On the surface, I appear to be doing the same thing too. I have 2 tomcats with 2 cxf installations where
client -> WS1 -> WS2 and I'm using the cxf wss4j without any problems. I've configured the in-interceptors on the bus but the out-interceptors I'm doing programmatically. The only problem I've found is that the generated client stubs from WS1 appear to include request/response objects from WS2 in the wsdl. This prevents you from using the same method names in WS1 and WS2. Other than that, everything seems to work as you'd expect it to. On Fri, Feb 13, 2009 at 11:50:30AM -0500, Daniel Kulp wrote: > > I'm not sure I understand the issue completely. > > If WS1 is "secure", then the client is sending WS-Security headers. Thus, > WS1 > should be sending back ws-security headers as part of the response. > > That said, I expect the security requirements to be different for WS1 than > what is required for WS1 to interact with WS2. Thus, I would suggest one of: > > 1) Don't configure them on the bus. Configure them on WS1 and the > WS2/client > directly so they would have different configurations. > > 2) Use a different bus for WS1 and WS2/client. This is a bit more complex > as > you would need to use the SpringBusFactory to create separate busses with > separate configs and "manage" it setting the > BusFactory.setThreadDefaultBus(..) calls as appropriate. > > Dan > > > On Thu February 12 2009 1:15:16 pm O. Baujard wrote: > > Hi, > > > > I have the following requirements in a projet : > > > > - Create a Web Service (lets name it WS1) and in the service > > implementation, call an other Web Service (lets name it WS2). So we have > > the call chain : Client --> WS1 --> WS2 > > - WS1 and WS2 are secured with WS-SECURITY. > > - WS-SECURITY must be placed at bus level --> it means in and out > > interceptors for client and server are shared on the same bus because WS1 > > is also a client of WS2. > > - WS1 and WS2 are deployed on different Tomcat Servers. > > > > For now, Client --> WS1 works well in my environment but now I want to add > > WS1 --> WS2 > > > > What are the possible configurations, if it's possible ? > > > > How to prevent in this architecture the "server side" outInterceptor to > > place WS-SECURITY headers on the response to the "client side " ? > > > > Olivier > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog -- Ted Leung [email protected] The world is spinning too fast, it's making me dizzy.
