Hi, I am trying out some of the WS-Trust features of CXF and got stumped when I tried to have an AppliesTo section automatically added to my RST WS-Trust request. I'm wondering if it's possible to add the AppliesTo header without having to manually massage the STS client inside my client code. I've done the ws-security examples from the recent IBM DeveloperWorks series and run the ws-trust samples included in the CXF distro but was trying to take this just a little bit further. Should I move away from the configuration route and try the template or STS in the Java clinet? Any suggestions or pointers would be great. My cxf.xml configuration is below.
=== <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:http="http://cxf.apache.org/transports/http/configuration"; xmlns:jaxws="http://cxf.apache.org/jaxws"; xmlns:cxf="http://cxf.apache.org/core"; xmlns:p="http://cxf.apache.org/policy"; xmlns:sec="http://cxf.apache.org/configuration/security"; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/policy.xsd";> <cxf:bus> <cxf:features> <p:policies /> <cxf:logging /> </cxf:features> </cxf:bus> <p:externalAttachment location="classpath:/sts.policy.xml" /> <jaxws:client name="{FooService}FooServiceHttpSoap11Endpoint" createdFromAPI="true"> <jaxws:properties> <entry key="ws-security.sts.client"> <!-- direct STSClient config and creation --> <bean class="org.apache.cxf.ws.security.trust.STSClient"> <constructor-arg ref="cxf" /> <property name="wsdlLocation" value="https://internal-stsaddress:9445/TrustServerWST13/services/RequestSecurityToken?wsdl"; /> <property name="serviceName" value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512}SecurityTokenService"; /> <property name="endpointName" value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityToken"; /> <property name="properties"> <map> <entry key="ws-security.username" value="scott" /> <entry key="ws-security.password" value="tiger" /> </map> </property> </bean> </entry> </jaxws:properties> </jaxws:client> </beans> === Thanks in advance. Brandon Richins
