7 Replies Latest reply on Apr 4, 2011 5:48 AM by Alessio Soldano

    WS-Security on JBoss 6 (with CXF)

    Frank Bitzer Newbie

      Hi guys,


      I'm struggling implementing WS-Security UsernameToken authentification in JBoss 6 (M4 and above). As I could read in the release notes, starting with Milestone4 JBossWS-CXF is used instead of JBossWS-Native. All the documentation I could find concentrates on JBossWS in JBoss AS 4 or JBoss 5 and uses the @EndpointConfig annotation. However, in JBoss 6 there is no such annotation?

      Well, I think I have to go with the @HandlerChain instead, right?


      Here is what I want to do:


      - Intercept each incoming SOAP Request

      - Check the WS-Security UsernameToken headers in the SOAP message header

      - verify the provided username and passwort by looking up in the database of my application


      --> in order to do this, the very very best solution would be to have a stateless session bean called within the handler chain. Is this possible?