CXF and WCF interoperability

Thu, 27 Jan 2011 23:53:57 -0800 

Dear all,

we have been working with CXF for a year and we are completely satisfied
with that. In the last week we had the idea to interact with a Microsoft WCF
client (.net 4.0). We managed to interact quite well generating the WCF
proxy from the wsdl published by CXF. Then we threw ws-security in to that
and the maelstrom began. 

 

We protect envelopes at message level with X.509 certs and we are using
mutual auth. with msg body signature and encryption. Server-side (CXF) we
are using WSS4J as security provider and we have the following
configuration:

 

        outProps.put("action","UsernameToken Signature Encrypt");

        outProps.put("passwordType","PasswordText");

        outProps.put("user",user);

        outProps.put("signatureUser","serverx509v1");

 
outProps.put("passwordCallbackClass","plat1.ws.security.handlers.UTPasswordC
allback");

        outProps.put("encryptionUser","clientx509v1");

        outProps.put("encryptionPropFile","Server_SignVerf.properties");

        outProps.put("encryptionKeyIdentifier", "IssuerSerial");

 
outProps.put("encryptionParts","{Content}{http://schemas.xmlsoap.org/soap/en
velope/}Body");

        outProps.put("signaturePropFile","Server_Decrypt.properties");

        outProps.put("signatureKeyIdentifier", "DirectReference");

 
outProps.put("signatureParts","{Element}{http://schemas.xmlsoap.org/soap/env
elope/}Body");

 

where

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry
pto.Merlin

org.apache.ws.security.crypto.merlin.keystore.type=jks

 

The point is that we are not able to implement a WCF client which is able to
interact with our server: could anybody suggest where we could find a
working example/how-to? I found this claim about CXF:

               "The GOOD news is that CXF 2.2 now passes the Microsoft
Interop PlugFest tests for WS-Security 1.0 and 1.1, WS-SecureConversation,
and the client side portion of WS-Trust 1.0 and parts of WS-Trust 1.3.
That's a 

huge step forward in interopability with WCF."

So I think someone should have produced a test-bench for these
interoperability tests: does anybody know if this test-bench is publicly
available? 

 

Thank you very much.

 

Matteo Rulli

Reply via email to