WSS4J uses a "Crypto" provider to retrieve certificates + private keys for encrypting/signing etc. So to get a key from a database, you will have to implement your own Crypto provider and plug it in to CXF/WSS4J.
Colm. On Wed, May 15, 2013 at 9:17 AM, Ted Roeloffzen <ted.roeloff...@gmail.com>wrote: > We don't have a keystore, but the certificate is persisted in a database. > I have to retrieve it from the database and give it to cxf, but is that > even possible? > I can't seem to find any documentation on that > > best regards, > > Ted > > > 2013/5/15 Ted Roeloffzen <ted.roeloff...@gmail.com> > > > Okay thanks. > > This is a first step. > > My problem lies in the fact that the action is not Username_token, but > > timestap signature > > > > best regards, > > > > Ted > > > > > > 2013/5/15 Ted <r6squee...@gmail.com> > > > >> Not sure if this is the official way or not, but this is how I do it : > >> > >> AccountWsService service = new AccountWsService("...")); > >> port = service.getAccountWsPort(); > >> > >> Client cxfClient = ClientProxy.getClient(port); > >> cxfClient.getOutInterceptors().add(new > >> AuthenticationOutWSS4JInterceptor(user, password)); > >> > >> where AuthenticationOutWSS4JInterceptor looks a little like : > >> > >> public class AuthenticationOutWSS4JInterceptor extends > >> WSS4JOutInterceptor implements CallbackHandler > >> { > >> private String password = null; > >> > >> /** > >> * @param user can be userId or userName, all depends on > >> what the > >> received requires > >> * @param password can be password or securityToken, all > >> depends on > >> what the received requires > >> */ > >> public AuthenticationOutWSS4JInterceptor(Object user, > >> String password) > >> { > >> this.password = password; > >> > >> HashMap<String, Object> properties = new > >> HashMap<String, Object>(); > >> properties.put(WSHandlerConstants.ACTION, > >> WSHandlerConstants.USERNAME_TOKEN); > >> properties.put(WSHandlerConstants.USER, > >> user.toString()); > >> properties.put(WSHandlerConstants.PASSWORD_TYPE, > >> WSConstants.PW_TEXT); > >> > >> properties.put(WSHandlerConstants.PW_CALLBACK_REF, this); > >> > >> setProperties(properties); > >> } > >> > >> @Override > >> public void handle(Callback[] callbacks) throws > >> IOException, > >> UnsupportedCallbackException > >> { > >> for (Callback callback : callbacks) > >> { > >> if (callback instanceof > >> WSPasswordCallback) > >> { > >> WSPasswordCallback > >> wsPasswordCallback = (WSPasswordCallback)callback; > >> > >> wsPasswordCallback.setPassword(password); > >> } > >> } > >> } > >> } > >> > >> On 5/14/13, Ted Roeloffzen <ted.roeloff...@gmail.com> wrote: > >> > Good day all, > >> > > >> > At this moment I'm working on a webservice-client that has to use > >> > WS-Security, but i can't seem to figure out how configure CXF that it > >> fills > >> > the SOAP-header in the correct way. > >> > We don't use Spring for the configuration, so everything has to be > >> > configured via the API. > >> > > >> > We need to have a timestamp, a signature and also a binary security > >> token. > >> > The Canonicalization-algorithm is xml-exc-c14 > >> > The signature-algorithm is RSA-SHA256 > >> > > >> > can someone point me in the right direction for this? > >> > > >> > I've already created a WSS4JInInterceptor and a WSS4JOutInterceptor. > >> > Both with a properties-map containing an Action = Timestap Signature, > >> > signatureAlgorithm = " > http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 > >> " > >> > and signatureDigestAlgorithm = " > http://www.w3.org/2001/04/xmlenc#sha256 > >> " > >> > > >> > do I need to configure anymore other than adding a certificate to the > >> > keystore? > >> > > >> > thanks in advance. > >> > > >> > kind regards, > >> > > >> > Ted > >> > > >> > >> > >> -- > >> Ted. > >> > > > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com