You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by Temeshwarrior <rc...@AOL.com> on 2008/10/31 17:30:18 UTC

Creating a gSOAP Client for an Apache CXF Service

Hi Com,

I’m currently working on a gSOAP client for an apache CXF service, who
authenticates itself by using RSA-Keys.

But I have no idea how to configure the security header of my client, which
is needed by the service

The java code looks similar to this:

Map<String,Object> inProps= new HashMap<String,Object>();
inProps.put(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
inProps.put(WSHandlerConstants.SIG_PROP_FILE,
"wss-server-public.properties");
// only wss-client has private key and can read incoming messages
inProps.put(WSHandlerConstants.DEC_PROP_FILE, "wss-client.properties");
inProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientCallbackHandler.class.getName());

Map<String,Object> inProps= new HashMap<String,Object>();
outProps.put(WSHandlerConstants.ACTION, "Timestamp Signature Encrypt");
// only wss-client has private key and can sign outgoing messages
outProps.put(WSHandlerConstants.USER, "wss-client");
outProps.put(WSHandlerConstants.SIG_PROP_FILE, "wss-client.properties");
outProps.put(WSHandlerConstants.ENC_PROP_FILE,
"wss-server-public.properties");
outProps.put(WSHandlerConstants.ENCRYPTION_USER, "wss-server");
outProps.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientCallbackHandler.class.getName());
outProps.put(WSHandlerConstants.SIGNATURE_PARTS,
"{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body");
outProps.put(WSHandlerConstants.ENCRYPTION_PARTS,
"{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
outProps.put(WSHandlerConstants.ENC_SYM_ALGO,
"http://www.w3.org/2001/04/xmlenc#tripledes-cbc");

WSS4JInInterceptor wssIn = new WSS4JInInterceptor(InProps);
cxfEndpoint.getInInterceptors().add(wssIn);
cxfEndpoint.getInInterceptors().add(new SAAJInInterceptor());

WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(OutProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
xfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor());


I already included the wsse Plug-in in my project, but I have no idea how to
configure it like my service

Additionally, the service uses a jks file to get private and public key

Could somebody help me or is there any better framework to create
C(++)-clients?

I’m looking forward for your ideas

Temesh 
-- 
View this message in context: http://www.nabble.com/Creating-a-gSOAP-Client-for-an-Apache-CXF-Service-tp20269384p20269384.html
Sent from the WSS4J mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org