[jboss-user] [JBoss Web Services] - JBossWS and Security Client dependency

stephen b do-not-reply at jboss.com
Thu Mar 21 05:34:10 EDT 2013

stephen b [https://community.jboss.org/people/slbanal] created the discussion

"JBossWS and Security Client dependency"

To view the discussion, visit: https://community.jboss.org/message/803993#803993


I am currently trying to integrate Web service security to my web service following instructions from here  https://docs.jboss.org/author/display/JBWS/WS-Security https://docs.jboss.org/author/display/JBWS/WS-Security

The tutorial specified that I can create a client using code below. The tutorial did not explain which jar dependencies I have to use for this to work. I managed to build my project using Eclipse and added Apache CXF 2.4.6 library as project build dependecies and it works fine - client and server encrypts and decrypts the request/response. 

> QName serviceName = new QName(" http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy http://www.jboss.org/jbossws/ws-extensions/wssecuritypolicy", "SecurityService");
> URL wsdlURL = new URL(serviceURL + "?wsdl");
> Service service = Service.create(wsdlURL, serviceName);
> ServiceIface proxy = (ServiceIface)service.getPort(ServiceIface.class);
> ((BindingProvider)proxy).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new KeystorePasswordCallback());
> ((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
>      Thread.currentThread().getContextClassLoader().getResource("META-INF/alice.properties"));
> ((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
>      Thread.currentThread().getContextClassLoader().getResource("META-INF/alice.properties"));
> ((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME, "alice");
> ((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "bob");
> proxy.sayHello();

But when I use maven to build and run the test, client is not encrypting the SOAP message. I can't find any documentation which specifies the correct maven jar dependencies I have to add so that client side is able to encrypt the message. Based on logs and response from server it looks like the client did not send an encrypted SOAP message and service is throwing an Policy violation error to the client. 
I tried to fix the issue by adding jboss-cxf-client as dependency but still the same issue.

My question is, what dependencies should I include to my POM file?


Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20130321/5edfd590/attachment-0001.html 

More information about the jboss-user mailing list