Re: WS-Security policy not being enabled in CXF

ychawla Fri, 24 Feb 2012 12:47:43 -0800

Hi Guys,
Are you using the WSS4J Interceptor?  Check this link:

http://cxf.apache.org/docs/ws-security.html


You would need to explicitly state your security policy like so:

   <jaxws:inInterceptors>
       
      <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
      <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
         <constructor-arg>
            <map>
               <entry key="action" value="UsernameToken"/>
               <entry key="passwordType" value="PasswordDigest"/>
               <entry key="signaturePropFile" value="..."/>
               <entry key="passwordCallbackRef">
                  <ref bean="myPasswordCallback"/>
               </entry>
               ...
            </map>
         </constructor-arg>
      </bean>
   </jaxws:inInterceptors>

You can add actions to correspond to your security policy like: "Encrypt".  
The InInterceptor on your service will check to make sure the proper
security attributes are on the request.

Thanks,
Yogesh

--
View this message in context: 
http://cxf.547215.n5.nabble.com/WS-Security-policy-not-being-enabled-in-CXF-tp5512888p5513915.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: WS-Security policy not being enabled in CXF

Reply via email to