Actually java first in cxf supports ws-policy very nicely. I have been contributing some additional work in this area and I don't think you need to go to the trouble of having to manually manipulate a wsdl post gen.
With 2.7.1 snapshot I have added additional work to ensure that even if you want to use external ws policy attachments you can have them applied at the binding operation level. Or you can annotate the web service interface with either a classpath reference to a policy file or you can use a #id to refer to q policy embedded in spring context. You can use spring imports to import a policy file but it will need to be embedded in a spring bean xml tag. I have been very happy with all these approaches and performed a lot of testing and it works very well in 2.7 onwards. 2.7.1 just has one enhancement to include policies ij wsdl that have been applied at the op message level. Happy to provide additional info about all this Sent from my Galaxy S2 On Oct 18, 2012 8:38 AM, "Glen Mazza" <[email protected]> wrote: > I'd recommend building a Java-first web service in order to auto-generate > a WSDL[1, link 3][2], then with WSDL in hand switch to a WSDL-first > implementation where you can do whatever security options you want [1, > links 11-21, also the CXF WS-* samples]. > > Glen > > [1] > http://www.jroller.com/gmazza/**entry/blog_article_index<http://www.jroller.com/gmazza/entry/blog_article_index>(link > 3) > [2] http://cxf.apache.org/docs/**defining-contract-first-** > webservices-with-wsdl-**generation-from-java.html<http://cxf.apache.org/docs/defining-contract-first-webservices-with-wsdl-generation-from-java.html> > > On 10/17/2012 03:04 AM, Flavio Campana wrote: > >> Hi everyone, >> i was looking for some example of implementing a web service with CXF >> wich used WS-Security and WS-SecurityPolicy using a code first approach. >> Do you know if there are any? >> >> Thanks. >> > > > -- > Glen Mazza > Talend Community Coders - coders.talend.com > blog: www.jroller.com/gmazza > >
