[jbossws-dev] Endpoint configuration - jbossws descriptors
Alessio Soldano
asoldano at redhat.com
Fri Apr 29 06:58:43 EDT 2011
Hi Jim,
I still need to try everything, but my plan is to enable at least all
the ws-security policy based configuration. If you take a look at either
our wssePolicy tests in cxf-spring-testsuite or to the Apache CXF doc at
http://cxf.apache.org/docs/ws-securitypolicy.html, you see that the
required spring configuration for setting up a ws-security policy
enabled endpoint is something like:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd">
<jaxws:endpoint
id="MyService"
address="https://localhost:9001/MyService"
serviceName="interop:MyService"
endpointName="interop:MyServiceEndpoint"
implementor="com.foo.MyService">
<jaxws:properties>
<entry key="ws-security.callback-handler"
value="interop.client.UTPasswordCallback"/>
<entry key="ws-security.signature.properties"
value="etc/keystore.properties"/>
<entry key="ws-security.encryption.properties"
value="etc/truststore.properties"/>
<entry key="ws-security.encryption.username"
value="useReqSigCert"/>
</jaxws:properties>
</jaxws:endpoint>
</beans>
so it's basically a matter of passing those jaxws string properties only.
Cheers
Alessio
On 04/29/2011 11:48 AM, Jim Ma wrote:
> Hi Alessio,
> Just one question , are you going to make @EndpointConfig to cover all
> kinds of ws security configuration ? For example
> keystore, password , saml token etc. User does not need any extra cxf
> configuration file to enable ws security ?
>
> Thanks
> Jim
> Alessio Soldano wrote:
>> With this solution we'd clean a inconsistency in the api
>> (@EndpointConfig for native only till now), add a mean for having
>> global handlers configured by administrators [4] and allow providing
>> security keystore/trustore/etc. info and use WS-Security(policy) with
>> jbossws-cxf without any need for Spring.
>>
>> Any comments?
>
--
Alessio Soldano
Web Service Lead, JBoss
More information about the jbossws-dev
mailing list