Thanks Glenn, Do you know some examples of WS-SecPol only?
What I did is set some properties in the request context that I saw in the
documentation http://cxf.apache.org/docs/ws-securitypolicy.html .
Funny thing is that cxf asks for this property below:
Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
ctx.put("ws-security.token", new SecurityToken());
which isnt wrote in the documentation. Do you have any ideia which token
should I put there?
Best Regards,
Nícolas Fontenele
-----Mensagem original-----
De: Glen Mazza [mailto:[email protected]]
Enviada: terça-feira, 28 de agosto de 2012 16:43
Para: [email protected]
Assunto: Re: Using cxf with X509v3 certificates
From your earlier email you're using WS-SecurityPolicy in your WSDL, so you
shouldn't be using the WSS4J Out/In interceptors--that's strictly for
non-WS-SecPol use.
Glen
On 08/28/2012 03:28 PM, Nícolas Fontenele wrote:
> Im also adding my code here .
> Thanks!!
>
> public class Client {
>
> private static final String WSU_NS =
> "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-ut
> ility-
> 1.0.xsd";
>
> public static void main(String args[]) {
>
> try {
> // 02c6b75f-5fc8-4c05-a79f-78fa1ded10e1
> WSS4JOutInterceptor wssOut = createOutProperties();
> WSS4JInInterceptor wssIn = createInProperties();
>
> SecGtwService service = new SecGtwService(
> new java.net.URL(
>
> "http://nrio083fcom.develop.net/services/SecureGateway/CalypsoGatewayC
> ert/Se
> cGtwServiceHost.svc?wsdl"));
> ISecGtwServiceContract port =
> service.getCertificateEndPoint();
>
> org.apache.cxf.endpoint.Client client =
> ClientProxy.getClient(port);
>
> client.getInInterceptors().add(wssIn);
> client.getOutInterceptors().add(wssOut);
>
> Map<String, Object> ctx = ((BindingProvider) port)
> .getRequestContext();
>
> ctx.put("ws-security.token", new SecurityToken());
> System.out.println(port.whoIAm());
>
> } catch (MalformedURLException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> }
>
> }
>
> private static WSS4JInInterceptor createInProperties() {
> Map<String, Object> inProps = new HashMap<String, Object>();
> inProps.put(WSHandlerConstants.ACTION,
> "UsernameToken Timestamp Signature Encrypt");
> inProps.put("passwordType", "PasswordText");
> inProps.put("passwordCallbackClass",
> ClientPasswordCallback.class.getName());
> inProps.put("decryptionPropFile", "etc/client_enc.properties");
> inProps.put("encryptionKeyIdentifier", "IssuerSerial");
>
> inProps.put("signaturePropFile", "etc/client_sign.properties");
> inProps.put("signatureKeyIdentifier", "DirectReference");
>
> return new WSS4JInInterceptor(inProps);
>
> }
>
> private static WSS4JOutInterceptor createOutProperties() {
> Map<String, Object> outProps = new HashMap<String, Object>();
> outProps.put(WSHandlerConstants.ACTION,
> "UsernameToken Timestamp Signature Encrypt");
> outProps.put("passwordType", "PasswordDigest");
>
> outProps.put(WSHandlerConstants.USER,
> "02c6b75f-5fc8-4c05-a79f-78fa1ded10e1");
> outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> ClientPasswordCallback.class.getName());
>
> outProps.put("encryptionUser", "pub");
> outProps.put(WSHandlerConstants.ENC_PROP_FILE,
> "etc/client_enc.properties");
>
> outProps.put("encryptionKeyIdentifier", "IssuerSerial");
> outProps.put("encryptionParts", "{Element}{" + WSU_NS +
> "}Timestamp;"
> + "{Content}" +
> "{http://www.w3.org/2003/05/soap-envelope}Body";);
>
> outProps.put(WSHandlerConstants.SIG_PROP_FILE,
> "etc/client_sign.properties");
>
> outProps.put("signatureKeyIdentifier", "DirectReference");
> outProps.put("signatureParts", "{Element}{" + WSU_NS + "}Timestamp;"
> + "{Element}" +
> "{http://www.w3.org/2003/05/soap-envelope}Body";);
>
> return new WSS4JOutInterceptor(outProps);
>
> }
>
> -----Mensagem original-----
> De: Nícolas Fontenele [mailto:[email protected]]
> Enviada: terça-feira, 28 de agosto de 2012 15:11
> Para: [email protected]; [email protected]
> Assunto: RE: Using cxf with X509v3 certificates
>
> Thanks for the answer, I'll paste wsdl here.
> What I have been trying is use wss4j interceptors as I can see in some
> examples.
> I imported both certificates on my keystore and I can see debugging
> that the password handler get the keys from that.
> My problem right now is that CXF is expecting an initial token ( of a
> class SecurityToken ) on the request context property
> ''ws-security.token''. I saw it debugging.
> Is correct to use this property?
> I saw in ws security samples that only set properties on the
> interceptors and not in the requestcontext of the client.
> And if this behavior is correct, How can I create this token? Should
> I use another property?
>
> Wsdl is below, any idea?
> Thanks!
>
> <?xml version="1.0" encoding="utf-8"?> <wsdl:definitions
> xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy";
> xmlns:wsa10="http://www.w3.org/2005/08/addressing";
> xmlns:tns="http://tempuri.org/";
> xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract";
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/";
> xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex";
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
> xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata";
> xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/";
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl";
> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
> ecurit y-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> name="SecGtwService" targetNamespace="http://tempuri.org/";
> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";>
> <wsp:Policy wsu:Id="CertificateEndPoint_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SymmetricBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:SecureConversationToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/
> Includ
> eToken/AlwaysToRecipient">
> <wsp:Policy>
> <sp:RequireDerivedKeys />
> <sp:BootstrapPolicy>
> <wsp:Policy>
> <sp:SignedParts>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts>
> <sp:Body />
> </sp:EncryptedParts>
> <sp:SymmetricBinding>
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <mssp:SslContextToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/
> Includ
> eToken/AlwaysToRecipient"
> xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:RequireDerivedKeys />
> <mssp:RequireClientCertificate />
> </wsp:Policy>
> </mssp:SslContextToken>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256 />
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict />
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp />
> <sp:EncryptSignature />
> <sp:OnlySignEntireHeadersAndBody />
> </wsp:Policy>
> </sp:SymmetricBinding>
> <sp:Wss11>
> <wsp:Policy />
> </sp:Wss11>
> <sp:Trust10>
> <wsp:Policy>
> <sp:MustSupportIssuedTokens />
> <sp:RequireClientEntropy />
> <sp:RequireServerEntropy />
> </wsp:Policy>
> </sp:Trust10>
> </wsp:Policy>
> </sp:BootstrapPolicy>
> </wsp:Policy>
> </sp:SecureConversationToken>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256 />
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict />
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp />
> <sp:EncryptSignature />
> <sp:OnlySignEntireHeadersAndBody />
> </wsp:Policy>
> </sp:SymmetricBinding>
> <sp:Wss11
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy />
> </sp:Wss11>
> <sp:Trust10
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:MustSupportIssuedTokens />
> <sp:RequireClientEntropy />
> <sp:RequireServerEntropy />
> </wsp:Policy>
> </sp:Trust10>
> <wsaw:UsingAddressing />
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsp:Policy
wsu:Id="CertificateEndPoint_AuthenticateService_Input_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsp:Policy
> wsu:Id="CertificateEndPoint_AuthenticateService_output_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsp:Policy
> wsu:Id="CertificateEndPoint_ValidadeTokenService_Input_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsp:Policy
> wsu:Id="CertificateEndPoint_ValidadeTokenService_output_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsp:Policy wsu:Id="CertificateEndPoint_WhoIAm_Input_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsp:Policy wsu:Id="CertificateEndPoint_WhoIAm_output_policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> <sp:Header Name="To"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="From"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="FaultTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="ReplyTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="MessageID"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="RelatesTo"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> <sp:Header Name="Action"
> Namespace="http://www.w3.org/2005/08/addressing"; />
> </sp:SignedParts>
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body />
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <wsdl:types>
> <xsd:schema targetNamespace="http://tempuri.org/Imports";>
> <xsd:import
> schemaLocation="http://nrio0230dco.pactual.net/services/SecureGateway/
> Calyps oGatewayCert/SecGtwServiceHost.svc?xsd=xsd0"
> namespace="http://tempuri.org/";
> />
> <xsd:import
> schemaLocation="http://nrio0230dco.pactual.net/services/SecureGateway/
> Calyps oGatewayCert/SecGtwServiceHost.svc?xsd=xsd1"
> namespace="http://schemas.microsoft.com/2003/10/Serialization/"; />
> <xsd:import
> schemaLocation="http://nrio0230dco.pactual.net/services/SecureGateway/
> Calyps oGatewayCert/SecGtwServiceHost.svc?xsd=xsd2"
> namespace="http://schemas.datacontract.org/2004/07/Pactual.SecureGatew
> ay.Ser
> vices.Contracts" />
> </xsd:schema>
> </wsdl:types>
> <wsdl:message
> name="ISecGtwServiceContract_AuthenticateService_InputMessage">
> <wsdl:part name="parameters" element="tns:AuthenticateService" />
> </wsdl:message>
> <wsdl:message
> name="ISecGtwServiceContract_AuthenticateService_OutputMessage">
> <wsdl:part name="parameters"
element="tns:AuthenticateServiceResponse"
> />
> </wsdl:message>
> <wsdl:message
> name="ISecGtwServiceContract_ValidadeTokenService_InputMessage">
> <wsdl:part name="parameters" element="tns:ValidadeTokenService" />
> </wsdl:message>
> <wsdl:message
> name="ISecGtwServiceContract_ValidadeTokenService_OutputMessage">
> <wsdl:part name="parameters"
element="tns:ValidadeTokenServiceResponse"
> />
> </wsdl:message>
> <wsdl:message name="ISecGtwServiceContract_WhoIAm_InputMessage">
> <wsdl:part name="parameters" element="tns:WhoIAm" />
> </wsdl:message>
> <wsdl:message name="ISecGtwServiceContract_WhoIAm_OutputMessage">
> <wsdl:part name="parameters" element="tns:WhoIAmResponse" />
> </wsdl:message>
> <wsdl:portType name="ISecGtwServiceContract">
> <wsdl:operation name="AuthenticateService">
> <wsdl:input
>
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/AuthenticateService";
> message="tns:ISecGtwServiceContract_AuthenticateService_InputMessage" />
> <wsdl:output
> wsaw:Action="http://tempuri.org/ISecGtwServiceContract/AuthenticateSer
> viceRe
> sponse"
> message="tns:ISecGtwServiceContract_AuthenticateService_OutputMessage" />
> </wsdl:operation>
> <wsdl:operation name="ValidadeTokenService">
> <wsdl:input
>
wsaw:Action="http://tempuri.org/ISecGtwServiceContract/ValidadeTokenService";
> message="tns:ISecGtwServiceContract_ValidadeTokenService_InputMessage" />
> <wsdl:output
> wsaw:Action="http://tempuri.org/ISecGtwServiceContract/ValidadeTokenSe
> rviceR
> esponse"
> message="tns:ISecGtwServiceContract_ValidadeTokenService_OutputMessage" />
> </wsdl:operation>
> <wsdl:operation name="WhoIAm">
> <wsdl:input
> wsaw:Action="http://tempuri.org/ISecGtwServiceContract/WhoIAm";
> message="tns:ISecGtwServiceContract_WhoIAm_InputMessage" />
> <wsdl:output
> wsaw:Action="http://tempuri.org/ISecGtwServiceContract/WhoIAmResponse";
> message="tns:ISecGtwServiceContract_WhoIAm_OutputMessage" />
> </wsdl:operation>
> </wsdl:portType>
> <wsdl:binding name="CertificateEndPoint"
> type="tns:ISecGtwServiceContract">
> <wsp:PolicyReference URI="#CertificateEndPoint_policy" />
> <soap12:binding transport="http://schemas.xmlsoap.org/soap/http"; />
> <wsdl:operation name="AuthenticateService">
> <soap12:operation
> soapAction="http://tempuri.org/ISecGtwServiceContract/AuthenticateService";
> style="document" />
> <wsdl:input>
> <wsp:PolicyReference
> URI="#CertificateEndPoint_AuthenticateService_Input_policy" />
> <soap12:body use="literal" />
> </wsdl:input>
> <wsdl:output>
> <wsp:PolicyReference
> URI="#CertificateEndPoint_AuthenticateService_output_policy" />
> <soap12:body use="literal" />
> </wsdl:output>
> </wsdl:operation>
> <wsdl:operation name="ValidadeTokenService">
> <soap12:operation
>
soapAction="http://tempuri.org/ISecGtwServiceContract/ValidadeTokenService";
> style="document" />
> <wsdl:input>
> <wsp:PolicyReference
> URI="#CertificateEndPoint_ValidadeTokenService_Input_policy" />
> <soap12:body use="literal" />
> </wsdl:input>
> <wsdl:output>
> <wsp:PolicyReference
> URI="#CertificateEndPoint_ValidadeTokenService_output_policy" />
> <soap12:body use="literal" />
> </wsdl:output>
> </wsdl:operation>
> <wsdl:operation name="WhoIAm">
> <soap12:operation
> soapAction="http://tempuri.org/ISecGtwServiceContract/WhoIAm";
> style="document" />
> <wsdl:input>
> <wsp:PolicyReference
URI="#CertificateEndPoint_WhoIAm_Input_policy"
> />
> <soap12:body use="literal" />
> </wsdl:input>
> <wsdl:output>
> <wsp:PolicyReference
URI="#CertificateEndPoint_WhoIAm_output_policy"
> />
> <soap12:body use="literal" />
> </wsdl:output>
> </wsdl:operation>
> </wsdl:binding>
> <wsdl:service name="SecGtwService">
> <wsdl:port name="CertificateEndPoint"
binding="tns:CertificateEndPoint">
> <soap12:address
> location="http://nrio0230dco.pactual.net/services/SecureGateway/Calyps
> oGatew
> ayCert/SecGtwServiceHost.svc" />
> <wsa10:EndpointReference>
>
> <wsa10:Address>http://nrio0230dco.pactual.net/services/SecureGateway/C
> alypso GatewayCert/SecGtwServiceHost.svc</wsa10:Address>
> <Identity
> xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";>
> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
> <X509Data>
>
> <X509Certificate>MIIBxTCCAXOgAwIBAgIQoF4m3EAEm4RCITdLvQ/MxTAJBgUrDgMCH
> QUAMBY
> xFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTEyMDcxODAwMjQzN1oXDTM5MTIzMTIzNTk1O
> VowKDE
> mMCQGA1UEAxMdUGFjdHVhbC5TZWN1cmVHYXRld2F5LlNlcnZpY2UwgZ8wDQYJKoZIhvcNA
> QEBBQA
> DgY0AMIGJAoGBAN7Bng23dMbhRgzQ3KuD1uox0MriWjJON3DL1tQsHqGqjE9ZiTeVnijDE
> Wxre93
> 8+/sELJ+Ru3mdoQae+ICfn3guBEwg80MBqeQlpNmWMssaKVWJAK5ur2YCo3UNoju2d+ZEg
> 8+D0
> 8+73tQ
> 4MLp68a3TfUEKrzrBbXZQbFak8opoyCPhAgMBAAGjSzBJMEcGA1UdAQRAMD6AEBLkCS0GH
> R1PAI1
> hIdwWZGOhGDAWMRQwEgYDVQQDEwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7jUqlw19DAJB
> gUrDgM
> CHQUAA0EAVL4d3PW6GhtrfEyYBghg5SIzwrsaKUvOsudIEPuOH8xWPbkgyFszcxKJpOj2d
> xawvNv srBo8D62D9xUTMexQHw==</X509Certificate>
> </X509Data>
> </KeyInfo>
> </Identity>
> </wsa10:EndpointReference>
> </wsdl:port>
> </wsdl:service>
> </wsdl:definitions>
>
>
> -----Mensagem original-----
> De: Colm O hEigeartaigh [mailto:[email protected]]
> Enviada: terça-feira, 28 de agosto de 2012 14:45
> Para: [email protected]
> Assunto: Re: Using cxf with X509v3 certificates
>
> Yes, CXF supports this configuration. Your WSDL did not make it
> through though so I can't tell what the problem is. Try just copying
> and pasting the security binding directly into an email?
>
> Colm.
>
> On Tue, Aug 28, 2012 at 6:20 PM, Nícolas Fontenele <[email protected]>
wrote:
>
>> Hi all,****
>>
>> ** **
>>
>> I'm developing a client service to consume a .net service with
>> x509v3 certificate using ws-security.****
>>
>> The Service uses symmetric binding, with
>> includeToken="prefix/AlwaysToRecipient" and a
>> <sp:ProtectionToken>.****
>>
>> I have two certificates, a *.pfx file and *.cer which I have to use
>> to
>> access.****
>>
>> My wsdl is attached.****
>>
>> My question is Does cxf supports this configuration?****
>>
>> ** **
>>
>> Best Regards,****
>>
>> ** **
>>
>> ** **
>>
>> *Nícolas Fontenele*
>>
>> ** **
>>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
