Re: How to configure certificate for Symmetric bindings for client

Thu, 24 May 2012 15:07:55 -0700 

Hi Gina,
I've got examples of using symmetric binding for both WS-Security and WS-SecureConversation at www.ibm.com/developerworks/java/library/j-jws17/index.html The article doesn't discuss the details of the configuration, but it's included in the example code. For the STS you need to configure the properties using different key names: 


<jaxws:client name="{http://ws.sosnoski.com/seismic/wsdl}seismic"; 
createdFromAPI="true">

<jaxws:properties>
<entry key="ws-security.encryption.properties.sct"
          value="client-crypto.properties"/>
<entry key="ws-security.encryption.username.sct" value="serverkey"/>
</jaxws:properties>
</jaxws:client>

Hope that helps,

  - Dennis

Dennis M. Sosnoski
Java SOA and Web Services Consulting <http://www.sosnoski.com/consult.html>

CXF and Web Services Security Training 
<http://www.sosnoski.com/training.html>

Web Services Jump-Start <http://www.sosnoski.com/jumpstart.html>


On 05/25/2012 09:23 AM, Gina Choi wrote:

Glen,

Thanks for the link. Now I understand your intention. That makes sense. I
have this.


    <jaxws:client name="{
http://www.example.org/contract/DoubleIt}DoubleItPort";
createdFromAPI="true">
        <jaxws:properties>
             <entry key="ws-security.callback-handler"
value="client.ClientCallbackHandler"/>
    <entry key="ws-security.signature.username" value="myservicekey"/>
    <entry key="ws-security.encryption.username" value="myservicekey"/>
    <entry key="ws-security.signature.properties"
value="clientKeystore.properties"/>
    <entry key="ws-security.encryption.properties"
value="clientKeystore.properties"/>
             <entry key="ws-security.sts.client">
                 <bean class="org.apache.cxf.ws.security.trust.STSClient">
                     <constructor-arg ref="cxf"/>
                     <property name="wsdlLocation"
value="DoubleItSTSService.wsdl"/>
                     <property name="serviceName" value="{
http://docs.oasis-open.org/ws-sx/ws-trust/200512/}DoubleItSTSService"/>
                     <property name="endpointName" value="{
http://docs.oasis-open.org/ws-sx/ws-trust/200512/}DoubleItSTSPort"/>
                     <property name="properties">
                         <map>
                            <!--entry key="ws-security.signature.username"
value="myclientkey"/-->
                             <entry key="ws-security.callback-handler"
value="client.ClientCallbackHandler"/>
        <entry key="ws-security.username" value="alice"/>
        <entry key="ws-security.signature.properties"
value="clientKeystore.properties"/>
        <entry key="ws-security.encryption.properties"
value="clientKeystore.properties"/>
        <entry key="ws-security.encryption.username" value="mystskey"/>
                         </map>
                     </property>
                 </bean>
            </entry>
        </jaxws:properties>
    </jaxws:client>

On Thu, May 24, 2012 at 4:57 PM, Glen Mazza<[email protected]>  wrote:


Follow this structure:
http://svn.apache.org/viewvc/**cxf/trunk/distribution/src/**
main/release/samples/sts/src/**demo/wssec/client/wssec-**
client.xml?revision=1190520&**view=markup<http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts/src/demo/wssec/client/wssec-client.xml?revision=1190520&view=markup>

Glen






















					Reply via email to