You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by XiLai Dai <xl...@talend.com> on 2012/01/04 03:37:28 UTC
RE: How to get both WS-Addresssing and UsernameToken Security take
effect?
Thanks Glen!
It's my fault :(, I forgot to enable WS-Addressing feature on the <jaxws:client> side. Now it works with both WS-Addressing and Security soap header.
Thanks.
Xilai
-----Original Message-----
From: Glen Mazza [mailto:gmazza@talend.com]
Sent: Saturday, December 31, 2011 11:18 AM
To: users@cxf.apache.org
Subject: Re: How to get both WS-Addresssing and UsernameToken Security take effect?
Can you try putting the ws:addressing requirement within the WSDL Policy
(instead of within CXF config), as shown here:
http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile#UTCXF4 ,
except with a wsp:Optional of "false"?
HTH,
Glen
On 12/30/2011 09:59 PM, XiLai Dai wrote:
> Hi,
>
> We have a service endpoint spring configuration like this:
> <jaxws:endpoint id="testService"
> implementor= ...>
> <jaxws:features>
> <wsa:addressing xmlns:wsa="http://cxf.apache.org/ws/addressing"/>
> <p:policies>
> <wsp:Policy>
> <wsp:ExactlyOne>
> <wsp:All>
> <wsp:PolicyReference URI="token.policy"/>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> </p:policies>
> </jaxws:endpoint>
>
> The token.policy as this:
> <wsp:Policy wsu:Id="UsernameToken" xmlns:wsu=
> "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:wsp="http://www.w3.org/ns/ws-policy"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SupportingTokens>
> <wsp:Policy>
> <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/>
> </wsp:Policy>
> </sp:SupportingTokens>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
> We just want to enable both WS-Addressing feature and UsernameToken security policy. But from the Message content we have intercepted, seems no Addressing headers found in the soap message.
>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> <soap:Header>
> <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-3">
> <wsse:Username>testuser</wsse:Username>
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testpwd</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
> <soap:Body>
> <isdx:echo xmlns:isdx="http://services.sopware.org/demo/Whiteboard"><value>hi!</value></isdx:echo>
> </soap:Body>
> </soap:Envelope>
>
> Have I missed something? How to get both WS-Addressing and Security take effect?
> (the CXF version used is 2.5.0)
>
> Thanks!
> Xilai
--
Glen Mazza
Talend Community Coders
http://coders.talend.com
blog: http://www.jroller.com/gmazza