All geek questions in one place

Sign and encrypt SOAP messages with Apache CXF

I am trying to write a Secure Hello World web service using Apache CXF; I should note that I'm a little new to Java and WS- * stuff.

Basically, what I want to do is a hello-world web service with messages for soap and with this web service signed and encrypted using x.509 certificate .

I already read a tutorial on the Apache CXF website about WS-Security , but; I want to use WS-SecurityPolicy instead of Interceptors.

Can someone point me in the right direction?

+3
source share
2 answers

Apache CXF: X.509 SOAP Apache CXF ( WS-SecurityPolicy)

, WS-SecurityPolicy Method.

EDIT: ​​ , ​​ .

WS-SecurityPolicy CXF, .

( ), WS-SecurityPolicy CXF, CXF, cxf.xml cxf-servlet.xml:

cxf.xml

   <jaxws:client name="{http://myport" createdFromAPI="true">
            <!-- You will need to add the corresponding values to a properties file -->
            <jaxws:properties>
                <entry key="ws-security.callback-handler" value="client.ClientKeystorePasswordCallback"/>        
                <entry key="ws-security.encryption.properties" value=keystore.properties"/>
                <entry key="ws-security.signature.properties" value="keystore.properties"/>
                <entry key="ws-security.encryption.username" value="myservicekey"/>
            </jaxws:properties>

CXF-servlet.xml

  <jaxws:properties>
            <entry key="ws-security.callback-handler">
                <ref bean="myPasswordCallback"/>
            </entry>
            <entry key="ws-security.encryption.properties" value="serviceKeystore.properties"/>
            <entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
            <entry key="ws-security.encryption.username" value="useReqSigCert"/>
        </jaxws:properties>
+4

- HTTP, , HTTPS.

, : - JAX-WS SSL

JAX-WS, , Apache CXF.

.

0

Source: https://habr.com/ru/post/1765628/

More articles:


All Articles