Apr 10th, 2007, 10:53 AM
Spring-WS SSL and certificate
We are needing to secure our intra-company Spring-WS web service.
The desire here is to create a certificate and use SSL Then, the client application, with this certificate, make SOAP calls that is use/pass this certificate.
Then, somehow, configure our Spring-WS web service to vaildate this certificate.
I looked at Chapter 4. "Securing your Web services with Spring-WS"
but it is clear as mud for me(security-ignorant).
Do I need to wire a security interceptor such as....
Apr 10th, 2007, 04:37 PM
You don't need to use the WsSecurityInterceptor if you want to do SSL. The WsSecurityInterceptor is for doing WS-Security (i.e. message-level security, while SSL is transport-level security).
Instead, configure SSL in your app server, and also on the client-side (using the Commons HTTP client, for instance).
Feb 13th, 2013, 04:18 PM
Can there be both kinds of security implemented for one application (message level and transport level).
I am implementing a server side application ,can i implement both like configuring the application server for transport level and interceptor for digital signature.