get access to certificate in service

Mon, 18 Jul 2011 17:55:36 -0700 

Hi I have a web service exposed with cxf with this wsdl:

<?xml version='1.0' encoding='UTF-8'?><wsdl:definitions
name="CXFLibraryImplService" targetNamespace="
http://service2.ws.service.kprtech.com/"; xmlns:ns1="
http://cxf.apache.org/bindings/xformat"; xmlns:soap="
http://schemas.xmlsoap.org/wsdl/soap/"; xmlns:tns="
http://service2.ws.service.kprtech.com/"; xmlns:wsdl="
http://schemas.xmlsoap.org/wsdl/"; xmlns:xsd="
http://www.w3.org/2001/XMLSchema";>
  <wsdl:types>
<xs:schema elementFormDefault="unqualified" targetNamespace="
http://service2.ws.service.kprtech.com/"; version="1.0" xmlns:ns1="
http://cxf.apache.org/bindings/xformat"; xmlns:soap="
http://schemas.xmlsoap.org/wsdl/soap/"; xmlns:tns="
http://service2.ws.service.kprtech.com/"; xmlns:wsdl="
http://schemas.xmlsoap.org/wsdl/"; xmlns:xs="http://www.w3.org/2001/XMLSchema";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";>
<xs:element name="sayHello" type="tns:sayHello" />
<xs:element name="sayHelloResponse" type="tns:sayHelloResponse" />
<xs:complexType name="sayHello">
<xs:sequence>
<xs:element minOccurs="0" name="arg0" type="xs:string" />
</xs:sequence>
</xs:complexType>
<xs:complexType name="sayHelloResponse">
<xs:sequence>
<xs:element minOccurs="0" name="return" type="xs:string" />
</xs:sequence>
</xs:complexType>
</xs:schema>
  </wsdl:types>
  <wsdl:message name="sayHello">
    <wsdl:part element="tns:sayHello" name="parameters">
    </wsdl:part>
  </wsdl:message>
  <wsdl:message name="sayHelloResponse">
    <wsdl:part element="tns:sayHelloResponse" name="parameters">
    </wsdl:part>
  </wsdl:message>
  <wsdl:portType name="Library">
    <wsdl:operation name="sayHello">
      <wsdl:input message="tns:sayHello" name="sayHello">
    </wsdl:input>
      <wsdl:output message="tns:sayHelloResponse" name="sayHelloResponse">
    </wsdl:output>
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="CXFLibraryImplServiceSoapBinding" type="tns:Library">
    <wsp:PolicyReference URI="#SignEncr" xmlns:wsp="
http://schemas.xmlsoap.org/ws/2004/09/policy"; />
    <soap:binding style="document" transport="
http://schemas.xmlsoap.org/soap/http"; />
    <wsdl:operation name="sayHello">
      <soap:operation soapAction="" style="document" />
      <wsdl:input name="sayHello">
        <soap:body use="literal" />
      </wsdl:input>
      <wsdl:output name="sayHelloResponse">
        <soap:body use="literal" />
      </wsdl:output>
    </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="CXFLibraryImplService">
    <wsdl:port binding="tns:CXFLibraryImplServiceSoapBinding"
name="CXFLibraryImplPort">
      <soap:address location="
http://localhost:8888/domicilios/services/service2"; />
    </wsdl:port>
  </wsdl:service>
    <wsp:Policy wsu:Id="SignEncr" xmlns:wsp="
http://schemas.xmlsoap.org/ws/2004/09/policy"; xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
">

    <wsp:ExactlyOne>
      <wsp:All>
        <sp:AsymmetricBinding xmlns:sp="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
          <wsp:Policy>
            <sp:InitiatorToken>
              <wsp:Policy>
                <sp:X509Token sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
">
                  <wsp:Policy>
                    <sp:RequireThumbprintReference />
                      <sp:WssX509V1Token10 />
                  </wsp:Policy>
                </sp:X509Token>
              </wsp:Policy>
            </sp:InitiatorToken>
            <sp:RecipientToken>
              <wsp:Policy>
                <sp:X509Token sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
">
                  <wsp:Policy>
                    <sp:RequireThumbprintReference />
                          <sp:WssX509V3Token10 />
                  </wsp:Policy>
                </sp:X509Token>
              </wsp:Policy>
            </sp:RecipientToken>
            <sp:AlgorithmSuite>
              <wsp:Policy>
                <sp:TripleDesRsa15 />
              </wsp:Policy>
            </sp:AlgorithmSuite>
            <sp:Layout>
              <wsp:Policy>
                <sp:Strict />
              </wsp:Policy>
            </sp:Layout>
            <sp:IncludeTimestamp />
            <sp:OnlySignEntireHeadersAndBody />
          </wsp:Policy>
        </sp:AsymmetricBinding>
          <sp:Wss10 xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                <wsp:Policy>
                    <sp:MustSupportRefKeyIdentifier />
                    <sp:MustSupportRefIssuerSerial />
                </wsp:Policy>
            </sp:Wss10>
        <sp:SignedParts xmlns:sp="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
          <sp:Body />
        </sp:SignedParts>

      </wsp:All>
    </wsp:ExactlyOne>
  </wsp:Policy>
</wsdl:definitions>


And I want to be able to get the certificate in a custom intereceptor to be
able to pass it to spring security session context.
Another thing I want is to be able to override the default behaviour of cxf
trying to validate the certPath, because I want to do this by my own because
certificate aren't in a .jsk keystore but in a database.

Thanks.

-- 
Jaime Hablutzel - 9-9956-3299

(tildes omitidas intencionalmente)

Reply via email to