Announcement Announcement Module
Collapse
No announcement yet.
Spring WS-Security on client side Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring WS-Security on client side

    I am trying to add WS Security for username, paswword authentication on the client side.

    <wsse:Security> element gets added to the soap header, but username, password details are not added..here is the generated header..

    <soapenv:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1"/>
    </soapenv:Header>

    Here is my security configuration file.

    <xwss:SecurityConfiguration dumpMessages="true" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
    <xwss:UsernameToken name="test" password="test" useNonce="false" digestPassword="false"/>
    </xwss:SecurityConfiguration>

    Any idea why?

    Thanks,
    Sankar.

  • #2
    How do you configure the client-side interceptor? You should have either a SimpleUsernamePasswordCallbackHandler, SpringUsernamePasswordCallbackHandler, or AcegiUsernamePasswordCallbackHandler configured.

    Comment


    • #3
      I am not using any client side interceptor, but using the WebServiceMessageCallback and calling XWSSProcessor.secureOutboundMessage.

      I am not finding any client side interceptotor in version 1.0.3. Is this something added to 1.5.0 M2 ? what are the client side interceptors available?

      Comment


      • #4
        I configured XwsSecurityInterceptor on the client side with SimpleUsernamePasswordCallbackHandler, but i am getting the same result. Here are my config files.

        <bean id="webServiceTemplate" class="org.springframework.ws.client.core.WebServi ceTemplate">
        <property name="interceptors">
        <ref bean="wsSecurityInterceptor"/>
        </property>
        </bean>

        <bean id="wsSecurityInterceptor"
        class="org.springframework.ws.soap.security.xwss.X wsSecurityInterceptor">
        <property name="policyConfiguration" value="classpath:client-app-security.xml"/>
        <property name="callbackHandlers">
        <list>
        <ref bean="passwordHandler"/>
        </list>
        </property>
        </bean>

        <bean id="passwordHandler"
        class="org.springframework.ws.soap.security.xwss.c allback.SimpleUsernamePasswordCallbackHandler">
        <property name="username"><value>test</value></property>
        <property name="password"><value>test</value>
        </property>
        </bean>

        Comment

        Working...
        X