-
1. Re: WS Security Policy
ffang Mar 25, 2010 11:54 PM (in response to blahblah)Hi,
You can only configure the policy through cxf bc. As Binding Component is the place to handle external protocol (ws-security over soap in this case).
Cxf Se is inside JBI container and there's no such concept of ws-security.
Freeman
-
2. Re: WS Security Policy
blahblah Mar 26, 2010 9:24 AM (in response to ffang)I figured it was something like that. So I have to configure an inInterceptor for the BC, right? Also do you know of what is the general practice of passing along the credentials from ws-security to the SE, or how can the SE retrieve the username?
Thanks
-
3. Re: WS Security Policy
ffang Mar 26, 2010 9:38 AM (in response to blahblah)Hi,
You can configure interceptors on cxf bc endpoint directly or configure it in a cxf configuration file, same as you do for standalone cxf, and pass this file as busCfg attribute for cxf bc endpoint.
Generally we delegate the wss4j UsernameToken auth to smx jaas service, so that you can configure which user can access which endpoint in smx, you may need take a look at cxf-ws-security example shipped with FUSE ESB 3.x.
Freeman
-
4. Re: WS Security Policy
blahblah Mar 26, 2010 10:38 AM (in response to ffang)Oh man, its getting crazy complicated now. We're trying to do WS-Security Policy, which i thought was different from just WS-Security as it doesn't use WSS4JInterceptors, and seems much more intuitive and simpler. We're also deploying on 4.x, which doesn't have the sample ws-security sample. go figure.