To configuration WSS4JIn/OutInterceptor, you actually have two ways to configure
signature properties(or other wss4j properties) file
1. use signaturePropFile
This generally pass in a url for the properties file, that's could cause problems in OSGi world as it need the properties files available on the classpath of another bundle(cxf or wss4j), but we can't specify all necessary resources for a given bundle(cxf or wss4j) beforehand, so during runtime you could see such
java.lang.RuntimeException: CryptoFactory: Cannot load properties: MyKeystore.properties
As the solution posted in ESB-1245, you need put those properties files in a fragment bundle and attach it to cxf bundle, here cxf bundle play the role as host bundle.
2. use signaturePropRefId instead.
This way you just pass a java.util.Properties or org.apache.ws.security.components.crypto.Crypto object, which works more graceful in OSGi world
Is there any method to define a single bus.xml for all my cxf-bc components, and only one file. jks and keystore.properties ?
Just a note on option 1:
I've got a fragment bundle with the requisite security artifacts as part of a feature definition. The feature installed fine on FUSE 4.3.x, and the CXF bundle got refreshed automatically to pick up the fragment. On FUSE ESB 4.4, there's now a problem installing the feature:
...where 281 is the id of the security fragment bundle. I suspect (perhaps wrongly) that this may be related to the new "You are about to access system bundle ..." console behaviour that requires confirmation. If I put the security fragment bundle in the deploy directory, and refresh the CXF bundle, type yes at the prompt - the fragment is properly attached with no error.
I can then remove the security bundle entry from the feature file, and the feature installs properly thereafter.
I think the error comes from that when you install the feature which have the fragment bundle, the CXF bundle not get installed yet, so that run into such error. You can add cxf feature in your customer feature also which ensure CXF bundle get installed when install your customer feature.
Besides the fragment bundle way to pick properties, I really recommend the way to use
signaturePropRefId in OSGi container(The option2 I mentioned before, which is more graceful in OSGi container), the configuration looks like
I have made ​​this choice and is the most correct. The problem is that it can not find the path specified in $ . I am using fuse esb 4.4.1 .
What is the problem?
I guess you use signaturePropRefId way, right?
If so, you need put $ in your bundle, for an instance, the $ is server-truststore.jks, then you need have something like
in your bundle.
You can not outsource and use one common to several services?
Yes, you can.
For example if you put server-truststore.jks in $FUSE_ESB/etc folder, then you can use
No, I've tried but not working. Do I need defined any environment variables in fuse?
It works for me?
How you start FUSE ESB?
I start FUSE ESB like
I've tried it on multiple machines, and only works in one machine.
Are those two machines on the same OS/JVM/... versions? If not, it would be good to know about the differences so we can start looking at a platform-specific issue for that particular setup.