0 Replies Latest reply on Mar 23, 2014 10:14 PM by mpalvankar

    Secure webservice on FUSE ESB

    mpalvankar
    mpalvankar Mar 23, 2014 10:14 PM

      I am trying a secured web service with X.509 security with Apache CXF.

      I have WSDL with WS-SecurityPolicy statements. I have created key pairs for the client and the web service provider.

       

      I have configured the service to decrypt and verify the signature of the SOAP request, and encrypt and sign the SOAP response.

       

      <cxf:cxfEndpoint id="secureServiceConsumer"

        address="http://localhost:8092/cxf/doubleit"

        serviceName="c:DoubleItService"

        serviceClass="org.example.contract.doubleit.DoubleItPortType"

        xmlns:c="http://www.example.org/contract/DoubleIt">

       

        <jaxws:endpoint

              id="doubleit"

              implementor="com.secureservice.demo.DoubleItPortTypeImpl"

              address="http://localhost:8092/cxf/doubleit"

              serviceName="c:DoubleItService"

        xmlns:c="http://www.example.org/contract/DoubleIt"

              >

               <jaxws:properties>

                  <entry key="ws-security.callback-handler">

                      <ref bean="myPasswordCallback"/>

                  </entry>

                  <entry key="ws-security.encryption.properties" value="META-INF/serviceKeystore.properties"/>

                  <entry key="ws-security.signature.properties" value="META-INF/serviceKeystore.properties"/>

                  <entry key="ws-security.encryption.username" value="useReqSigCert"/>

              </jaxws:properties>

             

          </jaxws:endpoint>

      </cxf:cxfEndpoint>

       

      I have configured the SOAP client to encrypt and sign the SOAP request, and decrypt and verify the signature of the SOAP response.

       

      <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItPort" createdFromAPI="true">

                 <jaxws:properties>

                  <entry key="ws-security.callback-handler" value="secureservice.client.ClientKeystorePasswordCallback"/>       

                  <entry key="ws-security.encryption.properties" value="clientKeystore.properties"/>

                  <entry key="ws-security.signature.properties" value="clientKeystore.properties"/>

                  <entry key="ws-security.encryption.username" value="myservicekey"/>

              </jaxws:properties>

      </jaxws:client>

       

      I am getting below exception on invoking the webservice.

      Caused by: org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood.

      • 254 Views
      • Tags: