cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <>
Subject Re: Ensuring CXF soap is behind SSL
Date Tue, 05 Feb 2008 19:28:32 GMT

You may need to write a simple interceptor that would grab the 
HttpServletRequest object out  of the message and checks the security 
stuff.   It shouldn't be too hard to write.

There might be some policy things along with the ws-security stuff that 
could enforce it with the ws-security module, but that would definitely 
cause a performance hit due to the security module dropping to saaj 
mode.   I'm not really sure anyway.   Fred may need to answer that one.


On Tuesday 05 February 2008, wrote:
> I want to make sure any messages not encrypted with SSL are rejected
> by the CXF container. What configuration is neccessary for this?
> I've tried setting the location to an https address but this is
> unsufficient. The only documentation I've found on the subject refers
> to client, not server, configuration.
> ? <wsdl:service name="HelloWorldService">
> ??? <wsdl:port binding="impl:HelloWorldServiceSoapBinding"
> name="HelloWorldService"> ????? <wsdlsoap:address
> location="https://localhost:8080/HelloWorldService"/> ??? </wsdl:port>
> ? </wsdl:service>
> Thanks!
> ______________________________________________________________________
>__ More new features than ever.  Check out the new AOL Mail ! -

J. Daniel Kulp
Principal Engineer, IONA

View raw message