[jboss-user] [JBoss Web Services] - Re: WS-Security on JBoss 6 (with CXF)

Alessio Soldano do-not-reply at jboss.com
Thu Feb 3 04:45:46 EST 2011

Alessio Soldano [http://community.jboss.org/people/alessio.soldano%40jboss.com] created the discussion

"Re: WS-Security on JBoss 6 (with CXF)"

To view the discussion, visit: http://community.jboss.org/message/585113#585113

If you want to use the full WS-Security facilities coming with Apache CXF and hence JBossWS-CXF, you need to go through the Spring configuration, which covers the stack specific aspect of configuring the security engine, similarly to what you did with the jboss-wsse-endpoint.xml on JBossWS-Native stack.
The documentation on WS-Security w/ JBossWS-CXF is at  http://community.jboss.org/docs/DOC-13562 http://community.jboss.org/wiki/JBossWS-StackCXFUserGuide#WSSecurity . Please also consider taking a look at the mentioned Apache CXF doc there.

On the countrary, if you just want to implement and home brew solution for checking some of the WS-Security headers, you can avoid setting up security at all and install your custom handlers / interceptors. Handlers configuration is covered by standard specs and hence can be done in a stack agnostic way (see the @HandlerChain annotation). Alternatively, you can use CXF interceptors, declared through @InInterceptor/@OutInterceptor/.. (see Apache CXF doc on that).

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110203/7295ffe1/attachment.html 

More information about the jboss-user mailing list