Hi there,
I started to work with the DOSGi Subproject of Apache CXF and for the most
part everything worked fine until I began trying to add security to my web
service. AFAIK there're two possible methods implementing WS-Security
policies in CXF, right?
1) WSDL-first approach by specifying the *.wsdl location that the server
should publish a lá
props.put("org.apache.cxf.ws.wsdl.location", "/hello.wsdl");
2) Using WSS4J In/Out Interceptors
I tried both of them and the server always published no security policies at
all in my http://localhost:9090/hello?wsdl ( http://pastebin.com/d20vNAQN
[1] Link to generated WSDL by CXF DOSGi) In the first approach I tested
that the *.wsdl-File is accessible by the bundle and configured it with the
org.apache.cxf.ws.wsdl.location property ( http://pastebin.com/gZtEEx5J [2]
Link to WSDL with manually added WS-Policy stuff) I also specified all other
properties necessary (org.apache.cxf.ws.wsdl.*) from
http://cxf.apache.org/distributed-osgi-reference.html DOSGi References . The
resulting wsdl shows no security bindings at all and equaled to
http://pastebin.com/d20vNAQN [1]
Then I tried the second approach with using WSS4JInInterceptors and again,
the resulting WSDL file has shown no difference to
http://pastebin.com/d20vNAQN [1] . Here's the Activator code that I used for
that method: http://pastebin.com/YwvDZmvv Activator.java . I'm using
cxf-dosgi-ri-singlebundle-distribution-1.3 and my favorable method would be
the Interceptor Method. Also I'm trying to avoid Spring or any other type of
XML-based Server/Client configuration. I was also searching through the
mailing list with moderate success.
Up to this point I'm not sure where I'm wrong. Help appreciated.
Cheers,
Thomas
--
View this message in context:
http://cxf.547215.n5.nabble.com/Adding-Username-Token-to-WebService-in-DOSGi-tp5614641p5614641.html
Sent from the cxf-user mailing list archive at Nabble.com.
