Announcement Announcement Module
No announcement yet.
WS Security on outgoing messages Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • WS Security on outgoing messages

    I'm using SimpleWebServiceOutboundGateway, has anybody added WS Security headers to their outgoing messages? And if so how?

    I have a Wss4jSecurityInteceptor configured for use in authenticating inbound messages, is there any way of re-using this somehow as it does add the ws security headers to responses of inbound messages. From what I can gather from Spring WS I need to use WebServiceMessageCallback on the WebServiceTemplate of SimpleWebServiceOutboundGateway but the only example I can find uses Xws and not Wss4j and this is on a custom client not SimpleWebServiceOutboundGateway.

  • #2
    Not to worry, resolved this now.

    Basically the namespace support for SimpleWebServiceOutboundGateway already has support for request-callback so I created a call back class that delegates to my defined security interceptor.

    <bean id="wsSecurityMessageCallback" class="WsSecurityMessageCallback">
        	<constructor-arg ref="wsSecurityInterceptor" />
        	<constructor-arg ref="messageFactory" />
    			uri="" request-callback="wsSecurityMessageCallback" />
    public class WsSecurityMessageCallback implements WebServiceMessageCallback {
    	private Wss4jSecurityInterceptor securityInterceptor;
    	private WebServiceMessageFactory messageFactory;
    	public WsSecurityMessageCallback(Wss4jSecurityInterceptor securityInterceptor, WebServiceMessageFactory messageFactory) {
    		this.securityInterceptor = securityInterceptor;
    		this.messageFactory = messageFactory;
    	public void doWithMessage(WebServiceMessage message) throws IOException,
    			TransformerException {
    		MessageContext messageContext = new DefaultMessageContext(message, messageFactory);