[jboss-user] [JBoss Web Services] - WS-Security without Spring, without WS-Policy and without the CXF annotations?

Matt Wringe do-not-reply at jboss.com
Mon Jul 30 16:29:32 EDT 2012

Matt Wringe [https://community.jboss.org/people/mwringe] created the discussion

"WS-Security without Spring, without WS-Policy and without the CXF annotations?"

To view the discussion, visit: https://community.jboss.org/message/751071#751071

Is it possible to configure ws-security with JBossWS CXF Stack without using Spring, without using ws-policy, and without using the cxf annotations in the service classes?

I need to configure ws-security with wsrp, and wsrp is _not_ compatible with ws-policy (its against the spec, it may be supported in the next spec version but its not in the current one). So I can't just use ws-policy with the configuration properties to enable ws-security.

It looks like you still have the pre and post soap handlers for the CXF stack like you did with the native stack ( https://docs.jboss.org/author/display/JBWS/Predefined+client+and+endpoint+configurations https://docs.jboss.org/author/display/JBWS/Predefined+client+and+endpoint+configurations). But this is only for adding in soaphandlers, and cxf is configured using interceptors, which means I can't use this to add the security interceptors. Is there anyway to add in intereceptors in a similar manner?

IIts possible to use the cxf annotations on the java service classes to add in the security interceptors, but this means making our service classes dependent on cxf or having to have separate classes just for cxf. This really isn't an acceptable solution either, we need to support more than one application server.

Since the recommended way to configure CXF is to use Spring configuration files, I am confused why Spring is not the recommended manner to configure cxf in JBossWS (and Spring isn't include in AS7 either). Or is Spring the recommended manner with the cxf stack in JBossWS and I am reading the docs wrong? I would rather not have to add a spring dependency, but it looks like this might be the only real solution :/

Am I missing anything obvious on how to do this in a manner that is not dependent on spring, ws-policy or custom cxf only classes with the special cxf annotations?

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120730/bbd214f9/attachment.html 

More information about the jboss-user mailing list