ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WSS-645) using WSS4j to genrate WS-SecurityPolicy without CXF
Date Wed, 13 Mar 2019 12:37:00 GMT

    [ https://issues.apache.org/jira/browse/WSS-645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16791647#comment-16791647
] 

Colm O hEigeartaigh commented on WSS-645:
-----------------------------------------

Yes, CXF parses the policy and configures WSS4J appropriately for the streaming case. See
here for example:

https://github.com/apache/cxf/blob/master/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java

> using WSS4j to genrate WS-SecurityPolicy without CXF
> ----------------------------------------------------
>
>                 Key: WSS-645
>                 URL: https://issues.apache.org/jira/browse/WSS-645
>             Project: WSS4J
>          Issue Type: Improvement
>          Components: WSS4J Core
>    Affects Versions: 2.2.2
>            Reporter: Frank Henningsen
>            Assignee: Colm O hEigeartaigh
>            Priority: Minor
>         Attachments: skat-b2b-x509-policy.xml
>
>
> Dear Team WSS4J
> i have a task to sign and encrypt webservices that use a WS-SecurityPolicy (see attachmant)
in a SAP environment where sending/receiving SOAP request is not part of the solution, i only
need to transform/decorate the SOAP requests with WSS for webservices that use a WS-SecurityPolicy.
I would have liked to create a solution that given a WS-SecurityPolicy could use WSS4J to
generate the appropriate WSS header and body, but for reasons i dont understand this is only
possible using CXF.
> CXF use PolicyOutInterceptor (see [http://cxf.apache.org/using-ws-policy-in-cxf-projects)] to decorate
SOAP requests. 
> To me it seems strange that WSS4J has implemented the WS-SecurityPolicy support in another
framework (CXF) so i propose that the WS-SecurityPolicy implementation also should be supported
by the core WSS4J core :)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message