cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From martin <skumle...@gmail.com>
Subject WS-Security policy not being enabled in CXF
Date Fri, 24 Feb 2012 09:38:24 GMT
Hello.
I need help with making my WS-SecurityPolicy behave. I have a beginner-level
knowledge concerning CXF and web-services in general. Im pretty sure i
understand all the concepts but i have very little practical experience
(yet).

My problem is this. I have a running java2wsdl webservice that I have
compiled and tested. It works fine. Now i want to add a security policy to
the webservice that signs and encrypts all traffic. So modify my beans file
to this:


<beans xmlns="http://www.springframework.org/schema/beans"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns:jaxws="http://cxf.apache.org/jaxws"
      xmlns:soap="http://cxf.apache.org/bindings/soap"
      xsi:schemaLocation="
         http://www.springframework.org/schema/beans
         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
         http://cxf.apache.org/jaxws
         http://cxf.apache.org/schemas/jaxws.xsd">


    <jaxws:endpoint
        id="LoginService"
        implementor="orgserver.services.Login"
        address="/Login">
    
    <jaxws:properties>
      <entry key="ws-security.signature.properties"
value="server-crypto.properties"/>
      <entry key="ws-security.encryption.properties"
value="server-crypto.properties"/>
      <entry key="ws-security.signature.username" value="myservicekey"/>
      <entry key="ws-security.encryption.username" value="useReqSigCert"/>
      <entry key="ws-security.callback-handler"
          value="orgserver.common.services.ServerCallback"/>
    </jaxws:properties>

    </jaxws:endpoint>
</beans>

I double and triple checked that all the files are where they are supposed
to be, and tomcat lets me deploy without errors. But then i use my old test
client (Without any kind of security) to contact the web service, and I
still get a reply.

What I need is to make the signing and encryption mandatory, so the
web-server will only handle requests with the propper signature and
encryption, but how do i do that? 
Do I need to change the WSDL in order to make the security policy kick in?

Oh and here is the WSDL. No security elements in there, as the wsdl is
generated from the java code.

<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="LoginService"
targetNamespace="http://localhost:8080/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:tns="http://localhost:8080/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
  <wsdl:types>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:tns="http://localhost:8080/" elementFormDefault="unqualified"
targetNamespace="http://localhost:8080/" version="1.0">
<xs:element name="Login" type="tns:Login"/>
<xs:element name="LoginResponse" type="tns:LoginResponse"/>
<xs:complexType name="Login">
<xs:sequence>
<xs:element minOccurs="0" name="username" type="xs:string"/>
<xs:element minOccurs="0" name="password" type="xs:string"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="LoginResponse">
<xs:sequence>
<xs:element minOccurs="0" name="Token" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:schema>
  </wsdl:types>
  <wsdl:message name="Login">
    <wsdl:part name="parameters" element="tns:Login">
    </wsdl:part>
  </wsdl:message>
  <wsdl:message name="LoginResponse">
    <wsdl:part name="parameters" element="tns:LoginResponse">
    </wsdl:part>
  </wsdl:message>
  <wsdl:portType name="LoginService">
    <wsdl:operation name="Login">
      <wsdl:input name="Login" message="tns:Login">
    </wsdl:input>
      <wsdl:output name="LoginResponse" message="tns:LoginResponse">
    </wsdl:output>
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="LoginServiceSoapBinding" type="tns:LoginService">
    <soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
    <wsdl:operation name="Login">
      <soap:operation soapAction="" style="document"/>
      <wsdl:input name="Login">
        <soap:body use="literal"/>
      </wsdl:input>
      <wsdl:output name="LoginResponse">
        <soap:body use="literal"/>
      </wsdl:output>
    </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="LoginService">
    <wsdl:port name="LoginServicePort"
binding="tns:LoginServiceSoapBinding">
      <soap:address location="http://localhost:9090/LoginServicePort"/>
    </wsdl:port>
  </wsdl:service>
</wsdl:definitions>

Request and response

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:loc="http://localhost:8080/">
   <soapenv:Header/>
   <soapenv:Body>
      <loc:Login>
         
         <username>baseuser</username>
         
         <password>baseuser</password>
      </loc:Login>
   </soapenv:Body>
</soapenv:Envelope>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Body>
      <ns2:LoginResponse xmlns:ns2="http://localhost:8080/">
         <Token>4ec89454-2d00-419e-bbaa-a780d205dfc1</Token>
      </ns2:LoginResponse>
   </soap:Body>
</soap:Envelope>

--
View this message in context: http://cxf.547215.n5.nabble.com/WS-Security-policy-not-being-enabled-in-CXF-tp5512177p5512177.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message