2 Replies Latest reply on May 9, 2019 8:36 AM by uh_69

WF10, JbossWS 5.1: code first WS-Sec Endpoint w provided WS-sec Policy: how to control plain/signed response ?

uh_69 Apr 16, 2019 11:35 AM

ttsia

we do a WS Sec Webservice which implements x509 token w Signature wo Auth wo Encryption in jboss 4 and want to migrate to WF10 / Jboss WS CXF 5.1.

i found nothing in the documentation how to achive/control the response regarding if its done plain or signed.

any hints ? we need the response be done as plain soap, but the service consumes requests only done with X509 token, asymmetric binding, signature.

thanks for tipps in advance

Ulli

1. Re: WF10, JbossWS 5.1: code first WS-Sec Endpoint w provided WS-sec Policy: how to control plain/signed response ?

uh_69 Apr 17, 2019 9:51 AM (in response to uh_69)

ok, i noticed those output-related ws sec policies in the jboss ws cxf repo under jbossws-cxf/tree/master/modules/client/src/main/resources/META-INF/policies, which means it should be controllable via the Binding of the Policy Annotation ( placement = BINDING_OPERATION_OUTPUT ) ... :-)
Actions
2. Re: WF10, JbossWS 5.1: code first WS-Sec Endpoint w provided WS-sec Policy: how to control plain/signed response ?

uh_69 May 9, 2019 8:36 AM (in response to uh_69)

Annotating the WS Sec Policy File using Policy.Placement.BINDING_OPERATION_INPUT worked fine, now the webservice consumes the WS Sec Requests but answers in plain/unsigned SOAP :-)
Actions