[Wildfly 8.2.0] Securing webservices
romain.brochot May 2, 2016 5:53 AMHi,
I'm trying to secure webservices with a custom policy.
I have no errors when starting Wildfly but the policy is not included in the WSDL.
We have an EAR structure project. The interface is in another JAR (client) and the implementation is in WAR.
I am using this documentation here WS-Security - WildFly 8 - Project Documentation Editor @ "Authentication and authorization"
Interface :
@WebService @SOAPBinding(style = Style.RPC) @Policy( placement = Policy.Placement.BINDING, uri = "WEB-INF/UsernameTokenPolicy.xml", includeInWSDL = true ) public interface MyClassService {
UsernameTokenPolicy.xml :
<?xml version="1.0" encoding="UTF-8" ?> <wsp:Policy wsu:Id="WebServicePolicy" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsp:ExactlyOne> <wsp:All> <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> <wsp:Policy> <sp:HashPassword/> </wsp:Policy> </sp:UsernameToken> </wsp:Policy> </sp:SupportingTokens> </wsp:All> </wsp:ExactlyOne> </wsp:Policy>
Implementation :
@Stateless @WebService( endpointInterface = "[package_name].MyClassService" ) @EndpointConfig( configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint" ) @InInterceptors(interceptors = { "org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingPolicyInterceptor", "org.jboss.test.ws.jaxws.samples.wsse.policy.jaas.POJOEndpointAuthorizationInterceptor"} ) public class MyClassServiceImpl implements MyClassService { [.............] }
jaxws-endpoint-config.xml :
<?xml version="1.0" encoding="UTF-8"?> <jaxws-config xmlns="urn:jboss:jbossws-jaxws-config:4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd"> <endpoint-config> <config-name>Custom WS-Security Endpoint</config-name> <property> <property-name>ws-security.validate.token</property-name> <property-value>false</property-value> </property> </endpoint-config> </jaxws-config>
Thanks in advance