2]);+
+            System.++out.println("Press release sent.");+
+         }+
+         *else*+
+         {+
+            System.++out.println("SecureAgency client usage:");+
+            System.++out.println("./wsrunclient.sh -classpath agency.jar org.jboss.test.ws.jaxws.samples.news.SecureAgency " ++
+                        " http://localhost:8080/bills/ http://localhost:8080/bills/ billRelease?wsdl title body");+
+         }+
+      }+
+      *catch* (Exception e)+
+      {+
+         e.printStackTrace();+
+      }+
+   }+
+}+

where we add: ((*StubExt)**endpoint**).setConfigName(**"Standard WSSecurity Client"**);*   forget about hierarchy......

*YOU MUST ADD:*   +jbossws-native-saaj.jar, jbossws-native-jaxws.jar, jaxb-api.jar+  FILES TO +%JBOSS_HOME%/lib/endorsed+   AND
-Djava.endorsed.dirs=+%JBOSS_HOME%/lib/endorsed  AS ARGUMENTS OF VM TO RUN THE EXAMPLE+

+REMEMBER THE CLIENT HAVE TO GET+ standard-jaxws-client-config.xml FILE

i hope it help 'u
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/570351#570351]

Start a new discussion in JBoss Web Services at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20101109/18b60423/attachment-0001.html