Thanks Glenn, Do you know some examples of WS-SecPol only?
What I did is set some properties in the request context that I saw in the
documentation http://cxf.apache.org/docs/ws-securitypolicy.html .
Funny thing is that cxf asks for this property below:
Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
ctx.put("ws-security.token", new SecurityToken());
which isnt wrote in the documentation. Do you have any ideia which token
should I put there?
Best Regards,
Nícolas Fontenele
-----Mensagem original-----
De: Glen Mazza [mailto:[email protected]]
Enviada: terça-feira, 28 de agosto de 2012 16:43
Para: [email protected]
Assunto: Re: Using cxf with X509v3 certificates
From your earlier email you're using WS-SecurityPolicy in your WSDL, so you
shouldn't be using the WSS4J Out/In interceptors--that's strictly for
non-WS-SecPol use.
Glen
On 08/28/2012 03:28 PM, Nícolas Fontenele wrote:
Im also adding my code here .
Thanks!!
public class Client {
private static final String WSU_NS =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-ut
ility-
1.0.xsd";
public static void main(String args[]) {
try {
// 02c6b75f-5fc8-4c05-a79f-78fa1ded10e1
WSS4JOutInterceptor wssOut = createOutProperties();
WSS4JInInterceptor wssIn = createInProperties();
SecGtwService service = new SecGtwService(
new java.net.URL(
"http://nrio083fcom.develop.net/services/SecureGateway/CalypsoGatewayC
ert/Se
cGtwServiceHost.svc?wsdl"));
ISecGtwServiceContract port =
service.getCertificateEndPoint();
org.apache.cxf.endpoint.Client client =
ClientProxy.getClient(port);
client.getInInterceptors().add(wssIn);
client.getOutInterceptors().add(wssOut);
Map<String, Object> ctx = ((BindingProvider) port)
.getRequestContext();
ctx.put("ws-security.token", new SecurityToken());
System.out.println(port.whoIAm());
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private static WSS4JInInterceptor createInProperties() {
Map<String, Object> inProps = new HashMap<String, Object>();
inProps.put(WSHandlerConstants.ACTION,
"UsernameToken Timestamp Signature Encrypt");
inProps.put("passwordType", "PasswordText");
inProps.put("passwordCallbackClass",
ClientPasswordCallback.class.getName());
inProps.put("decryptionPropFile", "etc/client_enc.properties");
inProps.put("encryptionKeyIdentifier", "IssuerSerial");
inProps.put("signaturePropFile", "etc/client_sign.properties");
inProps.put("signatureKeyIdentifier", "DirectReference");
return new WSS4JInInterceptor(inProps);
}
private static WSS4JOutInterceptor createOutProperties() {
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION,
"UsernameToken Timestamp Signature Encrypt");
outProps.put("passwordType", "PasswordDigest");
outProps.put(WSHandlerConstants.USER,
"02c6b75f-5fc8-4c05-a79f-78fa1ded10e1");
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
outProps.put("encryptionUser", "pub");
outProps.put(WSHandlerConstants.ENC_PROP_FILE,
"etc/client_enc.properties");
outProps.put("encryptionKeyIdentifier", "IssuerSerial");
outProps.put("encryptionParts", "{Element}{" + WSU_NS +
"}Timestamp;"
+ "{Content}" +
"{http://www.w3.org/2003/05/soap-envelope}Body";);
outProps.put(WSHandlerConstants.SIG_PROP_FILE,
"etc/client_sign.properties");
outProps.put("signatureKeyIdentifier", "DirectReference");
outProps.put("signatureParts", "{Element}{" + WSU_NS + "}Timestamp;"
+ "{Element}" +
"{http://www.w3.org/2003/05/soap-envelope}Body";);
return new WSS4JOutInterceptor(outProps);
}
-----Mensagem original-----
De: Nícolas Fontenele [mailto:[email protected]]
Enviada: terça-feira, 28 de agosto de 2012 15:11
Para: [email protected]; [email protected]
Assunto: RE: Using cxf with X509v3 certificates
Thanks for the answer, I'll paste wsdl here.
What I have been trying is use wss4j interceptors as I can see in some
examples.
I imported both certificates on my keystore and I can see debugging
that the password handler get the keys from that.
My problem right now is that CXF is expecting an initial token ( of a
class SecurityToken ) on the request context property
''ws-security.token''. I saw it debugging.
Is correct to use this property?
I saw in ws security samples that only set properties on the
interceptors and not in the requestcontext of the client.
And if this behavior is correct, How can I create this token? Should
I use another property?
Wsdl is below, any idea?
Thanks!
<?xml version="1.0" encoding="utf-8"?> <wsdl:definitions
xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy";
xmlns:wsa10="http://www.w3.org/2005/08/addressing";
xmlns:tns="http://tempuri.org/";
xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract";
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/";
xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata";
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
ecurit y-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema";
name="SecGtwService" targetNamespace="http://tempuri.org/";
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";>
<wsp:Policy wsu:Id="CertificateEndPoint_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/
Includ
eToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireDerivedKeys />
<sp:BootstrapPolicy>
<wsp:Policy>
<sp:SignedParts>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts>
<sp:Body />
</sp:EncryptedParts>
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<mssp:SslContextToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/
Includ
eToken/AlwaysToRecipient"
xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:RequireDerivedKeys />
<mssp:RequireClientCertificate />
</wsp:Policy>
</mssp:SslContextToken>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:EncryptSignature />
<sp:OnlySignEntireHeadersAndBody />
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11>
<wsp:Policy />
</sp:Wss11>
<sp:Trust10>
<wsp:Policy>
<sp:MustSupportIssuedTokens />
<sp:RequireClientEntropy />
<sp:RequireServerEntropy />
</wsp:Policy>
</sp:Trust10>
</wsp:Policy>
</sp:BootstrapPolicy>
</wsp:Policy>
</sp:SecureConversationToken>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:EncryptSignature />
<sp:OnlySignEntireHeadersAndBody />
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy />
</sp:Wss11>
<sp:Trust10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:MustSupportIssuedTokens />
<sp:RequireClientEntropy />
<sp:RequireServerEntropy />
</wsp:Policy>
</sp:Trust10>
<wsaw:UsingAddressing />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy
wsu:Id="CertificateEndPoint_AuthenticateService_Input_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy
wsu:Id="CertificateEndPoint_AuthenticateService_output_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy
wsu:Id="CertificateEndPoint_ValidadeTokenService_Input_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy
wsu:Id="CertificateEndPoint_ValidadeTokenService_output_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="CertificateEndPoint_WhoIAm_Input_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="CertificateEndPoint_WhoIAm_output_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
<sp:Header Name="To"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="From"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="FaultTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="ReplyTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="MessageID"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="RelatesTo"
Namespace="http://www.w3.org/2005/08/addressing"; />
<sp:Header Name="Action"
Namespace="http://www.w3.org/2005/08/addressing"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports";>
<xsd:import
schemaLocation="http://nrio0230dco.pactual.net/services/SecureGateway/
Calyps oGatewayCert/SecGtwServiceHost.svc?xsd=xsd0"
namespace="http://tempuri.org/";
/>
<xsd:import
schemaLocation="http://nrio0230dco.pactual.net/services/SecureGateway/
Calyps oGatewayCert/SecGtwServiceHost.svc?xsd=xsd1"
namespace="http://schemas.microsoft.com/2003/10/Serialization/"; />
<xsd:import
schemaLocation="http://nrio0230dco.pactual.net/services/SecureGateway/
Calyps oGatewayCert/SecGtwServiceHost.svc?xsd=xsd2"
namespace="http://schemas.datacontract.org/2004/07/Pactual.SecureGatew
ay.Ser
vices.Contracts" />
</xsd:schema>
</wsdl:types>
<wsdl:message
name="ISecGtwServiceContract_AuthenticateService_InputMessage">
<wsdl:part name="parameters" element="tns:AuthenticateService" />
</wsdl:message>
<wsdl:message
name="ISecGtwServiceContract_AuthenticateService_OutputMessage">
<wsdl:part name="parameters"
element="tns:AuthenticateServiceResponse"
/>
</wsdl:message>
<wsdl:message
name="ISecGtwServiceContract_ValidadeTokenService_InputMessage">
<wsdl:part name="parameters" element="tns:ValidadeTokenService" />
</wsdl:message>
<wsdl:message
name="ISecGtwServiceContract_ValidadeTokenService_OutputMessage">
<wsdl:part name="parameters"
element="tns:ValidadeTokenServiceResponse"
/>
</wsdl:message>
<wsdl:message name="ISecGtwServiceContract_WhoIAm_InputMessage">
<wsdl:part name="parameters" element="tns:WhoIAm" />
</wsdl:message>
<wsdl:message name="ISecGtwServiceContract_WhoIAm_OutputMessage">
<wsdl:part name="parameters" element="tns:WhoIAmResponse" />
</wsdl:message>
<wsdl:portType name="ISecGtwServiceContract">
<wsdl:operation name="AuthenticateService">
<wsdl:input
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/AuthenticateService";
message="tns:ISecGtwServiceContract_AuthenticateService_InputMessage" />
<wsdl:output
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/AuthenticateSer
viceRe
sponse"
message="tns:ISecGtwServiceContract_AuthenticateService_OutputMessage" />
</wsdl:operation>
<wsdl:operation name="ValidadeTokenService">
<wsdl:input
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/ValidadeTokenService";
message="tns:ISecGtwServiceContract_ValidadeTokenService_InputMessage" />
<wsdl:output
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/ValidadeTokenSe
rviceR
esponse"
message="tns:ISecGtwServiceContract_ValidadeTokenService_OutputMessage" />
</wsdl:operation>
<wsdl:operation name="WhoIAm">
<wsdl:input
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/WhoIAm";
message="tns:ISecGtwServiceContract_WhoIAm_InputMessage" />
<wsdl:output
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/WhoIAmResponse";
message="tns:ISecGtwServiceContract_WhoIAm_OutputMessage" />
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="CertificateEndPoint"
type="tns:ISecGtwServiceContract">
<wsp:PolicyReference URI="#CertificateEndPoint_policy" />
<soap12:binding transport="http://schemas.xmlsoap.org/soap/http"; />
<wsdl:operation name="AuthenticateService">
<soap12:operation
soapAction="http://tempuri.org/ISecGtwServiceContract/AuthenticateService";
style="document" />
<wsdl:input>
<wsp:PolicyReference
URI="#CertificateEndPoint_AuthenticateService_Input_policy" />
<soap12:body use="literal" />
</wsdl:input>
<wsdl:output>
<wsp:PolicyReference
URI="#CertificateEndPoint_AuthenticateService_output_policy" />
<soap12:body use="literal" />
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="ValidadeTokenService">
<soap12:operation
soapAction="http://tempuri.org/ISecGtwServiceContract/ValidadeTokenService";
style="document" />
<wsdl:input>
<wsp:PolicyReference
URI="#CertificateEndPoint_ValidadeTokenService_Input_policy" />
<soap12:body use="literal" />
</wsdl:input>
<wsdl:output>
<wsp:PolicyReference
URI="#CertificateEndPoint_ValidadeTokenService_output_policy" />
<soap12:body use="literal" />
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="WhoIAm">
<soap12:operation
soapAction="http://tempuri.org/ISecGtwServiceContract/WhoIAm";
style="document" />
<wsdl:input>
<wsp:PolicyReference
URI="#CertificateEndPoint_WhoIAm_Input_policy"
/>
<soap12:body use="literal" />
</wsdl:input>
<wsdl:output>
<wsp:PolicyReference
URI="#CertificateEndPoint_WhoIAm_output_policy"
/>
<soap12:body use="literal" />
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="SecGtwService">
<wsdl:port name="CertificateEndPoint"
binding="tns:CertificateEndPoint">
<soap12:address
location="http://nrio0230dco.pactual.net/services/SecureGateway/Calyps
oGatew
ayCert/SecGtwServiceHost.svc" />
<wsa10:EndpointReference>
<wsa10:Address>http://nrio0230dco.pactual.net/services/SecureGateway/C
alypso GatewayCert/SecGtwServiceHost.svc</wsa10:Address>
<Identity
xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
<X509Data>
<X509Certificate>MIIBxTCCAXOgAwIBAgIQoF4m3EAEm4RCITdLvQ/MxTAJBgUrDgMCH
QUAMBY
xFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTEyMDcxODAwMjQzN1oXDTM5MTIzMTIzNTk1O
VowKDE
mMCQGA1UEAxMdUGFjdHVhbC5TZWN1cmVHYXRld2F5LlNlcnZpY2UwgZ8wDQYJKoZIhvcNA
QEBBQA
DgY0AMIGJAoGBAN7Bng23dMbhRgzQ3KuD1uox0MriWjJON3DL1tQsHqGqjE9ZiTeVnijDE
Wxre93
8+/sELJ+Ru3mdoQae+ICfn3guBEwg80MBqeQlpNmWMssaKVWJAK5ur2YCo3UNoju2d+ZEg
8+D0
8+73tQ
4MLp68a3TfUEKrzrBbXZQbFak8opoyCPhAgMBAAGjSzBJMEcGA1UdAQRAMD6AEBLkCS0GH
R1PAI1
hIdwWZGOhGDAWMRQwEgYDVQQDEwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7jUqlw19DAJB
gUrDgM
CHQUAA0EAVL4d3PW6GhtrfEyYBghg5SIzwrsaKUvOsudIEPuOH8xWPbkgyFszcxKJpOj2d
xawvNv srBo8D62D9xUTMexQHw==</X509Certificate>
</X509Data>
</KeyInfo>
</Identity>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
-----Mensagem original-----
De: Colm O hEigeartaigh [mailto:[email protected]]
Enviada: terça-feira, 28 de agosto de 2012 14:45
Para: [email protected]
Assunto: Re: Using cxf with X509v3 certificates
Yes, CXF supports this configuration. Your WSDL did not make it
through though so I can't tell what the problem is. Try just copying
and pasting the security binding directly into an email?
Colm.
On Tue, Aug 28, 2012 at 6:20 PM, Nícolas Fontenele <[email protected]>
wrote:
Hi all,****
** **
I'm developing a client service to consume a .net service with
x509v3 certificate using ws-security.****
The Service uses symmetric binding, with
includeToken="prefix/AlwaysToRecipient" and a
<sp:ProtectionToken>.****
I have two certificates, a *.pfx file and *.cer which I have to use
to
access.****
My wsdl is attached.****
My question is Does cxf supports this configuration?****
** **
Best Regards,****
** **
** **
*Nícolas Fontenele*
** **
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
