Ok so i ended up reading the source for the WSHandlerConstants and
WSConstants classes to figure out the xml config i needed for my
server, and have basic username/password authentication going.
anyone interested can have a look at my code at:
https://dev.archer.edu.au/projects/kepler/browser/BackendServer/
branches/ticket-67/
-Tristan
On 16/07/2007, at 3:57 PM, Tristan King wrote:
Hi,
I'm working on a project using cxf inside tomcat, and i want to put
some ws-security into it.
for a start, here's my current server code:
here is my interface: https://dev.archer.edu.au/projects/kepler/
browser/BackendServer/trunk/src/au/edu/jcu/kepler/server/
WorkflowService.java
and my impl: https://dev.archer.edu.au/projects/kepler/browser/
BackendServer/trunk/src/au/edu/jcu/kepler/server/
WorkflowServiceImpl.java
and my web.xml and cxf-servlet.xml are here: https://
dev.archer.edu.au/projects/kepler/browser/BackendServer/trunk/etc/
WEB-INF
(note, i tried to get get spring working, hence the beans.xml file,
but i constantly got schema errors, so gave up)
this all compiles and deploys fine. But if anyone has any
suggestions for things that should be changed to be more "cxf" like
or just cleaner please let me know. I don't want to run into
problems due to a dodgy setup later on down the line :)
i built a test client at: https://dev.archer.edu.au/projects/kepler/
browser/BackendServer/trunk/test-src (my unit tests are under test/
and wsdl2java generated code is under au/) which also works fine.
Now, i want to put in some user authentication in, so a user has to
be authenticated before it can use any of the other functions. (if
this doesn't make sense let me know, i'm a complete newbie to ws-
security), simple static username/password auth with do for now.
I've looked over the document http://cwiki.apache.org/CXF20DOC/ws-
security.html but still can't figure out how to make any of it work.
I assume since i am using xml to build the endpoints then i use
something similar to the "Spring XML Configuration" example. but i
get stuck on the constructor-arg/map bit. is there any
documentation on what has to go in that map (i.e. what the possible
key/value pair combinations are)?
once that's done, do i need to write a new login type function or
anything on the server?
and what do i need to change on the test client to make it connect
once i have the server up and running?
If anyone has any simple examples of running cxf ws-security code
that they don't mind sharing with me that would be very helpful and
much appreciated.
Thanks heaps in advance!
--Tristan
