Hi, It does not seem to work for much other than SERVICE. I have not tested all combinations so far, but so far all I have managed to have working is SERVICE.
I am now trying to associate Policy with one operation, while another operation has no ws-security requirements at all. I have tried BINDING_OPERATION, PORT_TYPE_OPERATION, neither of which work. Am certainly looking forward to your analysis. If you could point me in the right direction of the code I would need to look at as I am interested to understand this area of cxf as well Thanks Jason On Tue, Feb 14, 2012 at 1:34 PM, Daniel Kulp <[email protected]> wrote: > On Tuesday, February 14, 2012 1:28:02 PM Jason Pell wrote: >> I answered my own question. I needed to add placement as SERVICE >> >> @Policies({ >> @Policy(uri = "wsdl/usernamepassword.xml", placement = >> Policy.Placement.SERVICE) >> }) >> >> Now enforces the security restrictions. > > Hmmm.... that could potentially be a bug. Placement.BINDING should also > work. The policy is appearing fine in the WSDL (see the ?wsdl) with BINDING > so it should be enforced. I'll have to experiment a bit more with it > tomorrow. > > Dan > > >> >> On Tue, Feb 14, 2012 at 1:20 PM, Jason Pell <[email protected]> wrote: >> > Is there documentation on this? I can't seem to get the username >> > token to validate. I have copied the policy from the ut_policy sample >> > and when I ran the ut_policy sample it certainly worked. >> > >> > I have actually added my files to the ut_policy to provide as simple >> > example as possible. >> > >> > Attached is a zip - unzip into the root of the cxf source. This will >> > add / modify some files to the >> > distribution/src/main/release/samples/ws_security/ut_policy sample >> > project >> > >> > Then just do the standard mvn install, mvn -Pserver >> > >> > There is a new service: >> > >> > https://localhost:9001/SecurityService >> > >> > And from soapui you can execute the service without any username token >> > even though I use the same policy details as for the GreeterImpl >> > service. >> > >> > I am not sure what I am doing wrong, or how to go about debugging this >> > >> > I will continue to play around with it, but any hints about how I can >> > get my policy file to be enforced would be appreciated. >> > >> > Thanks >> > >> > On Tue, Feb 14, 2012 at 6:15 AM, Daniel Kulp <[email protected]> wrote: >> >> On Monday, February 13, 2012 11:14:02 AM Jason Pell wrote: >> >>> Hi, >> >>> >> >>> I use all java first web services and cannot change to contract first... >> >>> >> >>> However my understanding is that i will have difficulty using the new >> >>> STS >> >>> and ws-trust facility in cxf 2.5 with java first. >> >>> >> >>> I also do not use ws-policy for my web services, which is something i >> >>> will >> >>> change if i can define ws-policy with java first web services. >> >>> >> >>> Whats the best way to move forward with ws-trust and java first web >> >>> services (jax-ws)? >> >>> >> >>> Or am i completely screwed? >> >> >> >> With the recent versions of CXF, you can do all of this with Java first >> >> as >> >> well. The WS-Trust stuff does require a WS-SecurityPolicy fragment, but >> >> you can use the @Policy annotation on the SEI interface (or impl) to >> >> attache policy fragments to the service. The rest of the configuration >> >> and such would be exactly the same. >> >> >> >> >> >> -- >> >> Daniel Kulp >> >> [email protected] - http://dankulp.com/blog >> >> Talend Community Coder - http://coders.talend.com > -- > Daniel Kulp > [email protected] - http://dankulp.com/blog > Talend Community Coder - http://coders.talend.com
