I answered my own question. I needed to add placement as SERVICE
@Policies({
@Policy(uri = "wsdl/usernamepassword.xml", placement =
Policy.Placement.SERVICE)
})
Now enforces the security restrictions.
On Tue, Feb 14, 2012 at 1:20 PM, Jason Pell <[email protected]> wrote:
> Is there documentation on this? I can't seem to get the username
> token to validate. I have copied the policy from the ut_policy sample
> and when I ran the ut_policy sample it certainly worked.
>
> I have actually added my files to the ut_policy to provide as simple
> example as possible.
>
> Attached is a zip - unzip into the root of the cxf source. This will
> add / modify some files to the
> distribution/src/main/release/samples/ws_security/ut_policy sample
> project
>
> Then just do the standard mvn install, mvn -Pserver
>
> There is a new service:
>
> https://localhost:9001/SecurityService
>
> And from soapui you can execute the service without any username token
> even though I use the same policy details as for the GreeterImpl
> service.
>
> I am not sure what I am doing wrong, or how to go about debugging this
>
> I will continue to play around with it, but any hints about how I can
> get my policy file to be enforced would be appreciated.
>
> Thanks
>
> On Tue, Feb 14, 2012 at 6:15 AM, Daniel Kulp <[email protected]> wrote:
>> On Monday, February 13, 2012 11:14:02 AM Jason Pell wrote:
>>> Hi,
>>>
>>> I use all java first web services and cannot change to contract first...
>>>
>>> However my understanding is that i will have difficulty using the new STS
>>> and ws-trust facility in cxf 2.5 with java first.
>>>
>>> I also do not use ws-policy for my web services, which is something i will
>>> change if i can define ws-policy with java first web services.
>>>
>>> Whats the best way to move forward with ws-trust and java first web
>>> services (jax-ws)?
>>>
>>> Or am i completely screwed?
>>
>> With the recent versions of CXF, you can do all of this with Java first as
>> well. The WS-Trust stuff does require a WS-SecurityPolicy fragment, but you
>> can use the @Policy annotation on the SEI interface (or impl) to attache
>> policy fragments to the service. The rest of the configuration and such
>> would be exactly the same.
>>
>>
>> --
>> Daniel Kulp
>> [email protected] - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
