WSS4J uses a "Crypto" provider to retrieve certificates + private keys for
encrypting/signing etc. So to get a key from a database, you will have to
implement your own Crypto provider and plug it in to CXF/WSS4J.
Colm.
On Wed, May 15, 2013 at 9:17 AM, Ted Roeloffzen <ted.roeloff...@gmail.com>wrote:
> We don't have a keystore, but the certificate is persisted in a database.
> I have to retrieve it from the database and give it to cxf, but is that
> even possible?
> I can't seem to find any documentation on that
>
> best regards,
>
> Ted
>
>
> 2013/5/15 Ted Roeloffzen <ted.roeloff...@gmail.com>
>
> > Okay thanks.
> > This is a first step.
> > My problem lies in the fact that the action is not Username_token, but
> > timestap signature
> >
> > best regards,
> >
> > Ted
> >
> >
> > 2013/5/15 Ted <r6squee...@gmail.com>
> >
> >> Not sure if this is the official way or not, but this is how I do it :
> >>
> >> AccountWsService service = new AccountWsService("..."));
> >> port = service.getAccountWsPort();
> >>
> >> Client cxfClient = ClientProxy.getClient(port);
> >> cxfClient.getOutInterceptors().add(new
> >> AuthenticationOutWSS4JInterceptor(user, password));
> >>
> >> where AuthenticationOutWSS4JInterceptor looks a little like :
> >>
> >> public class AuthenticationOutWSS4JInterceptor extends
> >> WSS4JOutInterceptor implements CallbackHandler
> >> {
> >> private String password = null;
> >>
> >> /**
> >> * @param user can be userId or userName, all depends on
> >> what the
> >> received requires
> >> * @param password can be password or securityToken, all
> >> depends on
> >> what the received requires
> >> */
> >> public AuthenticationOutWSS4JInterceptor(Object user,
> >> String password)
> >> {
> >> this.password = password;
> >>
> >> HashMap<String, Object> properties = new
> >> HashMap<String, Object>();
> >> properties.put(WSHandlerConstants.ACTION,
> >> WSHandlerConstants.USERNAME_TOKEN);
> >> properties.put(WSHandlerConstants.USER,
> >> user.toString());
> >> properties.put(WSHandlerConstants.PASSWORD_TYPE,
> >> WSConstants.PW_TEXT);
> >>
> >> properties.put(WSHandlerConstants.PW_CALLBACK_REF, this);
> >>
> >> setProperties(properties);
> >> }
> >>
> >> @Override
> >> public void handle(Callback[] callbacks) throws
> >> IOException,
> >> UnsupportedCallbackException
> >> {
> >> for (Callback callback : callbacks)
> >> {
> >> if (callback instanceof
> >> WSPasswordCallback)
> >> {
> >> WSPasswordCallback
> >> wsPasswordCallback = (WSPasswordCallback)callback;
> >>
> >> wsPasswordCallback.setPassword(password);
> >> }
> >> }
> >> }
> >> }
> >>
> >> On 5/14/13, Ted Roeloffzen <ted.roeloff...@gmail.com> wrote:
> >> > Good day all,
> >> >
> >> > At this moment I'm working on a webservice-client that has to use
> >> > WS-Security, but i can't seem to figure out how configure CXF that it
> >> fills
> >> > the SOAP-header in the correct way.
> >> > We don't use Spring for the configuration, so everything has to be
> >> > configured via the API.
> >> >
> >> > We need to have a timestamp, a signature and also a binary security
> >> token.
> >> > The Canonicalization-algorithm is xml-exc-c14
> >> > The signature-algorithm is RSA-SHA256
> >> >
> >> > can someone point me in the right direction for this?
> >> >
> >> > I've already created a WSS4JInInterceptor and a WSS4JOutInterceptor.
> >> > Both with a properties-map containing an Action = Timestap Signature,
> >> > signatureAlgorithm = "
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
> >> "
> >> > and signatureDigestAlgorithm = "
> http://www.w3.org/2001/04/xmlenc#sha256
> >> "
> >> >
> >> > do I need to configure anymore other than adding a certificate to the
> >> > keystore?
> >> >
> >> > thanks in advance.
> >> >
> >> > kind regards,
> >> >
> >> > Ted
> >> >
> >>
> >>
> >> --
> >> Ted.
> >>
> >
> >
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
