0 Replies Latest reply on Aug 12, 2008 9:17 AM by Vladyslav Kosulin

    WS Secutiry configration questions

    Vladyslav Kosulin Newbie

      We have few external clients requesting their data from the same server using the same endpoint.
      I would like to configure security using both their and ours private keys as follows:
      - every client signs their request with their private key, and the server uses the corresponding public key (from keystore) to authorize them and get their principal.
      - our response is signed with our server private key (from trusted store), and clients use our public key to authenticate the response.

      I tried to get through WIKI and User Guide, tried jboss-wsse-server.xml configs from there, but there is no example similar to what I need if I did not miss something.

      How do I configure WS-Security for this scenario?

      My env: java 6, JBoss 5.0.0CR1, jbossws core 3.02. Clients are .NET if this is important.