Hi Ted, You can find some related information in following blog: http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html
Regards, Andrei. > -----Original Message----- > From: Ted Roeloffzen [mailto:ted.roeloff...@gmail.com] > Sent: Mittwoch, 15. Mai 2013 10:18 > To: users > Subject: Re: WS-Security question > > We don't have a keystore, but the certificate is persisted in a database. > I have to retrieve it from the database and give it to cxf, but is that even > possible? > I can't seem to find any documentation on that > > best regards, > > Ted > > > 2013/5/15 Ted Roeloffzen <ted.roeloff...@gmail.com> > > > Okay thanks. > > This is a first step. > > My problem lies in the fact that the action is not Username_token, but > > timestap signature > > > > best regards, > > > > Ted > > > > > > 2013/5/15 Ted <r6squee...@gmail.com> > > > >> Not sure if this is the official way or not, but this is how I do it : > >> > >> AccountWsService service = new AccountWsService("...")); > >> port = service.getAccountWsPort(); > >> > >> Client cxfClient = ClientProxy.getClient(port); > >> cxfClient.getOutInterceptors().add(new > >> AuthenticationOutWSS4JInterceptor(user, password)); > >> > >> where AuthenticationOutWSS4JInterceptor looks a little like : > >> > >> public class AuthenticationOutWSS4JInterceptor extends > >> WSS4JOutInterceptor implements CallbackHandler > >> { > >> private String password = null; > >> > >> /** > >> * @param user can be userId or userName, all depends > >> on what the received requires > >> * @param password can be password or securityToken, > >> all depends on what the received requires > >> */ > >> public AuthenticationOutWSS4JInterceptor(Object user, > >> String password) > >> { > >> this.password = password; > >> > >> HashMap<String, Object> properties = new > >> HashMap<String, Object>(); > >> properties.put(WSHandlerConstants.ACTION, > >> WSHandlerConstants.USERNAME_TOKEN); > >> properties.put(WSHandlerConstants.USER, > >> user.toString()); > >> > >> properties.put(WSHandlerConstants.PASSWORD_TYPE, > >> WSConstants.PW_TEXT); > >> > >> properties.put(WSHandlerConstants.PW_CALLBACK_REF, this); > >> > >> setProperties(properties); > >> } > >> > >> @Override > >> public void handle(Callback[] callbacks) throws > >> IOException, UnsupportedCallbackException > >> { > >> for (Callback callback : callbacks) > >> { > >> if (callback instanceof > >> WSPasswordCallback) > >> { > >> WSPasswordCallback > >> wsPasswordCallback = (WSPasswordCallback)callback; > >> > >> wsPasswordCallback.setPassword(password); > >> } > >> } > >> } > >> } > >> > >> On 5/14/13, Ted Roeloffzen <ted.roeloff...@gmail.com> wrote: > >> > Good day all, > >> > > >> > At this moment I'm working on a webservice-client that has to use > >> > WS-Security, but i can't seem to figure out how configure CXF that > >> > it > >> fills > >> > the SOAP-header in the correct way. > >> > We don't use Spring for the configuration, so everything has to be > >> > configured via the API. > >> > > >> > We need to have a timestamp, a signature and also a binary security > >> token. > >> > The Canonicalization-algorithm is xml-exc-c14 The > >> > signature-algorithm is RSA-SHA256 > >> > > >> > can someone point me in the right direction for this? > >> > > >> > I've already created a WSS4JInInterceptor and a WSS4JOutInterceptor. > >> > Both with a properties-map containing an Action = Timestap > >> > Signature, signatureAlgorithm = > >> > "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 > >> " > >> > and signatureDigestAlgorithm = > >> > "http://www.w3.org/2001/04/xmlenc#sha256 > >> " > >> > > >> > do I need to configure anymore other than adding a certificate to > >> > the keystore? > >> > > >> > thanks in advance. > >> > > >> > kind regards, > >> > > >> > Ted > >> > > >> > >> > >> -- > >> Ted. > >> > > > >
