Hi CXF-User-List, I am new to this list and, to tell the truth, this is the first time I use a mailing list, so please be patient with me :) .
As you probably have understood from the subject, I need help with WS- Security. Unfortunately even though I have read many posts as well as the cxf documentation (and XFire too!), I haven't been able to do as follow. I would like to set up a very simple web service that should feature: 1) authentication 2) encryption 3) signing. My constraints are: I don't really know much about spring and ws- security (a part from what it's capable to do). So my webservice is really simple: I have a SEI (IHelloWorld that is annotated with @WebService) and its implementation (HelloWorldImpl annotated with @WebService(serviceName ...)). My server is this: package com.hw.server; public class Server { public Server(String address, IHelloWorld implementor){ Endpoint.publish(address, implementor); } public static void main(String[] args) throws Exception { System.out.println("Starting server"); String address = "http://localhost:9000/helloWorld"; IHelloWorld implementor = new HelloWorldImpl(); new Server(address, implementor); System.out.println("Server ready"); System.in.read(); } } My client is: package com.hw.client; public class Client { public static void main(String[] args) throws Exception { URL wsdlURL = new URL("http://localhost:9000/helloWorld?wsdl"); QName SERVICE_NAME = new QName("http://server.hw.com/", "HelloWorld"); Service service = Service.create(wsdlURL, SERVICE_NAME); IHelloWorld client = service.getPort(IHelloWorld.class); String result = client.sayHi("to you all!"); System.out.println(result); System.out.println(client.concat("Hello ", " world")); } } I would like to add ws-security so that only a selected numbers of clients can use my very valuable :) web service. So here my doubts come! First I would like not to use spring (as I said, I don't know what- this-spring-thing-is), I would like not to use tomcat or other things (Axis): just pure java api (if it is possible). So could you help me step-by-step? I have read several books regarding SOA but none of them said how to implement WSS just using plain java 6 api. If it is not possible using java 6 api, how can I implement such secure web service with cxf api (wss4jInInterceptor and so on...)? I have read about interceptors, handlers but I haven't understood much. Please CXF-User-List help me, you are my last hope! Thanks in advance! WhiteWolf _______________________________________________ Tiscali.Fax: ricevi gratis sulla tua email e invii a 12 cent per pagina senza scatto alla risposta http://vas.tiscali.it/fax//