On Friday, February 03, 2012 8:02:35 PM COURTAULT Francois wrote: > Hello Glen, > > First, my WDSL contains policy statements. > I have read again more carefully your article. > > Let me know if I have well understood: > - if the WSDL contains policy statements, the WS-SecurityPolicy option > is the preferred approach: right ?
Quite likely the required approach, yes. If the WSDL contains policies and the policy engine is turned on (which is the default starting in CXF 2.3), then the policy based interceptors will be automatically engaged. Using the non-policy based approach may interfere with it. > - if the WSDL doesn't contain policy > statements, the WSS4J interceptors option is required: right ? You CAN, using configuration, provide a policy attachment that would define a security policy and drive the policy based interceptors that way. Definitely tricky though. > But does > that mean also that you cannot use this option if the WSDL contains policy > statements ? > > So, if the answer to above question is yes, the CXF client coding rules are: > - if your WSDL contains policy statements, you have no choice, you have to > use WS-SecurityPolicy option: right ? - if your WSDL doesn't contains > policy statements, you have no choice, you have to use WSS4J interceptors > option: right ? I think that's the easy answer. The more complete answer is that you COULD use the WSS4J interceptors along with a custom interceptor that assert the various policies and likely remove/skip the policy based things. Definitely more work though. Dan > > Best Regards. > > -----Original Message----- > From: Glen Mazza [mailto:[email protected]] > Sent: vendredi 3 février 2012 19:42 > To: [email protected] > Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken > > Once *you* decide which one you want--your choice but if the WSDL doesn't > have security policy statements it will need to be WSS4J--just follow my > blog entry, making changes as explained in the tutorial depending on the > option you wanted. For example, the code segment referenced had > instructions just before it telling you to comment out / uncomment the > particular segment depending on the method you chose. > > Glen > > On 02/03/2012 01:33 PM, COURTAULT Francois wrote: > > Hello, > > > > OK but how do you choose the method WSS4J interceptors or > > WS-SecurityPolicy ? > > > > Best Regards. -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
