0 Replies Latest reply on Mar 24, 2008 10:19 PM by Pramod Nair

    WS-Security and Handlers

    Pramod Nair Novice

      I have a simple web service which I have implemented username token authentication. Also I have my own Policy handler which I have configured using @handlerChain. I would like to invoke this handler between the JBossWS authenticates the usernametoken and actual execution of the method.


      package test;

      import javax.ejb.Stateless;
      import javax.jws.HandlerChain;
      import javax.jws.WebService;
      import javax.jws.WebMethod;
      import javax.jws.soap.SOAPBinding;
      import org.jboss.annotation.security.SecurityDomain;
      import org.jboss.ws.annotation.EndpointConfig;

      import com.sun.xacml.Indenter;
      import com.sun.xacml.ctx.ResponseCtx;

      @Stateless
      @WebService
      (name="TestWSEJB",
      targetNamespace = "http://test",
      serviceName = "TestWSEJBService")
      @SOAPBinding(style = SOAPBinding.Style.DOCUMENT)
      @EndpointConfig(configName = "Standard WSSecurity Endpoint")
      @SecurityDomain("JBossWS")
      @HandlerChain(file = "jaxws-handlers-server.xml")
      public class TestWSEJB {
      @WebMethod
      public String ping (String name) throws Exception
      {
      return "Hello : " + name;
      }
      }



      <?xml version="1.0" encoding="UTF-8"?>

      <handler-chains xmlns="http://java.sun.com/xml/ns/javaee"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee javaee_web_services_1_2.xsd">

      <handler-chain>
      <protocol-bindings>##SOAP11_HTTP</protocol-bindings>

      <handler-name> PolicyHandler </handler-name>
      <handler-class> test.WSXACMLPolicyHandler </handler-class>
      <soap-role>SecurityProvider</soap-role>

      </handler-chain>
      </handler-chains>