0 Replies Latest reply on Jan 10, 2017 3:09 PM by Gregory McDonald

    JAX-WS WS-Security POJO Web App Client Configuration

    Gregory McDonald Newbie

      I am having trouble getting WS Security configured for a web app based client.  Basically, I need to know what are the configuration files/annotations, and where they need to be placed?

       

      I have a WSDL with a security policy configured and the same WSDL without a security policy.  Using JBoss Developer Studio 10.2.0 GA, I generated a JAX-WS server, JAX-WS web app POJO client and an Apache CXF standalone POJO client with and without the security policy.  The web app POJO clients were created as a part of generating the server by right clicking on the server projects, New --> Other... --> Web Service. Likewise, the standalone POJO clients were generated by right clicking on the client project, New --> Other... --> Web Service Client.

       

      I have successfully gotten the no WS Security standalone and web clients to work with their server and the WS Security enabled standalone client working with its server.  So, I know the WS Security enabled server is properly working, and aside from my WS Security problems, the web client works.  For the standalone clients, I am using an external copy of Apache CXF version 3.1.8.

       

      For reverence, the working WS Security standalone client is configured with a cxf.xml:

       

      <beans xmlns="http://www.springframework.org/schema/beans"

         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xmlns:jaxws="http://cxf.apache.org/jaxws"

         xsi:schemaLocation="http://www.springframework.org/schema/beans

         http://www.springframework.org/schema/beans/spring-beans.xsd

         http://cxf.apache.org/jaxws

         http://cxf.apache.org/schemas/jaxws.xsd">

       

          <jaxws:client name="{http://localhost:8080/imswsdl/}MyTransactionServicePort"

             createdFromAPI="true">

              <jaxws:properties>

                  <entry key="ws-security.callback-handler" value="ims.clientsample.ClientKeystorePasswordCallback"/>       

                  <entry key="ws-security.encryption.properties" value="clientKeystore.properties"/>

                  <entry key="ws-security.signature.properties" value="clientKeystore.properties"/>

                  <entry key="ws-security.encryption.username" value="myservicekey"/>

              </jaxws:properties>

          </jaxws:client>

      </beans>

       

      And, the clientKeystore.properties:

       

      org.apache.ws.security.crypto.merlin.keystore.file=clientKeystore.jks

      org.apache.ws.security.crypto.merlin.keystore.password=password

      org.apache.ws.security.crypto.merlin.keystore.type=jks

      org.apache.ws.security.crypto.merlin.keystore.alias=myclientkey

       

      I found a post in the forum on this subject: https://developer.jboss.org/thread/152040  The key part of the code is:

       

      URL securityURL = Main.class.getResource("META-INF/jboss-wsse-client.xml"); 

           

      ((StubExt) port).setSecurityConfig(securityURL.toExternalForm()); 

      ((StubExt) port).setConfigName("Standard WSSecurity Client", "META-INF/standard-jaxws-client-config.xml");

       

      Unfortunately, my copy of JBoss, version 7.0.0 GA, does not have StubExt defined in any of the JARs within it.  Since the other post was from 2010, I am thinking this way of configuration was removed from JBoss in favor of something better?