Hi Glen, Thanks for the response. We are creating the webservice ourselves so the choice is still open. We will probably use WS-SecurityPolicy since it's usually better to define these restrictions in one place. That way it can be used for both the server and the clients.
Thanks, André Glen Mazza wrote: > > The first example uses manual WSS4J configuration (which doesn't read a > WSDL to determine the needed security), the second uses WS-SecurityPolicy. > Generally, the choice is based on whether your web service provider uses > WS:Policy security elements in its WSDL; if so use WS-SecPol configuration > else use manual configuration. > > Link #8 here: http://www.jroller.com/gmazza/entry/blog_article_index has > examples using both for both UsernameToken and X.509. > > HTH, > Glen > > > > Andre den Hartog wrote: >> >> Hi, >> >> In the CXF manual, a config like this is used: >> >> <jaxws:inInterceptors> >> <bean >> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> >> <constructor-arg> >> <map> >> <entry key="action" value="Signature >> Encrypt"/> >> <entry key="signaturePropFile" >> value="server-certificates.properties" /> >> <entry key="decryptionPropFile" >> value="server-certificates.properties" /> >> <entry key="passwordCallbackRef"> >> <ref bean="MyPasswordCallback"/> >> </entry> >> </map> >> </constructor-arg> >> </bean> >> </jaxws:inInterceptors> >> >> However, in the IBM examples >> (http://www.ibm.com/developerworks/java/library/j-jws13.html?ca=drs-) >> they use: >> >> <jaxws:properties> >> <entry key="ws-security.signature.properties" >> value="server-certificates.properties"/> >> <entry key="ws-security.signature.username" >> value="someusername"/> >> <entry key="ws-security.encryption.properties" >> value="server-certificates.properties"/> >> <entry key="ws-security.encryption.username" >> value="someusername"/> >> <entry key="ws-security.callback-handler" >> value-ref="MyPasswordCallback" /> >> </jaxws:properties> >> >> Does anyone know what the differences are, and when to use the one versus >> the other? >> >> Thanks, Andre >> > > -- View this message in context: http://old.nabble.com/server-config----jaxws%3AinInterceptor-or-jaxws%3Aproperties--tp28900118p28902218.html Sent from the cxf-user mailing list archive at Nabble.com.
