[jboss-user] [JBoss Web Services] - Migrating secured WS from JBoss 5.1 to 7.1.1

Xavier Dury do-not-reply at jboss.com
Thu Dec 6 05:06:43 EST 2012 

Xavier Dury [https://community.jboss.org/people/xdury] created the discussion

"Migrating secured WS from JBoss 5.1 to 7.1.1"

To view the discussion, visit: https://community.jboss.org/message/780326#780326

--------------------------------------------------------------
Hi,

I've been migrating one of our projects from JBoss 5.1 to 7.1.1, all was done without too much problems but I'm stuck on the security configuration for a Web Service (which does not have WS-Security Policy):

In JBoss 5.1, configuring WS-Security was done within the file "META-INF/jboss-wsse-server.xml"

<jboss-ws-security>
  <key-store-file>${wsse.keystore}</key-store-file>
          <key-store-type>jks</key-store-type>
          <key-store-password>${wsse.keystore.password}</key-store-password>
  <trust-store-file>${wsse.truststore}</trust-store-file>
          <trust-store-type>jks</trust-store-type>
          <trust-store-password>${wsse.truststore.password}</trust-store-password>
  <config>
    <timestamp ttl="3000" />
    <sign type="x509v3" alias="${wsse.keystore.alias}" />
    <requires>
      <timestamp maxAge="3000" />
      <signature />
    </requires>
  </config>
</jboss-ws-security>

So, I just need requests and responses to be signed and timestamped but I have a hard time understanding how to achieve this in AS7.1.1.

I've read the page  https://docs.jboss.org/author/display/JBWS/WS-Security https://docs.jboss.org/author/display/JBWS/WS-Security, but it didn't help.

Do I need to configure this via jbossws-cxf.xml? (tried this but seems to be ignored)
Is it available out-of-the-box in JBoss AS7.1.1? (I see  spring is being used but there are no spring jars in the distribution)

I must be missing something...

Thanks,

Xavier
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/780326#780326]

Start a new discussion in JBoss Web Services at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20121206/4788e36d/attachment.html

More information about the jboss-user mailing list