Have you registered the WSS4JOutInterceptor to the OutInterceptors of
you cxfEndpoint?
--cut
Map<String,Object> outProps = new HashMap<String,Object>();
// activate signing of outgoing messages
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
// the alias name in the keystore to get user's certificate and key
outProps.put(WSHandlerConstants.USER, LocalKeyStoreAlias);
// BinarySecurityToken
// outProps.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
// Callback Class
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
// Signing parameters
Properties sigProps = new Properties();
// Merlin Class
sigProps.put("org.apache.ws.security.crypto.provider",
MyMerlin.class.getName());
outProps.put("cryptoProperties", sigProps);
outProps.put(WSHandlerConstants.SIG_PROP_REF_ID, "cryptoProperties");
// Add WSS4JOutInterceptor to the endpoint
Client client = ClientProxy.getClient(port);
Endpoint cxfEndpoint = client.getEndpoint();
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
--cut
Am 20.10.2016 um 13:33 schrieb Jeroen Breedveld:
Hi all,
Using Apache CXF I've created Java code to access a SOAP service described
by a wsdl.
I can now work the service with a couple of lines of code:
*InitiateInvite initiateInvite =
webservicesObjectFactory.createInitiateInvite();*
*InitiateInviteResponse initiateInviteResponse =
certificateServices.getCertificateServicesSoap().initiateInvite(initiateInvite);*
But the SOAP service expects the payload to be signed. I followed the
instructions here http://cxf.apache.org/docs/ws-security.html and now have
a Client with the correct interceptors registered
on the endpoints but the payload is still not signed. The CallbackHandler
for the password is also not called.
How do I combine the client with the generated code to make Apache CXF sign
the SOAP payload?
Thanks for any help and regards,
Jeroen
