Hi, The WS-Security credentials are not passed to the CXF-SE by the CXF_BC.
The reason for this is that the WS-Security credentials once verified by the interceptor for authenticity and authority in the CXF-BC render the header security header pretty much useless for further propagation. In any case the CXF-SE does not have any listeners set up and is just a POJO linked by a channel to the NMR by the CXF_SE component in servicemix-cxf-se-xxxx-fuse-installer.zip. Also, the payload propagated between the CXF-BC and CXF-SE is a JBI Message with the SOAP Body sent as a JBI Part. The WS-Security example (cxf-ws-security) in the FUSE download version 3.x is a good working demo that you could check out for further details. Hope this helps. Cheers, Ashwin... timm01 wrote: > > thanks for your reply Freeman. > > In cxf-ws-security example cxf bc extract the credentials and > authentificates it in JAAS, but it isn't pass it to cxf se. > Am I right? > After having added LoggingInInterceptor in cxf se, I have figured out that > incoming message doesn't have security header. > > > > > Freeman Fang wrote: >> >> Hi, >> You needn't copy the credential data from one message to another IMO, >> cxf bc extract the credentials data by ws-security and then delegate the >> AA to JAAS service inside Servicemix. >> You may need take a look at cxf-ws-security example shipped with FUSE >> ESB (which is based on Apache ServiceMix). >> You can download the FUSE ESB from [1] >> [1]http://fusesource.com/ >> Freeman >> timm01 wrote: >>> Hello All. >>> >>> I need to pass security credentials between endpoints (cxf webservices), >>> deployed on servicemix. >>> >>> First service assembly contains cxfbc:consumer and cxfse:endpoint. While >>> the >>> second one has another cxfse:endpoint. First endpoint calls second one >>> using >>> cxfse:proxy. >>> >>> In cxfbc:consumer I'm using ws-security to recieve credentials the >>> latter is >>> implemented with WSS4JInInterceptor. >>> >>> Does anyone have any idea of how to use security credentials at the >>> endpoints? If it's done via copying the data from one message to >>> another, >>> what is the proper way to implement that? Otherwise is there a way to >>> have >>> it done automatically? >>> >>> Here is my configuration: >>> <cxfbc:consumer wsdl="classpath:ITSM/WSDL/SupportTicket-v1.wsdl" >>> targetService="service:SupportTicketService_v1_0" >>> targetInterface="service:SupportTicket_v1_0"> >>> <cxfbc:inInterceptors> >>> <bean >>> class="org.apache.cxf.interceptor.LoggingInInterceptor"/> >>> <ref bean="wss4jIn_request"/> >>> <ref bean="saajIn_request"/> >>> </cxfbc:inInterceptors> >>> </cxfbc:consumer> >>> >>> <cxfse:endpoint service="service:SupportTicketService_v1_0"> >>> <cxfse:pojo> >>> <bean >>> class="com.....supportticketservice_v1.SupportTicketImpl"> >>> <property name="ticketRouter"> >>> <cxfse:proxy service="rt:RTAdapterService_v1_0" >>> context="#context" >>> >>> type="com.....wsdl.rtadapterservice_v1.RTAdapterV10"/> >>> </property> >>> </bean> >>> </cxfse:pojo> >>> </cxfse:endpoint> >>> >>> and second enpoint in another assembly: >>> >>> <cxfse:endpoint service="service:RTAdapterService_v1_0"> >>> <cxfse:pojo> >>> <bean class="com.....rtadapterservice_v1.RTAdapterImpl"> >>> <property name="rtAdapterService" >>> ref="rtAdapterService"/> >>> </bean> >>> </cxfse:pojo> >>> </cxfse:endpoint> >>> >>> >>> Thanks in advance for your replies. >>> >>> >>> >> >> >> > > ----- --- Ashwin Karpe, Principal Consultant, PS - Opensource Center of Competence Progress Software Corporation 14 Oak Park Drive Bedford, MA 01730 --- +1-972-304-9084 (Office) +1-972-971-1700 (Mobile) ---- Blog: http://opensourceknowledge.blogspot.com/ -- View this message in context: http://www.nabble.com/How-to-use-ws-security-credentials-in-cxf-endpoint-tp21973209p21986701.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
