cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf Josephy" <Ralf.Jose...@gmx.de>
Subject Fwd: Implementing Binary Security Token
Date Mon, 28 Sep 2009 08:50:59 GMT
Is this a possible Solution?

http://www.xml.com/pub/a/ws/2004/10/20/wss5.html

Regards,
Ralf

-------- Original-Nachricht --------
Datum: Mon, 28 Sep 2009 09:23:08 +0200
Von: "Ralf Josephy" <Ralf.Josephy@gmx.de>
An: dev@cxf.apache.org
Betreff: Implementing Binary Security Token

Hi,

I am new to your community and maybe I can help you to implement this feature.

I followed the link 

http://www.nabble.com/WS-Security-error-when-using-BinarySecurityToken-td14669528.html

	<bean id="clientFactory2" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
		<property name="serviceClass" value="demo.customer.ContractServicesTMD" />
		<property name="address" value="https://wssecureproxy-ta.customer.de:1443/b2b/vcs01_00/services/b2b-tmd/productservicetmd"
/>
		<property name="outInterceptors">
			<list>
				<bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />
				<ref bean="wss4jOutConfiguration" />
			</list>
		</property>
		<property name="inInterceptors">
			<list>
				<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
				<ref bean="wss4jInConfiguration" />
			</list>
		</property>

	</bean>
	<bean id="wss4jOutConfiguration" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
		<property name="properties">
			<map>
				<entry key="action" value="UsernameToken Timestamp Signature" />
				<entry key="user" value="username" />
				<entry key="passwordType" value="PasswordDigest" />
				<entry key="signaturePropFile" value="client_sign.properties" />
				<entry key="signatureKeyIdentifier" value="DirectReference"/> 
				
				<entry>
					<key>
						<value>passwordCallbackRef</value>
					</key>
					<ref bean="passwordCallback" />
				</entry>
				 <entry key="encryptionPropFile" value="serviceKeystore.properties"/>
				 <entry key="decryptionPropFile" value="serviceKeystore.properties"/>
				 <entry key="encryptionUser" value="useReqSigCert"/>
				 <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
				 
			</map>
		</property>
	</bean>


and I got the following wsse:nonce


</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-F6D3D53C21EB055BCC12538955050082">
<wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-F6D3D53C21EB055BCC12538955050103"><wsse:Reference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
URI="#CertId-F6D3D53C21EB055BCC12538955050011" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-2"><wsu:Created>2009-09-25T16:18:24.997Z</wsu:Created><wsu:Expires>2009-09-25T16:23:24.997Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1"><wsse:Username>cybercon</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">TnHLFsv4i2Z380EYgRLgJ8NcF54=</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">cvauJ+nfdo5UDM85O8nE2Q==</wsse:Nonce><wsu:Created>2009-09-25T16:18:24.996Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body
xmlns:wsu="http:
 //docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-4"><ns5:readNetworkAvailabilityTMD
xmlns:ns2="http://www.telekom.de/tvpp/b2b/schema/tmd/basicobjectmodeltmd_v01_00" xmlns:ns3="http://www.telekom.de/tvpp/b2b/schema/tmd/contractservicestmd_v01_00"
xmlns:ns4="http://www.telekom.de/tvpp/b2b/schema/globalobjectmodel_v01_00" xmlns:ns5="http://telekom.demo/"
xmlns:ns6="http://www.telekom.de/tvpp/b2b/schema/tmd/productservicestmd_v01_00" xmlns:ns7="http://schemas.xmlsoap.org/ws/2004/08/addressing"><arg0><ns4:security><ns4:authentication><ns4:vo>B2B14</ns4:vo><ns4:login>6000600600</ns4:login><ns4:password>#tvpp12345#</ns4:password></ns4:authentication></ns4:security></arg0><arg1
/></ns5:readNetworkAvailabilityTMD></soap:Body></soap:Envelope>



I tested the connection successfully with SOAPUI and copied a part of the raw field.

<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>cJedPMu2zh0W0lC31yO3WzsAxO8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>


My counterpart is a XS40 Datapower, which is full featured.

My first question is in which class is the code implemented?

And my second question is, will you support the feature in the future?


Regards,
Ralf Josephy
-- 
Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 -
sicherer, schneller und einfacher! http://portal.gmx.net/de/go/atbrowser

-- 
GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT!
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01

Mime
View raw message