You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Thomas Pischulski <ne...@gmail.com> on 2012/04/03 11:38:52 UTC

Adding Username Token to WebService in DOSGi

Hi there,

I started to work with the DOSGi Subproject of Apache CXF and for the most
part everything worked fine until I began trying to add security to my web
service. AFAIK there're two possible methods implementing WS-Security
policies in CXF, right?

1) WSDL-first approach by specifying the *.wsdl location that the server
should publish a lá 
props.put("org.apache.cxf.ws.wsdl.location", "/hello.wsdl");
2) Using WSS4J In/Out Interceptors

I tried both of them and the server always published no security policies at
all in my http://localhost:9090/hello?wsdl ( http://pastebin.com/d20vNAQN
[1]  Link to generated WSDL by CXF DOSGi) In the first approach I tested
that the *.wsdl-File is accessible by the bundle and configured it with the
org.apache.cxf.ws.wsdl.location property ( http://pastebin.com/gZtEEx5J [2] 
Link to WSDL with manually added WS-Policy stuff) I also specified all other
properties necessary (org.apache.cxf.ws.wsdl.*) from 
http://cxf.apache.org/distributed-osgi-reference.html DOSGi References . The
resulting wsdl shows no security bindings at all and equaled to 
http://pastebin.com/d20vNAQN [1] 

Then I tried the second approach with using WSS4JInInterceptors and again,
the resulting WSDL file has shown no difference to 
http://pastebin.com/d20vNAQN [1] . Here's the Activator code that I used for
that method:  http://pastebin.com/YwvDZmvv Activator.java . I'm using
cxf-dosgi-ri-singlebundle-distribution-1.3 and my favorable method would be
the Interceptor Method. Also I'm trying to avoid Spring or any other type of
XML-based Server/Client configuration. I was also searching through the
mailing list with moderate success.

Up to this point I'm not sure where I'm wrong. Help appreciated.

Cheers,

Thomas

--
View this message in context: http://cxf.547215.n5.nabble.com/Adding-Username-Token-to-WebService-in-DOSGi-tp5614641p5614641.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Adding Username Token to WebService in DOSGi

Posted by Thomas Pischulski <ne...@googlemail.com>.
I also have problems adding OutInterceptors on the Client-side (the
client is also an OSGi bundle). I basically used wsdl2java for
generating the client stub which works fine but when I try to add an
WSS4JOutInterceptor for the UsernameToken I get exceptions that say
that some java.sun.xml implementation is used instead of the CXF JAX-WS