[ https://issues.apache.org/jira/browse/WSS-645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16791647#comment-16791647
]
Colm O hEigeartaigh commented on WSS-645:
-----------------------------------------
Yes, CXF parses the policy and configures WSS4J appropriately for the streaming case. See
here for example:
https://github.com/apache/cxf/blob/master/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxOutInterceptor.java
> using WSS4j to genrate WS-SecurityPolicy without CXF
> ----------------------------------------------------
>
> Key: WSS-645
> URL: https://issues.apache.org/jira/browse/WSS-645
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 2.2.2
> Reporter: Frank Henningsen
> Assignee: Colm O hEigeartaigh
> Priority: Minor
> Attachments: skat-b2b-x509-policy.xml
>
>
> Dear Team WSS4J
> i have a task to sign and encrypt webservices that use a WS-SecurityPolicy (see attachmant)
in a SAP environment where sending/receiving SOAP request is not part of the solution, i only
need to transform/decorate the SOAP requests with WSS for webservices that use a WS-SecurityPolicy.
I would have liked to create a solution that given a WS-SecurityPolicy could use WSS4J to
generate the appropriate WSS header and body, but for reasons i dont understand this is only
possible using CXF.
> CXF use PolicyOutInterceptor (see [http://cxf.apache.org/using-ws-policy-in-cxf-projects)] to decorate
SOAP requests.
> To me it seems strange that WSS4J has implemented the WS-SecurityPolicy support in another
framework (CXF) so i propose that the WS-SecurityPolicy implementation also should be supported
by the core WSS4J core :)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
|