Hi, If you will use ws-policy, it is enough to attach (embed) the policy into WSDL and configure necessary security parameters like keystores and alias. CXF will care about activation of necessary interceptors automatically.
I would recommend you to look in Glen Mazza blogs: - UsernameToken security using ws-policy http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile - SAML using ws-policy: http://www.jroller.com/gmazza/entry/cxf_sts_tutorial Just make that step by step, you will have a filling how it works CXF. If you like to understand internal ws-policy mechanisms in CXF, refer my blog: http://ashakirin.blogspot.de/2012/02/using-ws-policy-in-cxf-projects.html I hope it is helpful. Regards, Andrei. From: renu gupta [mailto:[email protected]] Sent: Donnerstag, 20. Februar 2014 06:09 To: Andrei Shakirin Subject: Re: Information on using Interceptors in Service Side The link which you have given talks about configuration at connector end but I want to know how we can leverage the interceptors at services end. We are having our custom implementation which takes care of invocation of service, publishing it and doing authentication and we uses Metro for security feature, we want to use CXF instead of Metro and wss4j. So we don't want to change the whole implementation of the Services we have now , but just want to hook in CXF interceptors or API's if available to do the validation etc for the Security/ Addressing and SAML case. Thanks, Renu On Wed, Feb 19, 2014 at 9:50 PM, Andrei Shakirin <[email protected]<mailto:[email protected]>> wrote: Hi, There are different ways to do that: a) using ws-policy - recommended way b) using features (WS-Addressing) and security actions configuration (security) c) configure interceptors in client/endpoint or bus level d) add interceptors dynamically for code I would prefer alternative (a) for WSA and SAML (http://cxf.apache.org/docs/ws-securitypolicy.html), but final decision depends on your requirements. Regards, Andrei. From: renu gupta [mailto:[email protected]<mailto:[email protected]>] Sent: Mittwoch, 19. Februar 2014 16:31 To: [email protected]<mailto:[email protected]>; Andrei Shakirin Subject: Information on using Interceptors in Service Side Hi , We are having our own custom service implementation which takes care of publishing the wsdl. We were using the Metro for the security feature and wss4j for the SAML support. As we are planning to leverage CXF. I have some doubts : How can we use the interceptors to achieve the particular feature like WS Addressing , SAML . Does CXF provides the API's directly which we can hook ? Thanks, Renu
