0 Replies Latest reply on May 24, 2012 12:18 PM by Stefano Alba

    Authentication on JBoss AS 7.1 with WS-Policy

    Stefano Alba Newbie

      I have this simple webservice into my JBOSS AS 7.1.

       

      @javax.jws.WebService(
                            serviceName = "HelloWorldService",
                            portName = "HelloWorldPort",
                            targetNamespace = "http://server.wssecurity.sogei.it/",
                            wsdlLocation = "WEB-INF/wsdl/hello-world.wsdl",
                            endpointInterface = "it.sogei.wssecurity.server.HelloWorld")
      @EndpointConfig(configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint")           
      public class HelloWorldImpl implements HelloWorld {

          private static final Logger LOG = Logger.getLogger(HelloWorldImpl.class.getName());

          /* (non-Javadoc)
           * @see it.sogei.wssecurity.server.HelloWorld#sayHello(java.lang.String  arg0 )*
           */
          public java.lang.String sayHello(java.lang.String arg0) {
              LOG.info("Executing operation sayHello");
              System.out.println(arg0);
              try {
                  java.lang.String _return = "Hello " +arg0;
                  return _return;
              } catch (java.lang.Exception ex) {
                  ex.printStackTrace();
                  throw new RuntimeException(ex);
              }
          }

      }

       

      My WSDL have this policy:

       

      <wsp:Policy wsu:Id="UsernameToken"

      xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"

      xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">

      <sp:SupportingTokens>

        <wsp:Policy>

         <sp:UsernameToken

          sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">

          <wsp:Policy>

           <sp:WssUsernameToken10 />

          </wsp:Policy>

         </sp:UsernameToken>

        </wsp:Policy>

      </sp:SupportingTokens>

      </wsp:Policy>

       

      How I can configure jaxws-endpoint-config.xml and web.xml for authenticating UsernameToken with JAAS ????

       

      Thanks in advance