-
1. Re: Seam WS encryption
sander Jan 15, 2009 11:33 AM (in response to chuaky)What kind of encryption do you mean ?
The most simple thing to do is use ssl so that everything is encrypted.Furthermore the WS familiy has some specs that covers how to encrypt things (can't remember which one) but I think it would then be a matter of the app server (or ws lib) to deal with that and not seam
-
2. Re: Seam WS encryption
chuaky Jan 19, 2009 3:05 AM (in response to chuaky)hi Sander,
To secure the the WS endpoint, one could secure the http transport or use WS-Security. I was thinking that WS-Security is easily to use, so i was browsing the seam documentation to do that.
The Seam configuration for web service consists of a part on configuring the endpoint:
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd"> <endpoint-config> <config-name>Seam WebService Endpoint</config-name> <pre-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>SOAP Request Handler</javaee:handler-name> <javaee:handler-class>org.jboss.seam.webservice.SOAPRequestHandler</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </pre-handler-chains> </endpoint-config> </jaxws-config>
To secure using WS-Security, i am not sure if the current javaee:handler in seam can do it.
The jboss ws endpoint configuration info is Here
See also Steps for implementing WS-Security in JBoss using Username token Authentica
Best regards.
-
3. Re: Seam WS encryption
sander Jan 19, 2009 6:20 PM (in response to chuaky)It's an handler chain so you should be able to chain them. The Seam SoapRequestHandler does not do much, just starting and closing the session context so that shouldn't be a problem.
Try making some test setups as I have no experience with this. For the WSS stuff you'd probably need to be in the AS forum if that doesn't work.
Good luck