You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Karl Schmeing <ka...@yahoo.de> on 2009/09/26 11:19:50 UTC
WSSE and Binary Security Token
Hi,
I use WSSE Signature with X.509 Authentication according to
http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html
Now my customer wants to use the Binary Security Token.
I found a webpage with some hints to reach this goal.
http://www.nabble.com/WS-Security-error-when-using-BinarySecurityToken-td14669528.html
<entry key="encryptionUser" value="useReqSigCert"/>
<entry key="signatureKeyIdentifier" value="DirectReference"/>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
JRoller says, that it doesn't work
http://www.jroller.com/gmazza/entry/using_cxf_and_wss4j_to
CXF uses WSS4J to implement WS-Security, which covers two of WSS' token profile options (UsernameToken and X.509 Token), as well as partial support for the SAML token profile. (See the CXF WS-Security documentation for more details.) CXF 2.2 introduces support for WS-SecurityPolicy (also available with Metro), but the below tutorial has the WS-Security configuration done outside of the WSDL.
Can somebody explain Philip Wanners Solution? (I could't get in touch with him.)
Regards,
Karl Schmeing