The work I'm doing is for my diploma project. So it kind of necessary
to have it all as academical as possible. DFrahm sent a snippet on
this list as an answer to a previous question I've posted.
[...snip...]
Message requestMessage = msgContext.getRequestMessage();
SOAPEnvelope unsignedEnvelope = requestMessage.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
// WSS4J Start ---------------------------------------------
/*
* Instantiate Crypto for WSS4J via dynamic methods. Domino agents
* can't see file resources, plus we need to compute the keystore
* location anyway.
*/
String cryptoClassName =
"org.apache.ws.security.components.crypto.BouncyCastle"; //
"org.apache.ws.security.components.crypto.Merlin"
Properties properties = new Properties();
properties.put("org.apache.ws.security.crypto.provider", cryptoClassName);
properties.put("org.apache.ws.security.crypto.merlin.keystore.type",
keystoreType);
properties.put("org.apache.ws.security.crypto.merlin.keystore.password",
keystorePass);
properties.put("org.apache.ws.security.crypto.merlin.keystore.alias",
privateKeyAlias);
properties.put("org.apache.ws.security.crypto.merlin.alias.password",
privateKeyPass);
properties.put("org.apache.ws.security.crypto.merlin.file", keystoreFile);
Crypto crypto = CryptoFactory.getInstance(cryptoClassName, properties);
WSSignEnvelope builder = new WSSignEnvelope();
builder.setUserInfo(privateKeyAlias, privateKeyPass);
// builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL); // Doesn't
embed the certificate.
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); //
This does embed the certificate.
WSSAddUsernameToken usernameToken = new WSSAddUsernameToken();
builder.setUsernameToken(usernameToken);
Document signedDoc = builder.build(doc, crypto);
/*
* Convert the resulting document into a message first. The
* toSOAPMessage() method performs the necessary c14n call to
* properly set up the signed document and convert it into a SOAP
* message.
*/
Message signedMsg = (Message) SOAPUtil.toSOAPMessage(signedDoc);
if (logger.isDebugEnabled()) {
logger.debug("Signed message:");
XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(),
new PrintWriter(System.out));
}
/*
* Extract as a document again if need further processing. signedDoc =
* signedMsg.getSOAPEnvelope().getAsDocument();
*/
/*
* Set signed message as current message.
*/
msgContext.setCurrentMessage(signedMsg);
// WSS4J End ---------------------------------------------
[...snip...]
Seeing this snippet made me realize that this is what I should have in
my project. I've tried seaching some for some hints or examples on
google but I didn't had any luck. And know I am a little bit late,
only 10 days left for me to finish the project.
I've implemented Username, Signature and Encrypt using wsdd
configuration files for the client.
What I want is to do this programatically. I think handlers will be
the nicest solution.
But I don't want to explude your suggested solution. Can you please
give me some hints and / or examples for these?
Thank you!
Emanuel
On 2/9/06, Dittmann, Werner <[EMAIL PROTECTED]> wrote:
> Emanuel,
>
> you can do that without creatin a new custom handler. Axis
> provides function to set all properties programatically and
> also to define and setup a handler chain. This way you can
> avoid the use of property files.
>
> Regards,
> Werner
>
> > -----Ursprüngliche Nachricht-----
> > Von: Emanuel Haisiuc [mailto:[EMAIL PROTECTED]
> > Gesendet: Donnerstag, 9. Februar 2006 15:45
> > An: [email protected]
> > Betreff: Custom handler
> >
> > I want to create my own custom handler to process outgoing / incoming
> > soap messages using the wss4j API. The main ideea is not to use the
> > wsdd configuration file for the client.
> >
> > Can anyone give my some hints, links, examples of how to
> > accomplish this?
> >
> > Thank you!
> >
> > Emanuel
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
