4 Replies Latest reply on Mar 26, 2010 10:38 AM by blahblah

    WS Security Policy

    blahblah
    blahblah Mar 25, 2010 4:40 PM

      I was wondering does the cxfse or cxfbc support ws security policy w/ a password callback instead of wss4j interceptors method?  And where would I place the callback at the se or bc?  An example would be much appreciated, since I'm a total noob at this.  I've done a cxf jaxws with ws-security policy, but with all the spring tags they really don't match well with the cxfse stuff. 

       

      Thanks

      • 64 Views
      • Tags:
        • 1. Re: WS Security Policy
          ffang
          ffang Mar 25, 2010 11:54 PM (in response to blahblah)

          Hi,

           

          You can only configure the policy through cxf bc. As Binding Component is the place to handle external protocol (ws-security over soap in this case).

           

          Cxf Se is inside JBI container and there's no such concept of ws-security.

           

          Freeman

            • Actions
          • 2. Re: WS Security Policy
            blahblah
            blahblah Mar 26, 2010 9:24 AM (in response to ffang)

            I figured it was something like that. So I have to configure an inInterceptor for the BC, right?   Also do you know of what is the general practice of passing along the credentials from ws-security to the SE, or how can the SE retrieve the username?

             

            Thanks

              • Actions
            • 3. Re: WS Security Policy
              ffang
              ffang Mar 26, 2010 9:38 AM (in response to blahblah)

              Hi,

               

              You can configure interceptors on cxf bc endpoint directly or configure it in a cxf configuration file, same as you do for standalone cxf, and pass this file as busCfg attribute for cxf bc endpoint.

               

              Generally we delegate the wss4j UsernameToken auth to smx jaas service, so that you can configure which user can access which endpoint in smx, you may need take a look at cxf-ws-security example shipped with FUSE ESB 3.x.

               

              Freeman

                • Actions
              • 4. Re: WS Security Policy
                blahblah
                blahblah Mar 26, 2010 10:38 AM (in response to ffang)

                Oh man, its getting crazy complicated now.  We're trying to do WS-Security Policy, which i thought was different from just WS-Security as it doesn't use WSS4JInterceptors, and seems much more intuitive and simpler.  We're also deploying on 4.x, which doesn't have the sample ws-security sample. go figure.

                  • Actions