At this moment i don't have a crypto.properties. Is the existence of that file mandatory and what kind of properties are required?
Ted 2013/5/23 Colm O hEigeartaigh <cohei...@apache.org> > I'd say the easiest way is to create your own Crypto instance based on > CertificateStore, and instantiate that directly in your crypto.properties. > That way you don't need to change anything in CXF itself. > > Colm. > > > On Thu, May 23, 2013 at 2:01 PM, Ted Roeloffzen <ted.roeloff...@gmail.com > >wrote: > > > We have the certificates stored in a DB. > > So in the interceptor i load the certificate, put it in a certificate > > store and and the certificate store as Crypto object for the signature. > > Is this the correct way or can't i use this in an interceptor or does the > > interceptor have to have a different phase? > > > > kind regards, > > > > Ted > > > > > > 2013/5/23 Ted Roeloffzen <ted.roeloff...@gmail.com> > > > >> Okay thanks. > >> > >> Correct me if i'm wrong, but the only thing i have to do is add the > >> interceptor that sets the correct certificate? > >> > >> kind regards, > >> > >> Ted > >> > >> > >> 2013/5/23 Colm O hEigeartaigh <cohei...@apache.org> > >> > >>> You are using the older "Action" style configuration with > >>> WS-SecurityPolicy, which doesn't work. With WS-SecurityPolicy you don't > >>> tell it what security actions to perform, as the policy already > contains > >>> all of this information. You just need to let it know the correct > >>> credentials for signing/encryption etc. > >>> > >>> See here for some information about configuration: > >>> > >>> http://cxf.apache.org/docs/ws-securitypolicy.html > >>> > >>> Colm. > >>> > >>> > >>> On Thu, May 23, 2013 at 10:34 AM, Ted Roeloffzen > >>> <ted.roeloff...@gmail.com>wrote: > >>> > >>> > Hello all, > >>> > > >>> > I'm having al little difficulty setting up my client-webservice with > >>> the > >>> > correct settings. > >>> > This is the main part of the WSDL that i have to comply to. > >>> > > >>> > <wsp:Policy wsu:Id=""> > >>> > <wsp:ExactlyOne> > >>> > <wsp:All> > >>> > <sp:AsymmetricBinding xmlns:sp=" > >>> > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > >>> > <wsp:Policy> > >>> > <sp:InitiatorToken> > >>> > <wsp:Policy> > >>> > <sp:X509Token sp:IncludeToken=" > >>> > > >>> > > >>> > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > >>> > "> > >>> > <wsp:Policy> > >>> > > >>> <sp:RequireThumbprintReference/> > >>> > <sp:WssX509V3Token10/> > >>> > </wsp:Policy> > >>> > </sp:X509Token> > >>> > </wsp:Policy> > >>> > </sp:InitiatorToken> > >>> > <sp:RecipientToken> > >>> > <wsp:Policy> > >>> > <sp:X509Token sp:IncludeToken=" > >>> > > >>> > > >>> > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToInitiator > >>> > "> > >>> > <wsp:Policy> > >>> > > >>> <sp:RequireThumbprintReference/> > >>> > <sp:WssX509V3Token10/> > >>> > </wsp:Policy> > >>> > </sp:X509Token> > >>> > </wsp:Policy> > >>> > </sp:RecipientToken> > >>> > <sp:AlgorithmSuite> > >>> > <wsp:Policy> > >>> > <sp:Basic256Sha256Rsa15/> > >>> > </wsp:Policy> > >>> > </sp:AlgorithmSuite> > >>> > <sp:Layout> > >>> > <wsp:Policy> > >>> > <sp:Lax/> > >>> > </wsp:Policy> > >>> > </sp:Layout> > >>> > <sp:IncludeTimestamp/> > >>> > <sp:OnlySignEntireHeadersAndBody/> > >>> > </wsp:Policy> > >>> > </sp:AsymmetricBinding> > >>> > </wsp:All> > >>> > </wsp:ExactlyOne> > >>> > </wsp:Policy> > >>> > <wsp:Policy wsu:Id=""> > >>> > <wsp:ExactlyOne> > >>> > <wsp:All> > >>> > <sp:SignedParts xmlns:sp=" > >>> > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > >>> > <sp:Body/> > >>> > </sp:SignedParts> > >>> > </wsp:All> > >>> > </wsp:ExactlyOne> > >>> > </wsp:Policy> > >>> > > >>> > i have deleted the id's, for the sake of our client. > >>> > > >>> > The problem is that i'm unable the setup the correct token inclusion > >>> and so > >>> > on. > >>> > I can't seem to figure out which parameters have to be set with CXF. > >>> > Since we don't use Spring, I have to configure everything through the > >>> API. > >>> > > >>> > > >>> > THis is what i have so far. > >>> > Map<String, Object> outProps = new HashMap<String, Object>(); > >>> > outProps.put(WSHandlerConstants.ACTION, > >>> > WSHandlerConstants.TIMESTAMP + " " > >>> > + WSHandlerConstants.SIGNATURE); > >>> > outProps.put(WSHandlerConstants.SIG_ALGO, > >>> > "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";); > >>> > outProps.put(WSHandlerConstants.SIG_DIGEST_ALGO, " > >>> > http://www.w3.org/2001/04/xmlenc#sha256";); > >>> > > >>> > WSS4JOutInterceptor wssOut = new > WSS4JOutInterceptor(outProps); > >>> > client.getOutInterceptors().add(wssOut); > >>> > > >>> > And i'm adding a custom Interceptor that does this in the > >>> handleMessage at > >>> > the Pre_logical phase > >>> > > >>> > X509Certificate[] certificates = {holder.getCertificate()}; > >>> > CertificateStore store = new CertificateStore(certificates); > >>> > > >>> > message.put(SecurityConstants.SIGNATURE_CRYPTO, store); > >>> > > >>> > Can one of you point me in the right direction? > >>> > > >>> > kind regards, > >>> > > >>> > Ted > >>> > > >>> > >>> > >>> > >>> -- > >>> Colm O hEigeartaigh > >>> > >>> Talend Community Coder > >>> http://coders.talend.com > >>> > >> > >> > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
