You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by Mark Borner <ma...@zurich.com.au> on 2011/06/10 06:22:54 UTC
Camel CXF & WS-Security
Does anyone have any examples of how to configure a Camel CXF endpoint to
use WS-Security? I need to secure an outbound and inbound SOAP message.
Thanks,
Mark
Mark Borner
Java Developer - ZStream Xpress
----
This email is intended for the named recipient only. It may contain
information which is confidential, commercially sensitive, or
copyright. If you are not the intended recipient you must not
reproduce or distribute any part of the email, disclose its contents,
or take any action in reliance. If you have received this email in
error, please contact the sender and delete the message. It is your
responsibility to scan this email and any attachments for viruses and
other defects. To the extent permitted by law, Zurich and its
associates will not be liable for any loss or damage arising in any
way from this communication including any file attachments. We may
monitor email you send to us, either as a reply to this email or any
email you send to us, to confirm our systems are protected and for
compliance with company policies. Although we take reasonable
precautions to protect the confidentiality of our email systems, we
do not warrant the confidentiality or security of email or
attachments we receive.
Re: Camel CXF & WS-Security
Posted by Charles Moulliard <cm...@gmail.com>.
I don't think that you can provide this property as a parameter in
cxf://someAddress? WSS4JInInterceptor=xxxx. It must be declarer as you can
see in my example using spring bean.
On Fri, Jun 10, 2011 at 8:46 AM, Mark Borner <ma...@zurich.com.au>wrote:
>
> Thanks for that.
>
> Is there anyway to add the WSS4JInInterceptor to the endpoint if I'm using
> cxf://someAddress[?options] instead of the cxf:bean:cxfEndpoint endpoint
> definition?
>
> Thanks,
> Mark
>
> Mark Borner
> Java Developer - ZStream Xpress
>
>
> From: Charles Moulliard <cm...@gmail.com> To: users@camel.apache.org
> Date: 10/06/2011 04:23 PM Subject: Re: Camel CXF & WS-Security
> ------------------------------
>
>
>
> Hi Mark,
>
> I have created one year an example in camel project available here :
>
>
> https://github.com/gnodet/camel/tree/trunk/examples/camel-example-reportincident-ws-security-osgi
>
> Regards,
>
> Charles Moulliard
>
> Apache Committer
>
> Blog : http://cmoulliard.blogspot.com
> Twitter : http://twitter.com/cmoulliard
> Linkedin : http://www.linkedin.com/in/charlesmoulliard
> Skype: cmoulliard
>
>
> On Fri, Jun 10, 2011 at 6:22 AM, Mark Borner <mark.borner@zurich.com.au
> >wrote:
>
> >
> > Does anyone have any examples of how to configure a Camel CXF endpoint to
> > use WS-Security? I need to secure an outbound and inbound SOAP message.
> >
> > Thanks,
> > Mark
> >
> > Mark Borner
> > Java Developer - ZStream Xpress
> >
> >
> >
> >
> > ----
> > This email is intended for the named recipient only. It may contain
> > information which is confidential, commercially sensitive, or
> > copyright. If you are not the intended recipient you must not
> > reproduce or distribute any part of the email, disclose its contents,
> > or take any action in reliance. If you have received this email in
> > error, please contact the sender and delete the message. It is your
> > responsibility to scan this email and any attachments for viruses and
> > other defects. To the extent permitted by law, Zurich and its
> > associates will not be liable for any loss or damage arising in any
> > way from this communication including any file attachments. We may
> > monitor email you send to us, either as a reply to this email or any
> > email you send to us, to confirm our systems are protected and for
> > compliance with company policies. Although we take reasonable
> > precautions to protect the confidentiality of our email systems, we
> > do not warrant the confidentiality or security of email or
> > attachments we receive.
> >
> >
>
>
>
>
>
>
> ----
> This email is intended for the named recipient only. It may contain
> information which is confidential, commercially sensitive, or
> copyright. If you are not the intended recipient you must not
> reproduce or distribute any part of the email, disclose its contents,
> or take any action in reliance. If you have received this email in
> error, please contact the sender and delete the message. It is your
> responsibility to scan this email and any attachments for viruses and
> other defects. To the extent permitted by law, Zurich and its
> associates will not be liable for any loss or damage arising in any
> way from this communication including any file attachments. We may
> monitor email you send to us, either as a reply to this email or any
> email you send to us, to confirm our systems are protected and for
> compliance with company policies. Although we take reasonable
> precautions to protect the confidentiality of our email systems, we
> do not warrant the confidentiality or security of email or
> attachments we receive.
>
>
Re: Camel CXF & WS-Security
Posted by Willem Jiang <wi...@gmail.com>.
On 6/11/11 5:56 PM, Claus Ibsen wrote:
> On Fri, Jun 10, 2011 at 9:36 AM, Willem Jiang<wi...@gmail.com> wrote:
>> > Hi Mark,
>> >
>> > I'm afraid you can just configure the WSS4jInInterceptor through the
>> > cxf:bean:xxx , current camel-cxf doesn't support to configure it through
>> > URI.
>> >
> Willem what would it take to support that?
>
> It would be great to have camel-cxf being useable without any of the
> CXF XML stuff. For some people that dont want to dive into that, it
> may be easier to confiture a Camel endpoint in the uri, and/or as a
> java bean with getter/setters.
>
> We recently added support for CXF properties in the Camel CXF
> endpoint. So maybe we can add support for specifying CXF interceptors.
>
>
>
Below is typical configure of WSS4JInInterceptor
<jaxws:inInterceptors>
<!-- SAAJ Interceptor needs to be explicitly declared only in CXF
2.0.x -->
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="signaturePropFile" value="..."/>
<entry key="passwordCallbackRef">
<ref bean="myPasswordCallback"/>
</entry>
...
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
It hard to configure the WSS4jInInterceptor unless you bind it into
camel context by using the java code.
--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: Camel CXF & WS-Security
Posted by Claus Ibsen <cl...@gmail.com>.
On Fri, Jun 10, 2011 at 9:36 AM, Willem Jiang <wi...@gmail.com> wrote:
> Hi Mark,
>
> I'm afraid you can just configure the WSS4jInInterceptor through the
> cxf:bean:xxx , current camel-cxf doesn't support to configure it through
> URI.
>
Willem what would it take to support that?
It would be great to have camel-cxf being useable without any of the
CXF XML stuff. For some people that dont want to dive into that, it
may be easier to confiture a Camel endpoint in the uri, and/or as a
java bean with getter/setters.
We recently added support for CXF properties in the Camel CXF
endpoint. So maybe we can add support for specifying CXF interceptors.
> On 6/10/11 2:46 PM, Mark Borner wrote:
>>
>> Thanks for that.
>>
>> Is there anyway to add the WSS4JInInterceptorto the endpoint if I'm
>> using cxf://someAddress[?options] instead of the cxf:bean:cxfEndpoint
>> endpoint definition?
>>
>> Thanks,
>> Mark
>>
>> Mark Borner
>> Java Developer - ZStream Xpress
>>
>>
>> From: Charles Moulliard <cm...@gmail.com>
>> To: users@camel.apache.org
>> Date: 10/06/2011 04:23 PM
>> Subject: Re: Camel CXF & WS-Security
>>
>>
>> ------------------------------------------------------------------------
>>
>>
>>
>> Hi Mark,
>>
>> I have created one year an example in camel project available here :
>>
>>
>> https://github.com/gnodet/camel/tree/trunk/examples/camel-example-reportincident-ws-security-osgi
>>
>> Regards,
>>
>> Charles Moulliard
>>
>> Apache Committer
>>
>> Blog : http://cmoulliard.blogspot.com <http://cmoulliard.blogspot.com/>
>> Twitter : http://twitter.com/cmoulliard
>> Linkedin : http://www.linkedin.com/in/charlesmoulliard
>> Skype: cmoulliard
>>
>>
>> On Fri, Jun 10, 2011 at 6:22 AM, Mark Borner
>> <ma...@zurich.com.au>wrote:
>>
>> >
>> > Does anyone have any examples of how to configure a Camel CXF endpoint
>> to
>> > use WS-Security? I need to secure an outbound and inbound SOAP message.
>> >
>> > Thanks,
>> > Mark
>> >
>> > Mark Borner
>> > Java Developer - ZStream Xpress
>> >
>> >
>> >
>> >
>> > ----
>> > This email is intended for the named recipient only. It may contain
>> > information which is confidential, commercially sensitive, or
>> > copyright. If you are not the intended recipient you must not
>> > reproduce or distribute any part of the email, disclose its contents,
>> > or take any action in reliance. If you have received this email in
>> > error, please contact the sender and delete the message. It is your
>> > responsibility to scan this email and any attachments for viruses and
>> > other defects. To the extent permitted by law, Zurich and its
>> > associates will not be liable for any loss or damage arising in any
>> > way from this communication including any file attachments. We may
>> > monitor email you send to us, either as a reply to this email or any
>> > email you send to us, to confirm our systems are protected and for
>> > compliance with company policies. Although we take reasonable
>> > precautions to protect the confidentiality of our email systems, we
>> > do not warrant the confidentiality or security of email or
>> > attachments we receive.
>> >
>> >
>>
>>
>>
>>
>>
>>
>> ----
>> This email is intended for the named recipient only. It may contain
>> information which is confidential, commercially sensitive, or
>> copyright. If you are not the intended recipient you must not
>> reproduce or distribute any part of the email, disclose its contents,
>> or take any action in reliance. If you have received this email in
>> error, please contact the sender and delete the message. It is your
>> responsibility to scan this email and any attachments for viruses and
>> other defects. To the extent permitted by law, Zurich and its
>> associates will not be liable for any loss or damage arising in any
>> way from this communication including any file attachments. We may
>> monitor email you send to us, either as a reply to this email or any
>> email you send to us, to confirm our systems are protected and for
>> compliance with company policies. Although we take reasonable
>> precautions to protect the confidentiality of our email systems, we
>> do not warrant the confidentiality or security of email or
>> attachments we receive.
>>
>
>
> --
> Willem
> ----------------------------------
> FuseSource
> Web: http://www.fusesource.com
> Blog: http://willemjiang.blogspot.com (English)
> http://jnn.javaeye.com (Chinese)
> Twitter: willemjiang
> Weibo: willemjiang
>
--
Claus Ibsen
-----------------
FuseSource
Email: cibsen@fusesource.com
Web: http://fusesource.com
Twitter: davsclaus, fusenews
Blog: http://davsclaus.blogspot.com/
Author of Camel in Action: http://www.manning.com/ibsen/
Re: Camel CXF & WS-Security
Posted by Willem Jiang <wi...@gmail.com>.
Hi Mark,
I'm afraid you can just configure the WSS4jInInterceptor through the
cxf:bean:xxx , current camel-cxf doesn't support to configure it through
URI.
On 6/10/11 2:46 PM, Mark Borner wrote:
>
> Thanks for that.
>
> Is there anyway to add the WSS4JInInterceptorto the endpoint if I'm
> using cxf://someAddress[?options] instead of the cxf:bean:cxfEndpoint
> endpoint definition?
>
> Thanks,
> Mark
>
> Mark Borner
> Java Developer - ZStream Xpress
>
>
> From: Charles Moulliard <cm...@gmail.com>
> To: users@camel.apache.org
> Date: 10/06/2011 04:23 PM
> Subject: Re: Camel CXF & WS-Security
>
>
> ------------------------------------------------------------------------
>
>
>
> Hi Mark,
>
> I have created one year an example in camel project available here :
>
> https://github.com/gnodet/camel/tree/trunk/examples/camel-example-reportincident-ws-security-osgi
>
> Regards,
>
> Charles Moulliard
>
> Apache Committer
>
> Blog : http://cmoulliard.blogspot.com <http://cmoulliard.blogspot.com/>
> Twitter : http://twitter.com/cmoulliard
> Linkedin : http://www.linkedin.com/in/charlesmoulliard
> Skype: cmoulliard
>
>
> On Fri, Jun 10, 2011 at 6:22 AM, Mark Borner
> <ma...@zurich.com.au>wrote:
>
> >
> > Does anyone have any examples of how to configure a Camel CXF endpoint to
> > use WS-Security? I need to secure an outbound and inbound SOAP message.
> >
> > Thanks,
> > Mark
> >
> > Mark Borner
> > Java Developer - ZStream Xpress
> >
> >
> >
> >
> > ----
> > This email is intended for the named recipient only. It may contain
> > information which is confidential, commercially sensitive, or
> > copyright. If you are not the intended recipient you must not
> > reproduce or distribute any part of the email, disclose its contents,
> > or take any action in reliance. If you have received this email in
> > error, please contact the sender and delete the message. It is your
> > responsibility to scan this email and any attachments for viruses and
> > other defects. To the extent permitted by law, Zurich and its
> > associates will not be liable for any loss or damage arising in any
> > way from this communication including any file attachments. We may
> > monitor email you send to us, either as a reply to this email or any
> > email you send to us, to confirm our systems are protected and for
> > compliance with company policies. Although we take reasonable
> > precautions to protect the confidentiality of our email systems, we
> > do not warrant the confidentiality or security of email or
> > attachments we receive.
> >
> >
>
>
>
>
>
>
> ----
> This email is intended for the named recipient only. It may contain
> information which is confidential, commercially sensitive, or
> copyright. If you are not the intended recipient you must not
> reproduce or distribute any part of the email, disclose its contents,
> or take any action in reliance. If you have received this email in
> error, please contact the sender and delete the message. It is your
> responsibility to scan this email and any attachments for viruses and
> other defects. To the extent permitted by law, Zurich and its
> associates will not be liable for any loss or damage arising in any
> way from this communication including any file attachments. We may
> monitor email you send to us, either as a reply to this email or any
> email you send to us, to confirm our systems are protected and for
> compliance with company policies. Although we take reasonable
> precautions to protect the confidentiality of our email systems, we
> do not warrant the confidentiality or security of email or
> attachments we receive.
>
--
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang
Re: Camel CXF & WS-Security
Posted by Mark Borner <ma...@zurich.com.au>.
Thanks for that.
Is there anyway to add the WSS4JInInterceptor to the endpoint if I'm using
cxf://someAddress[?options] instead of the cxf:bean:cxfEndpoint endpoint
definition?
Thanks,
Mark
Mark Borner
Java Developer - ZStream Xpress
From:
Charles Moulliard <cm...@gmail.com>
To:
users@camel.apache.org
Date:
10/06/2011 04:23 PM
Subject:
Re: Camel CXF & WS-Security
Hi Mark,
I have created one year an example in camel project available here :
https://github.com/gnodet/camel/tree/trunk/examples/camel-example-reportincident-ws-security-osgi
Regards,
Charles Moulliard
Apache Committer
Blog : http://cmoulliard.blogspot.com
Twitter : http://twitter.com/cmoulliard
Linkedin : http://www.linkedin.com/in/charlesmoulliard
Skype: cmoulliard
On Fri, Jun 10, 2011 at 6:22 AM, Mark Borner
<ma...@zurich.com.au>wrote:
>
> Does anyone have any examples of how to configure a Camel CXF endpoint
to
> use WS-Security? I need to secure an outbound and inbound SOAP message.
>
> Thanks,
> Mark
>
> Mark Borner
> Java Developer - ZStream Xpress
>
>
>
>
> ----
> This email is intended for the named recipient only. It may contain
> information which is confidential, commercially sensitive, or
> copyright. If you are not the intended recipient you must not
> reproduce or distribute any part of the email, disclose its contents,
> or take any action in reliance. If you have received this email in
> error, please contact the sender and delete the message. It is your
> responsibility to scan this email and any attachments for viruses and
> other defects. To the extent permitted by law, Zurich and its
> associates will not be liable for any loss or damage arising in any
> way from this communication including any file attachments. We may
> monitor email you send to us, either as a reply to this email or any
> email you send to us, to confirm our systems are protected and for
> compliance with company policies. Although we take reasonable
> precautions to protect the confidentiality of our email systems, we
> do not warrant the confidentiality or security of email or
> attachments we receive.
>
>
----
This email is intended for the named recipient only. It may contain
information which is confidential, commercially sensitive, or
copyright. If you are not the intended recipient you must not
reproduce or distribute any part of the email, disclose its contents,
or take any action in reliance. If you have received this email in
error, please contact the sender and delete the message. It is your
responsibility to scan this email and any attachments for viruses and
other defects. To the extent permitted by law, Zurich and its
associates will not be liable for any loss or damage arising in any
way from this communication including any file attachments. We may
monitor email you send to us, either as a reply to this email or any
email you send to us, to confirm our systems are protected and for
compliance with company policies. Although we take reasonable
precautions to protect the confidentiality of our email systems, we
do not warrant the confidentiality or security of email or
attachments we receive.
Re: Camel CXF & WS-Security
Posted by Charles Moulliard <cm...@gmail.com>.
Hi Mark,
I have created one year an example in camel project available here :
https://github.com/gnodet/camel/tree/trunk/examples/camel-example-reportincident-ws-security-osgi
Regards,
Charles Moulliard
Apache Committer
Blog : http://cmoulliard.blogspot.com
Twitter : http://twitter.com/cmoulliard
Linkedin : http://www.linkedin.com/in/charlesmoulliard
Skype: cmoulliard
On Fri, Jun 10, 2011 at 6:22 AM, Mark Borner <ma...@zurich.com.au>wrote:
>
> Does anyone have any examples of how to configure a Camel CXF endpoint to
> use WS-Security? I need to secure an outbound and inbound SOAP message.
>
> Thanks,
> Mark
>
> Mark Borner
> Java Developer - ZStream Xpress
>
>
>
>
> ----
> This email is intended for the named recipient only. It may contain
> information which is confidential, commercially sensitive, or
> copyright. If you are not the intended recipient you must not
> reproduce or distribute any part of the email, disclose its contents,
> or take any action in reliance. If you have received this email in
> error, please contact the sender and delete the message. It is your
> responsibility to scan this email and any attachments for viruses and
> other defects. To the extent permitted by law, Zurich and its
> associates will not be liable for any loss or damage arising in any
> way from this communication including any file attachments. We may
> monitor email you send to us, either as a reply to this email or any
> email you send to us, to confirm our systems are protected and for
> compliance with company policies. Although we take reasonable
> precautions to protect the confidentiality of our email systems, we
> do not warrant the confidentiality or security of email or
> attachments we receive.
>
>