Announcement Announcement Module
Collapse
No announcement yet.
WS Security on outgoing messages Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • WS Security on outgoing messages

    I'm using SimpleWebServiceOutboundGateway, has anybody added WS Security headers to their outgoing messages? And if so how?

    I have a Wss4jSecurityInteceptor configured for use in authenticating inbound messages, is there any way of re-using this somehow as it does add the ws security headers to responses of inbound messages. From what I can gather from Spring WS I need to use WebServiceMessageCallback on the WebServiceTemplate of SimpleWebServiceOutboundGateway but the only example I can find uses Xws and not Wss4j and this is on a custom client not SimpleWebServiceOutboundGateway.

  • #2
    Not to worry, resolved this now.

    Basically the namespace support for SimpleWebServiceOutboundGateway already has support for request-callback so I created a call back class that delegates to my defined security interceptor.

    Code:
    <bean id="wsSecurityMessageCallback" class="WsSecurityMessageCallback">
        	<constructor-arg ref="wsSecurityInterceptor" />
        	<constructor-arg ref="messageFactory" />
        </bean>
    
    <ws:outbound-gateway
    			uri="http://127.0.0.1:8080/" request-callback="wsSecurityMessageCallback" />
    Code:
    public class WsSecurityMessageCallback implements WebServiceMessageCallback {
    
    	private Wss4jSecurityInterceptor securityInterceptor;
    	
    	private WebServiceMessageFactory messageFactory;
    
    	public WsSecurityMessageCallback(Wss4jSecurityInterceptor securityInterceptor, WebServiceMessageFactory messageFactory) {
    		this.securityInterceptor = securityInterceptor;
    		this.messageFactory = messageFactory;
    	}
    
    	public void doWithMessage(WebServiceMessage message) throws IOException,
    			TransformerException {
    
    		MessageContext messageContext = new DefaultMessageContext(message, messageFactory);
    		securityInterceptor.handleRequest(messageContext);
    	}
    }

    Comment

    Working...
    X