Hello,
I would like to set up a working example of a ws client and ws server
exchanging encrypted messages.
I have tried to set up an example following both the cxf wiki and the xfire
tutorial, but I haven/t been able to make it work properly.
I don't want to provide authentication (at this stage), just encryption.
in this example I have a client that calls an endpoint deployed on tomcat.
I have created a public and private keystore (following the cxf wiki).
###################
#this is the client code:
###################
ReportService service = new ReportService(wsdlURL, SERVICE_NAME);
CreditReportPortType port = service.getCreditReportPortType();
// adding encryption
org.apache.cxf.endpoint.Client client =
org.apache.cxf.frontend.ClientProxy.getClient(service);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Map<String, String> outProps = new HashMap<String,String>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
outProps.put(WSHandlerConstants.USER, "myAlias");
//Configuration of public key used to encrypt message goes to properties
file.
outProps.put(WSHandlerConstants.ENC_PROP_FILE,"org/codehaus/xfire/client/outsecurity_enc.properties");
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
cxfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor());
System.out.println("Invoking creditReportOperation...");
org.netbeans.j2ee.wsdl.creditreport.CreditReport
_creditReportOperation_part1 = port.creditReportOperation(new
CreditQuery());
System.out.println(_creditReportOperation_part1);
#####################################################
#while on the server side I have configured this endpoint and its
interceptors
#####################################################
...
<jaxws:endpoint id="italo" address="/CreditReportPortType"
implementor="org.netbeans.j2ee.wsdl.creditreport.CreditReportPortTypeImpl">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Encrypt" />
<entry key="decryptionPropFile"
value="META-INF/insecurity_enc.properties"
/>
<entry key="passwordCallbackClass"
value="org.netbeans.j2ee.wsdl.creditreport.PasswordHandler" />
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
This example was working fine before introducing the encryption.
When I run this program I get this error on the tomcat console:
Caused by: java.lang.ClassNotFoundException:
org.netbeans.j2ee.wsdl.creditreport.PasswordHandler
PasswordHandler is on the classpath and implements CallbackHandler....
anyway I don't know exactly what to code inside it!
Is it necessary in my case ( I don't want autenthication).
i tried to omiss this entry but i get a different error.
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: no
reference in callback property
so this entry seems to be necessary....
Does anyone know where coud be the problem?
Does anyone know has a working example that could fit my case?
Many thanks!!!!
Davide
--
View this message in context:
http://www.nabble.com/cxf-encryption-tf4304218.html#a12251696
Sent from the cxf-user mailing list archive at Nabble.com.
