It works if I define the service as CXF endpoint in blueprint. But if I set it there it is not published as RSA endpoint and so it seems it's not accessible from remote.
Christian ________________________________ Von: Christian Schneider <ch...@die-schneider.net> Gesendet: Donnerstag, 25. Oktober 2018 17:24:40 An: user@aries.apache.org Betreff: Re: Aries RSA: securing exported services with ExportPolicy Does it work if you set the interceptor directly on the service? Christian Am Do., 25. Okt. 2018 um 08:57 Uhr schrieb Niehues, Christian <christian.nieh...@its-digital.de<mailto:christian.nieh...@its-digital.de>>: Hi, I try to export a service in my karaf to be able to process SOAP messages sent from remote client but I am facing problems to secure it. The documentation for Aries RSA about the TopologyManager notes that ExportPolicy implementations can be used to add authentication but I am missing further details. I tried to achieve it by adding an interceptor in my ExportPolicy but that seems not to help: props.put("service.exported.configs", "org.apache.cxf.ws<http://org.apache.cxf.ws>"); props.put("org.apache.cxf.ws.address", "http://192.168.1.100:9000/sync";); props.put("org.apache.cxf.ws.in.interceptors", "com.acme.MyInterceptor"); com.acme.Myinterceptor extends org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor I also tried to provide the Interceptor classname as List<String> or String[] but that didn't work either, the interceptor never get's invoked when sending messages. So what I am doing wrong or is there any other/better way to secure a service provided by Aries RSA? Thanks, Christian -- -- Christian Schneider http://www.liquid-reality.de Computer Scientist http://www.adobe.com
