0 Replies Latest reply on May 16, 2013 2:22 AM by Joseph Hwang

    My ws-security setting doesn't work.

    Joseph Hwang Novice

      My WS-security reference site is https://docs.jboss.org/author/display/JBWS/WS-Security.

       

      I coded interface and bean like below :

       

      @WebService
      public interface IHelloPort {

      @WebMethod
      @WebResult
      public String sayHello(@WebParam String name);
      }

       

      @WebService
      @EndpointConfig(configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint")
      public class HelloBean implements IHelloPort {

      @Override
      @WebMethod
      @WebResult
      public String sayHello(@WebParam String name) {
        // TODO Auto-generated method stub
        return "Hello " + name;
      }

      }

       

      Then I generated WEB-INF/jaxws-endpoint-config.xml

       

      <jaxws-config xmlns="urn:jboss:jbossws-jaxws-config:4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance
      xmlns:javaee="http://java.sun.com/xml/ns/javaee"
      xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">

        <endpoint-config>   
         <config-name>Custom WS-Security Endpoint</config-name>   
         <property>     
          <property-name>ws-security.signature.properties</property-name>     
          <property-value>${jboss.server.config.dir}/wssecurity.properties</property-value>   
         </property>   
        
         <property>     
          <property-name>ws-security.encryption.properties</property-name>     
          <property-value>${jboss.server.config.dir}/wssecurity.properties</property-value>   
         </property>   
        
         <property>     
          <property-name>ws-security.signature.username</property-name>     
          <property-value>joseph</property-value>   
         </property>   
        
         <property>     
          <property-name>ws-security.encryption.username</property-name>     
          <property-value>joseph</property-value>   
         </property>   
        
         <property>     
          <property-name>ws-security.callback-handler</property-name>     
          <property-value>com.aaa.ws.KeystorePasswordCallback</property-value>   
         </property> 
        </endpoint-config>
      </jaxws-config>

       

      Next I made ${jboss.server.config.dir}/wssecurity.properties and KeystorePasswordCallback.java like below

       

      -- wssecurity.properties

      org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin

      org.apache.ws.security.crypto.merlin.keystore.type=jks

      org.apache.ws.security.crypto.merlin.keystore.password=111111

      org.apache.ws.security.crypto.merlin.keystore.alias=testWSssl

      org.apache.ws.security.crypto.merlin.keystore.file=${jboss.server.config.dir}/jboss7ssl.jks

       

      -- KeystorePasswordCallback.java

      public class KeystorePasswordCallback implements CallbackHandler {

      private Map<String, String> passwords = new HashMap<String, String>();

      public KeystorePasswordCallback() {
        passwords.put("joseph", "11111");

       

      }

       

      @Override
      public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
        // TODO Auto-generated method stub
         for (int i = 0; i < callbacks.length; i++) {
          WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
          String pass = passwords.get(pc.getIdentifier());
         
         if (pass != null) {           
           pc.setPassword(pass);
           return;
         }
        }
      }


      public void setAliasPassword(String alias, String password) {
        passwords.put(alias, password);
      }

      }

       

      Last I generated jboss7ssl.jks file with keytool command

       

      keytool -genkey -alias testWSssl -keystore jboss7ssl.jks -keyalg RSA -validity 180

       

      Deployment threw no exception. But WS-security encryption was not applied to wsdl. Generated soap file was just plain xml file.

      WS-security encryption setting doesn't work. Did i miss anything?

       

      I need your advice. Thanks in advanced !