Hi Wendy, Not having tried this in CXF but have done this in WLS and spent significant time with WS-Security/XML Digital Signature. Within the XML Digital Signature, there are several ways you can specify the location of a token. If you check out the Apache WSS4J project which is what CXF appears to utilize, it supports the X509 Token Profile. Within the following link in section 3.2,
http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-x509TokenProfile.pdf you will see the following bullet: "Reference to a Binary Security Token The <wsse:SecurityTokenReference> element contains a wsse:Reference> element that references a local <wsse:BinarySecurityToken> element or a remote data source that contains the token data itself." So long story short, I would look into the WSS4J implementation in CXF as a starter. On Mon, Jan 16, 2012 at 8:50 PM, cxfnewbie <wai....@aero.org> wrote: > Hi, > > I'm trying to add a X.509 security token or binary token in the header of a > soap message using CXF. Most examples that I see using x.509 is for > signing > or encrypting the message with x.509 certificate. I'm interested in adding > an X 509 token the same way a SAML token would be added. I noticed that > CXF > only supports timestamp, username and saml token with x509 support for > signing and encrypting, or at least from the website. Does anyone know of > any way to do what I'm asking for? I noticed there is a CXF ticket for > adding x 509 token, but I don't know if it's been developed or not. > > I also found some suggestions on manually adding the 509 token in the soap > message using soap factory. I may have to resort to doing that if nothing > is built in, but it would be nice if there is a way for me to just > configure > cxf to do so. > > Thanks, > Wendy > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/x-509-security-token-tp5150380p5150380.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Chris Riley, Partner HKM Consulting LLC (o) 774.553.5314 (m) 508.273.3102 (f) 774.553.5316
