Announcement Announcement Module
Collapse
No announcement yet.
Spring-ws Client for .NET Server with WS-Security Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring-ws Client for .NET Server with WS-Security

    Hello,

    I am having some problems translating a security token for a WS-Security service into the required context file for a wss4j or xwss securityInterceptor. Here is the token (with alphanumeric codes changed to the name of a tasty steak sauce to protect the innocent--and "http" replaced with [http removed to prevent posting URL error] ):

    <microsoft.web.services3>
    <security>
    <binarySecurityTokenManager>
    <add valueType="[http removed to prevent posting URL error]://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
    <keyAlgorithm name="RSA15"/>
    </add>
    </binarySecurityTokenManager>
    <securityTokenManager>
    <add localName="UsernameToken" type="Microsoft.Web.Services3.Security.Tokens.User nameTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=a1a1a1a1a1a1a1a1" namespace="[http removed to prevent posting URL error]://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <keyAlgorithm name="AES128"/>
    </add>
    </securityTokenManager>
    </security>
    </microsoft.web.services3>

    If somebody could please provide me with the correct xml for a context file or the correct way to set the properties in the Java code, it would be greatly appreciated. I have not yet reached a decision on xwss vs wss4j, so either would work. At this point, I'm just trying to send a very simple HelloWorld request and get back a valid response.

    Thanks in advance for any help.

  • #2
    Re: Spring-ws Client for .NET Server with WS-Security

    After getting the username and password from our info-withholding customer, the configuration is as follows:

    <bean id="webServiceClient" class="com.etc.WebServiceClient">
    <property name="interceptors" ref="securityInterceptor"/>
    </bean>

    <bean id="securityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
    <property name="securementActions" value="UsernameToken"/>
    <property name="securementUsername" value="yourUsername"/>
    <property name="securementPassword" value="yourPassword"/>
    <property name="securementPasswordType" value="PasswordText"/>
    <property name="securementUsernameTokenElements" value="Nonce Created"/>
    <property name="securementMustUnderstand" value="true"/>
    </bean>

    Hopefully this can help someone else

    Comment

    Working...
    X