Announcement Announcement Module
No announcement yet.
Spring Integration - WS Security help needed Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Integration - WS Security help needed

    Hi Everyone,

    I have a requirement where I need to implement WS Security for a Spring WS implementation. In our application we have multiple webservices deployed on Weblogic 10.3. All of them are JAX-WS based except one. Which is Spring WS. For all the rest of the webservices I am able to add the below lines of annotations and secure them.

    import weblogic.jws.Policy;

    @Policy(uri = "policy:My_Policy.xml", direction = Policy.Direction.inbound, attachToWsdl = true)
    @RolesAllowed({@SecurityRole (role="MyRole")})

    For the Spring WS there is no endpoint. All we have is an inbound gateway and their mappings to eInboundGateway

    <beans:bean id="endpointMapping"
    class=" ing.PayloadRootQNameEndpointMapping">

    All Spring-WS security examples post to a simple user id password available in the same config xml. I need it to go against the User-Role defined on the weblogic security realm. Any pointers for this will help a lot. I have searched and searched around. No one seems to have implemented this.

    Some of my thought directions were ..
    Is there a way I can make the Spring WS behave like JAX-WS service?
    Can I write a interceptor and use the MessageHeader to call another normal JAX-WS webservice for authentication?
    Any out of the box integration possible with Weblogic?

  • #2
    Hi there,

    See as far as i know that, You can do it .
    Spring supports this one, If possibly search for Pre-authentication

    check this out.

    and this as well.

    please replay me if this is useful