the webservices stack in JBoss AS 7 is JBossWS-CXF, so the WS-Security implementation is completely different and configured differently. Have a look at https://docs.jboss.org/author/display/AS71/WS-Security for further details on the ws-security usage in 7.1
Thank you for your reply, Alessio. I understand it.
I use Eclipse IDE and JBossTools in implementing JBoss web services. As you know, wsdl is generated automatically with Eclipse IDE JBossWS wizard. But in this doc I have to type in <wsp:Policy> element in wsdl manually and build with ant.
I don't know how to generate wsdl with <wsp:Policy> element automatically in Eclipse IDE and JBossTools.
And I have some problems in invoking jaxws-endpoint-config.xml in my Eclipse project. The property name and value can't be defined. Pls, see this thread, https://community.jboss.org/thread/228269.
I need your advice. Best regards!
I don't know a lot of Eclipse tooling, but generally speaking you're responsible for setting the desired policy assertions in the wsdl (it's a contract first approach). I don't think the eclipse tooling has wizards for automatically creating the policy assertions of given security setups, but I might not be up-to-date here.
Alessio, I reproduced ws-security of jbossws-cxf successfully with your document. And I have a few suggestions to Jbossws-cxf ws-security implementation.
As you know, jpa provides the persistence.xml. With this file Eclipse IDE user can interact and set properties with hibernate. For your understanding, this is the sample.
<persistence xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd" version="2.0">
<property name="hibernate.show_sql" value="true"/> ==> these elements can set the properties to hibernate and generate table automatically when build
<property name="org.hibernate.hbm2ddl" value="update"/> ==> these elements can set the properties to hibernate and generate table automatically when build
<property name="org.hibernate.dialect" value="org.hibernate.dialect.MySQL5Dialect"/> ==> these elements can set the properties to hibernate and generate table automatically when build
jaxws-endpoint-config.xml of jbossws-cxf in eclispe IDE has no such functions. jaxws-endpoint-config.xml in eclispe IDE throws no exception even when it is
invalid xml file. And in wsdl I have to type in <wsp:Policy> element manually , even namespaces.
Alessio! I suggest that Eclipse IDE user can implement jbossws-cxf ws-security easily and automatically with jaxws-endpoint-config.xml. I want two fuctions to be provided to jaxws-endpoint-config.xml.
1. During building and deploying web services in eclipse IDE, <wsp:Policy> element is generated automatically in wsdl with the property settings of jaxws-endpoint-config.xml file. wsdl can be generated in Eclipse IDE during deployment.
2. During building and deploying web services in eclipse IDE, jaxws-endpoint-config.xml throws exceptions when settings are not correct.
How about my suggestion? If you agree, I will post this issue on JIRA for your development.
I am an author of JBoss AS and preparing for next JBoss AS 8, wildfly. In my next book about wildfly with eclipse, I want to add ws-security section. I am sure this will be helpful to implement ws-security in jbossws-cxf.
I am waiting your positive reply. Thanks!
I appreciate your proactive approach. The problem here is however a bit more complicated. Let's forget about the IDE for a while, the issue here is that the whole ws-security policy support is contract based. Moreover, there's really a big set of possible configurations you can have for the ws-security policy assertions. So, something which might be worth evaluating is a functionality for generating templates / examples of ws-security assertions for common scenarios. We could have, e.g. a list of ws security configuration names each corresponding to a set of assertions to be added in the wsdl. That would allow providing a basic java-first ws-security policy support. The configuration name could then of course be specified either in the jaxws-endpoint-config.xml or using a new custom annotation in the endpoint class. Then, the IDE could be updated to pick up this functionality.
Thank you for your detailed reply, Alessio. I understand your circumstance.
Then pls, inform me until when your issue of a functionality for generating templates / examples of ws-security assertions for common scenarios will be solved. I mean the version of JBossWS-CXF.
As I told you, I have plan to write a book about Wildfly with Eclipse IDE. WS-security implementation in IDE is important in my book.
Thanks in advanced. Have a nice day!