Daniel,
I took the 2.3.0-SNAPSHOT source code and built the jars on my desktop.
I added following annotation in my service class. The SecurityPolicy.xml is
in my classpath. Deployed and started the tomcat but the policy information
is still not visible.
@Policies({
@Policy(uri = "SecurityPolicy.xml")
}
)
@WebService(endpointInterface = " com.GreetService")
public class GreetServiceImpl implements GreetService {
For testing purpose I kept the policy content same as provided in cxf junit
test.
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne />
</wsp:Policy>
Thanks
Bhushan
-----Original Message-----
From: Bhushan Bhangale [mailto:[email protected]]
Sent: Thursday, March 25, 2010 10:43 AM
To: 'Daniel Kulp'; [email protected]
Subject: RE: WS-Security policy in wsdl for java first approach
Thanks Daniel
Do you mean I only replace the cxf-rt-ws-policy jar of 2.2.4 with the one
built from 2.3 trunk and all the other cxf jars are still at 2.2.4?
Bhushan
-----Original Message-----
From: Daniel Kulp [mailto:[email protected]]
Sent: Thursday, March 25, 2010 8:15 AM
To: [email protected]
Cc: Bhushan Bhangale
Subject: Re: WS-Security policy in wsdl for java first approach
Yea, for java first, the only option is the stuff on trunk for 2.3. If you
want to experiment with it, you can look at the tests at:
http://svn.apache.org/repos/asf/cxf/trunk/rt/ws/policy/src/test/java/org/apa
che/cxf/ws/policy/
Specifically the PolicyAnnotationTest.java
It uses some annotations to associate some policy fragments with the
endpoint/operations. Those fragments would be included in the generated
WSDL.
Dan
On Wednesday 24 March 2010 2:11:39 am Bhushan Bhangale wrote:
> Hi,
>
>
>
> I have used Java first approach with Apache CXF version 2.2.4. Following
is
> my configuration to implement WS-Security for my service. I am able to
send
> WS-Security header from my client and get access of the service. The issue
> is with the WSDL as I am not able to define the Security policy in my
> generated WSDL, due to which consumers of my client don't get clear
picture
> from the WSDL and need to read a supporting document. I have googled and
> found that it cannot be done in Java First approach. Is this correct? Is
> there no way I can achieve? Somewhere I read the 2.3 version have this
> facility but I am unable to find any example or how to do it? Please help.
>
>
>
> <jaxws:endpoint id="apexProrationService"
>
> implementor="com.GreetServiceImpl"
>
> address="/GreetService">
>
> <jaxws:properties>
>
> <entry key="mtom-enabled" value="true"
> />
>
> </jaxws:properties>
>
> <jaxws:inInterceptors>
>
> <ref bean="sAAJInInterceptor" />
>
> <ref bean="wSS4JInInterceptor" />
>
> </jaxws:inInterceptors>
>
> </jaxws:endpoint>
>
>
>
> <bean id="sAAJInInterceptor"
> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
>
> <bean id="wSS4JInInterceptor"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>
> <constructor-arg>
>
> <map>
>
> <entry key="action"
> value="UsernameToken" />
>
> <entry key="passwordType"
> value="PasswordText" />
>
> <entry
> key="passwordCallbackRef">
>
> <ref
> bean="serverPasswordCallback" />
>
> </entry>
>
> </map>
>
> </constructor-arg>
>
> </bean>
>
>
>
> Thanks
>
> Bhushan
>
>
>
>
> Disclaimer: This email (including any attachments) is intended for the
sole
> use of the recipient/s and may contain material that is CONFIDENTIAL. Any
> unauthorized disclosure / copying / distribution or forwarding of this
> message or part is STRICTLY PROHIBITED. If you have erroneously received
> this message, please delete it immediately and notify the sender. No
> liability is assumed for any errors and/or omissions in the contents of
> this message. Information in this message that does not relate to the
> official business of this Company shall be understood as neither given nor
> endorsed by it. If verification is required please request a hard-copy
> version.
>
> To know more about Kale Consultants, visit www.kaleconsultants.com
>
> -=-=-=-=-=-=-=-=-=-
--
Daniel Kulp
[email protected]
http://dankulp.com/blog
Disclaimer: This email (including any attachments) is intended for the sole
use of the recipient/s and may contain material that is CONFIDENTIAL. Any
unauthorized disclosure / copying / distribution or forwarding of this
message
or part is STRICTLY PROHIBITED. If you have erroneously received this
message,
please delete it immediately and notify the sender. No liability is assumed
for
any errors and/or omissions in the contents of this message. Information in
this message that does not relate to the official business of this Company
shall be understood as neither given nor endorsed by it. If verification is
required please request a hard-copy version.
To know more about Kale Consultants, visit www.kaleconsultants.com
-=-=-=-=-=
Disclaimer: This email (including any attachments) is intended for the sole
use of the recipient/s and may contain material that is CONFIDENTIAL. Any
unauthorized disclosure / copying / distribution or forwarding of this message
or part is STRICTLY PROHIBITED. If you have erroneously received this message,
please delete it immediately and notify the sender. No liability is assumed for
any errors and/or omissions in the contents of this message. Information in
this message that does not relate to the official business of this Company
shall be understood as neither given nor endorsed by it. If verification is
required please request a hard-copy version.
To know more about Kale Consultants, visit www.kaleconsultants.com
-=-=-=-=-=-=-=-=-=-
