Okay thanks. Correct me if i'm wrong, but the only thing i have to do is add the interceptor that sets the correct certificate?
kind regards, Ted 2013/5/23 Colm O hEigeartaigh <[email protected]> > You are using the older "Action" style configuration with > WS-SecurityPolicy, which doesn't work. With WS-SecurityPolicy you don't > tell it what security actions to perform, as the policy already contains > all of this information. You just need to let it know the correct > credentials for signing/encryption etc. > > See here for some information about configuration: > > http://cxf.apache.org/docs/ws-securitypolicy.html > > Colm. > > > On Thu, May 23, 2013 at 10:34 AM, Ted Roeloffzen > <[email protected]>wrote: > > > Hello all, > > > > I'm having al little difficulty setting up my client-webservice with the > > correct settings. > > This is the main part of the WSDL that i have to comply to. > > > > <wsp:Policy wsu:Id=""> > > <wsp:ExactlyOne> > > <wsp:All> > > <sp:AsymmetricBinding xmlns:sp=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > <wsp:Policy> > > <sp:InitiatorToken> > > <wsp:Policy> > > <sp:X509Token sp:IncludeToken=" > > > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > > "> > > <wsp:Policy> > > <sp:RequireThumbprintReference/> > > <sp:WssX509V3Token10/> > > </wsp:Policy> > > </sp:X509Token> > > </wsp:Policy> > > </sp:InitiatorToken> > > <sp:RecipientToken> > > <wsp:Policy> > > <sp:X509Token sp:IncludeToken=" > > > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator > > "> > > <wsp:Policy> > > <sp:RequireThumbprintReference/> > > <sp:WssX509V3Token10/> > > </wsp:Policy> > > </sp:X509Token> > > </wsp:Policy> > > </sp:RecipientToken> > > <sp:AlgorithmSuite> > > <wsp:Policy> > > <sp:Basic256Sha256Rsa15/> > > </wsp:Policy> > > </sp:AlgorithmSuite> > > <sp:Layout> > > <wsp:Policy> > > <sp:Lax/> > > </wsp:Policy> > > </sp:Layout> > > <sp:IncludeTimestamp/> > > <sp:OnlySignEntireHeadersAndBody/> > > </wsp:Policy> > > </sp:AsymmetricBinding> > > </wsp:All> > > </wsp:ExactlyOne> > > </wsp:Policy> > > <wsp:Policy wsu:Id=""> > > <wsp:ExactlyOne> > > <wsp:All> > > <sp:SignedParts xmlns:sp=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > <sp:Body/> > > </sp:SignedParts> > > </wsp:All> > > </wsp:ExactlyOne> > > </wsp:Policy> > > > > i have deleted the id's, for the sake of our client. > > > > The problem is that i'm unable the setup the correct token inclusion and > so > > on. > > I can't seem to figure out which parameters have to be set with CXF. > > Since we don't use Spring, I have to configure everything through the > API. > > > > > > THis is what i have so far. > > Map<String, Object> outProps = new HashMap<String, Object>(); > > outProps.put(WSHandlerConstants.ACTION, > > WSHandlerConstants.TIMESTAMP + " " > > + WSHandlerConstants.SIGNATURE); > > outProps.put(WSHandlerConstants.SIG_ALGO, > > "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";); > > outProps.put(WSHandlerConstants.SIG_DIGEST_ALGO, " > > http://www.w3.org/2001/04/xmlenc#sha256";); > > > > WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); > > client.getOutInterceptors().add(wssOut); > > > > And i'm adding a custom Interceptor that does this in the handleMessage > at > > the Pre_logical phase > > > > X509Certificate[] certificates = {holder.getCertificate()}; > > CertificateStore store = new CertificateStore(certificates); > > > > message.put(SecurityConstants.SIGNATURE_CRYPTO, store); > > > > Can one of you point me in the right direction? > > > > kind regards, > > > > Ted > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
