You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Ezequiel Puig <es...@gmail.com> on 2015/08/14 18:38:31 UTC
CXF client using WS-Security with multiple connections
Hello,
I am building an application with a cxf client (ws-client) that needs to
use WS-Security in order to authentificate the requests.
I will like to create only one cxf proxy and then set the ws-securty
properties programmatically.
I will like to do it that way because not all the requests need the
WS-Security (in fact the provider replies with an error if the ws-security
is set but not expected). Moreover, the cxf proxy needs to manage multiple
users for the WS-Security, that is, the proxy should be able to manage more
than one username / password (the username / password is know at runtime).
So far, i have only seen examples where
1) The WS-Security password is set using a CallbackHandler which is refered
in the creation of a WSS4JOutInterceptor :
<bean id="wssOut"
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="user" value="myUser"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackRef">
<ref bean="clientPasswordCallback"/>
</entry>
<entry key="useEncodedPasswords" value="true"/>
</map>
</constructor-arg>
</bean>
And usually the password is stored in the CallbackHandler
or 2) When the application needs to use the client, it creates a new proxy
and then it sets an WSS4JOutInterceptor.
Is there any other way to do that ?
Best regards,
Ezequiel.
Re: CXF client using WS-Security with multiple connections
Posted by Colm O hEigeartaigh <co...@apache.org>.
If you were using WS-SecurityPolicy instead, you could specify the username
+ password as JAX-WS properties instead. However, this doesn't really suit
with your use-case where sometimes the requests are not secured. Could you
create two client proxies, one for no security + one that sends a
UsernameToken?
Colm.
On Fri, Aug 14, 2015 at 5:38 PM, Ezequiel Puig <es...@gmail.com> wrote:
> Hello,
>
> I am building an application with a cxf client (ws-client) that needs to
> use WS-Security in order to authentificate the requests.
>
> I will like to create only one cxf proxy and then set the ws-securty
> properties programmatically.
>
> I will like to do it that way because not all the requests need the
> WS-Security (in fact the provider replies with an error if the ws-security
> is set but not expected). Moreover, the cxf proxy needs to manage multiple
> users for the WS-Security, that is, the proxy should be able to manage more
> than one username / password (the username / password is know at runtime).
>
> So far, i have only seen examples where
> 1) The WS-Security password is set using a CallbackHandler which is refered
> in the creation of a WSS4JOutInterceptor :
>
> <bean id="wssOut"
> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="UsernameToken"/>
> <entry key="user" value="myUser"/>
> <entry key="passwordType" value="PasswordDigest"/>
> <entry key="passwordCallbackRef">
> <ref bean="clientPasswordCallback"/>
> </entry>
> <entry key="useEncodedPasswords" value="true"/>
> </map>
> </constructor-arg>
> </bean>
>
> And usually the password is stored in the CallbackHandler
>
> or 2) When the application needs to use the client, it creates a new proxy
> and then it sets an WSS4JOutInterceptor.
>
> Is there any other way to do that ?
>
>
> Best regards,
>
>
> Ezequiel.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com