Colm thx, this solves problem of PasswordCallback - but what about users? How do i specify 2 users, one for Signature and another for UsernameToken action? This can happen in scenario where SOAP client is signing all of the requests, but information sent in UsernameToken should belong to the user who logged in in application that is using this SOAP client to send requests to some service on ESB.
O hEigeartaigh, Colm wrote: > > > Hi, > >> The problem is because it seems to me that i need to configure to > users - >> one for UsernameToken and another to be used as alias for Signing and > also >> two PasswordCallback classes? > > You could use a single PasswordCallback class, and retrieve the > appropriate password by examining the getUsage() method of the > WSPasswordCallback object. This will return > WSPasswordCallback.USERNAME_TOKEN for the UsernameToken case, or > WSPasswordCallback.SIGNATURE for signature, etc. > > Colm. > > > -----Original Message----- > From: dmadunic [mailto:[EMAIL PROTECTED] > Sent: 30 August 2007 13:41 > To: [email protected] > Subject: Re: WSS4JInInterceptor configuration > > > Thx a lot, > so far i have managed to successfully configure both Signature and > UsernameToken action, both combined with timestamp. > Following are my beans: > > 1) UsernameToken Timestamp combination: > <bean id="wss4jOutConfiguration" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <property name="properties"> > <map> > <entry key="action" value="UsernameToken > Timestamp"/> > <entry key="user" value="joe"/> > <entry key="passwordType" > value="PasswordDigest"/> > <entry key="passwordCallbackClass" > value="demo.interceptors.client.UsernamePasswordCallback"/> > </map> > </property> > </bean> > > 2) Signature timestamp combination: > <bean id="wss4jOutConfiguration" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <property name="properties"> > <map> > <entry key="action" value="Timestamp > Signature"/> > <entry key="signaturePropFile" > value="client_sign.properties"/> > <entry key="user" value="ws-client"/> > <entry key="passwordCallbackClass" > value="demo.interceptors.client.SignaturePasswordCallback"/> > </map> > </property> > </bean> > > What bothers me now is how to produce combination both to have: > > <bean id="wss4jOutConfiguration" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <property name="properties"> > <map> > <entry key="action" value="UsernameToken > Timestamp Signature"/> > ... > </map> > </property> > </bean> > > The problem is because it seems to me that i need to configure to users > - > one for UsernameToken and another to be used as alias for Signing and > also > two PasswordCallback classes? > Any sugestions how to do it? > > thx > > > Fred Dushin-3 wrote: >> >> See yesterday's post to this forum on this subject for an example of >> multiple actions: >> >> http://tinyurl.com/253phq >> >> For signing, you need to add the Signature action, along with a >> specification of the key material you need. See the CXF WS-Security >> system test for an example, e.g., >> >> http://tinyurl.com/2qv3ks >> >> On Aug 29, 2007, at 9:09 PM, dmadunic wrote: >> >>> >>> Hi all, >>> anoyne knows how can i configure multiple actions for WSS4JIn and Out >>> Interceptors? >>> For example signanin and UsernameToken >>> So far i have follwing lines in my applicationContext.xml: >>> >>> <jaxws:endpoint id="helloWorld" >>> implementor="demo.spring.HelloWorldImpl" >>> address="/HelloWorld" > >>> <jaxws:inInterceptors> >>> <bean > class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> >>> <bean > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> >>> <property name="properties"> >>> <map> >>> <entry key="action" > value="UsernameToken"/> >>> <entry key="passwordType" > value="PasswordDigest"/> >>> <entry > key="passwordCallbackClass" >>> value="demo.interceptors.AuthenticationCallbackHandler"/> >>> </map> >>> </property> >>> </bean> >>> <bean class="demo.interceptors.SecurityTokenAnalyser"/> >>> </jaxws:inInterceptors> >>> >>> And i would also like to add signing action to WSS4JInInterceptor, > any >>> suggestion how to doit? >>> >>> thx >>> -- >>> View this message in context: http://www.nabble.com/ >>> WSS4JInInterceptor-configuration-tf4351388.html#a12398844 >>> Sent from the cxf-user mailing list archive at Nabble.com. >>> >>> >> >> >> > > -- > View this message in context: > http://www.nabble.com/WSS4JInInterceptor-configuration-tf4351388.html#a1 > 2406437 > Sent from the cxf-user mailing list archive at Nabble.com. > > ---------------------------- > IONA Technologies PLC (registered in Ireland) > Registered Number: 171387 > Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland > > -- View this message in context: http://www.nabble.com/WSS4JInInterceptor-configuration-tf4351388.html#a12407603 Sent from the cxf-user mailing list archive at Nabble.com.
