Thank you for your answer, Freeman. Could you provide some example on this issue, please? I'm a newbie in ServiceMix and therefore, I would very appreciate if you were able to give some kind of a direction on how to get this problem resolved.
Thank you once again. Freeman Fang wrote: > > timm01 wrote: >> thanks for your reply Freeman. >> >> In cxf-ws-security example cxf bc extract the credentials and >> authentificates it in JAAS, but it isn't pass it to cxf se. >> Am I right? >> After having added LoggingInInterceptor in cxf se, I have figured out >> that >> incoming message doesn't have security header. >> >> >> >> > you can specify which service in servicemix could be access based on the > credetial extracted by cxf bc, something like > <sm:broker> > <sm:securedBroker> > <sm:authorizationMap> > <sm:authorizationMap> > <sm:authorizationEntries> > <sm:authorizationEntry > service="prefix:yourservicecouldbeaccessbyadmin" roles="admin" /> > </sm:authorizationEntries> > </sm:authorizationMap> > </sm:authorizationMap> > </sm:securedBroker> > </sm:broker> > so it's no need the JBI message inside servicemix have security header. > Also, the ws-security header are based on soap payload, but generally > the message inside Servicemix aren't soap payload. > If you really want to keep the username/password for your message > exchange inside servicemix, you can put username/password as message > exchagne properties and handle it yourself. > Freeman >> Freeman Fang wrote: >> >>> Hi, >>> You needn't copy the credential data from one message to another IMO, >>> cxf bc extract the credentials data by ws-security and then delegate the >>> AA to JAAS service inside Servicemix. >>> You may need take a look at cxf-ws-security example shipped with FUSE >>> ESB (which is based on Apache ServiceMix). >>> You can download the FUSE ESB from [1] >>> [1]http://fusesource.com/ >>> Freeman >>> timm01 wrote: >>> >>>> Hello All. >>>> >>>> I need to pass security credentials between endpoints (cxf >>>> webservices), >>>> deployed on servicemix. >>>> >>>> First service assembly contains cxfbc:consumer and cxfse:endpoint. >>>> While >>>> the >>>> second one has another cxfse:endpoint. First endpoint calls second one >>>> using >>>> cxfse:proxy. >>>> >>>> In cxfbc:consumer I'm using ws-security to recieve credentials the >>>> latter >>>> is >>>> implemented with WSS4JInInterceptor. >>>> >>>> Does anyone have any idea of how to use security credentials at the >>>> endpoints? If it's done via copying the data from one message to >>>> another, >>>> what is the proper way to implement that? Otherwise is there a way to >>>> have >>>> it done automatically? >>>> >>>> Here is my configuration: >>>> <cxfbc:consumer wsdl="classpath:ITSM/WSDL/SupportTicket-v1.wsdl" >>>> targetService="service:SupportTicketService_v1_0" >>>> targetInterface="service:SupportTicket_v1_0"> >>>> <cxfbc:inInterceptors> >>>> <bean >>>> class="org.apache.cxf.interceptor.LoggingInInterceptor"/> >>>> <ref bean="wss4jIn_request"/> >>>> <ref bean="saajIn_request"/> >>>> </cxfbc:inInterceptors> >>>> </cxfbc:consumer> >>>> >>>> <cxfse:endpoint service="service:SupportTicketService_v1_0"> >>>> <cxfse:pojo> >>>> <bean >>>> class="com.....supportticketservice_v1.SupportTicketImpl"> >>>> <property name="ticketRouter"> >>>> <cxfse:proxy service="rt:RTAdapterService_v1_0" >>>> context="#context" >>>> >>>> type="com.....wsdl.rtadapterservice_v1.RTAdapterV10"/> >>>> </property> >>>> </bean> >>>> </cxfse:pojo> >>>> </cxfse:endpoint> >>>> >>>> and second enpoint in another assembly: >>>> >>>> <cxfse:endpoint service="service:RTAdapterService_v1_0"> >>>> <cxfse:pojo> >>>> <bean class="com.....rtadapterservice_v1.RTAdapterImpl"> >>>> <property name="rtAdapterService" >>>> ref="rtAdapterService"/> >>>> </bean> >>>> </cxfse:pojo> >>>> </cxfse:endpoint> >>>> >>>> >>>> Thanks in advance for your replies. >>>> >>>> >>>> >>>> >>> >>> >> >> > > > -- View this message in context: http://www.nabble.com/How-to-use-ws-security-credentials-in-cxf-endpoint-tp21973209p21976204.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
