Announcement Announcement Module
No announcement yet.
Spring-WS SSL and certificate Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring-WS SSL and certificate

    We are needing to secure our intra-company Spring-WS web service.
    The desire here is to create a certificate and use SSL Then, the client application, with this certificate, make SOAP calls that is use/pass this certificate.

    Then, somehow, configure our Spring-WS web service to vaildate this certificate.

    I looked at Chapter 4. "Securing your Web services with Spring-WS"
    but it is clear as mud for me(security-ignorant).

    Do I need to wire a security interceptor such as....
    <bean id="wsSecurityInterceptor"
    class=" ???">

  • #2
    You don't need to use the WsSecurityInterceptor if you want to do SSL. The WsSecurityInterceptor is for doing WS-Security (i.e. message-level security, while SSL is transport-level security).

    Instead, configure SSL in your app server, and also on the client-side (using the Commons HTTP client, for instance).


    • #3
      Hello Arjen
      Can there be both kinds of security implemented for one application (message level and transport level).
      I am implementing a server side application ,can i implement both like configuring the application server for transport level and interceptor for digital signature.