Hello
can soneone help me and tell me why HttpsToken policy
<sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy>
<sp:RequireClientCertificate/>
</wsp:Policy>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:TransportBinding>
does not take its parameters (certificates,etc) from conduit (client
side)/engine (server side)
http:tlsClientParameters element
( sample:
<http:conduit
name="{http://apache.org/hello_world_soap_http}SoapPort.http-conduit";>
<http:tlsClientParameters disableCNCheck="true">
<sec:keyManagers keyPassword="ckpass">
<sec:keyStore file="src/main/config/clientKeystore.jks"
password="cspass" type="JKS"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore file="src/main/config/clientKeystore.jks"
password="cspass" type="JKS"/>
</sec:trustManagers>
</http:tlsClientParameters>
</http:conduit>
)
and instead needs exlicitly specify them (in properties of client or server
endpoint)
<jaxws:client name="{http://apache.org/hello_world_soap_http}SoapPort"; >
<jaxws:properties>
<entry key="security.signature.properties"
value="security.signature.properties"/>
<entry key="security.encryption.properties"
value="security.signature.properties"/>
....
Thanks
--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
