2 Replies Latest reply on Aug 28, 2006 11:01 AM by Jason Greene

    Web client for WS Secure web service: how to?

    Gary Ng Newbie

      Hello,

      I have a simple web service created, and an equally simple web-based (servlet) client. Both are deployed to the same JBoss instance.

      Everything works, but now I'd like to enable encryption.

      From reading through the docs and the forum posts, I've managed to get the service to expect a secured message. So, now, when I try to connect to the service from my client, I get back the expected message:

      javax.xml.rpc.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.

      This is fine. So now the question is this: how do I enable security in my web client?

      I understand that jboss-wsse-client.xml is required on the client side - but this XML file does not specify the location of the key or trust.

      The docs say this:

      "We did not specify a key store or trust store, because client apps instead use the wsse System properties instead. If this was a web or ejb client (meaning a webservice client in a war or ejb jar file), then we would have specified them in the client descriptor."

      Can anyone clarify this? Has anyone figured out how to specify these settings in a client descriptor?

      For that matter, has anyone actually managed to get an encrypted web service message working with anything except a stand-alone client?

      Thanks!