I'd strongly encourage you to use a web services framework instead of trying to roll your own security. Take a look at some of the CXF examples here:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=tree;f=systests/ws-security-examples;h=0c0a7a6a32f9aa27778890440e37d74afae93d11;hb=HEAD Colm. On Thu, Jan 19, 2017 at 10:59 PM, Devon Miller <[email protected]> wrote: > I am trying to create a SOAP security header but am having difficulty > understanding how to create the proper crypto and other configs. I have > attached the WSDL policy (not the entire WSDL) as well as the token request > and response from the server and a whoami request that shows a example of > the security header that I need to generate. The server is a WCF endpoint > e.g. CRM system. All of the attachments are to a small virtual machine demo > system I setup to test security processing in java. I am using wss4j 2.1.8 > > I've gone through the wss4j tests trying to stitch together just the right > parts as I don't need to have anything robust, just a security header that > meets this one target. When trying to use axis2 to generate the stubs, it > did not seem to generate the security part and I just need some code for > the client side in a non-servlet scenario. I tried to look at rampart to > understand it may create the config but reading that code did not help. I > have also read through the standards but that's not helped me map it to the > code I need. > > Thoughts on which wss4j tests might hold critical code for me to look at > and cut and paste from? For example, I've yet to figure out how to create > the proper crypto to use with the signature, it seems all the choices use > disk-based keystores. > > Thoughts? > > > val secHeader = new WSSecHeader(doc) > secHeader.insertSecurityHeader() > val timestamp = new WSSecTimestamp() > timestamp.setTimeToLive(3600 * 2) > timestamp.build(doc, secHeader) > val x509Data = new DOMX509Data(doc, > new DOMX509IssuerSerial(doc, "CN=DemoCrmServer, DC=Demo, DC=Local", > new > java.math.BigInteger("825127572376036501802804159644169187033612293"))) > // This gives me an error because I do not have a crypto.properties, > but I just need a memory based version > val crypto = CryptoFactory.getInstance() > val signer = new WSSecSignature() > signer.setSigCanonicalization(WSS4JConstants.C14N_EXCL_OMIT_COMMENTS) > signer.setKeyIdentifierType(WSConstants.ISSUER_SERIAL) > // What's the right crypto? > val signedDoc = signer.build(doc, crypto, secHeader) > ... > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
