Spring and WSS4J Example

**vijay.akula** · Apr 6th, 2008, 11:21 PM

Hi,
I am trying to understand how Spring works with WSS4J. If someone could point me to a step-by-step example that would be great.

Thanks

**vijay.akula** · Apr 7th, 2008, 05:03 PM

it's highly appreciated if someone could provide Client and server examples for the following using Spring-WS with WSS4J

Handle digital certificates
Authentication -> Adding/Validating Username Token
Security Timestamps -> Adding/Validating Security Timestamps
Digital Signatures -> Verifying Signatures/Signing Messages and Signature Confirmation
Encryption and Decryption -> Decryption/Encryption

**vijay.akula** · Apr 7th, 2008, 08:42 PM

Here are the steps for adding/validating the user name tocken.

Server:

Create Wss4jSecurityInterceptor bean as below
<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
<property name="validationCallbackHandler" ref="callbackHandler"/>
<property name="validationActions" value="UsernameToken"/>
</bean>

<bean id="callbackHandler" class="org.springframework.ws.soap.security.wss4j. callback.SimplePasswordValidationCallbackHandler">
<property name="users">
<props>
<prop key="Vijay">Akula</prop>
</props>
</property>
</bean>

Add the above interceptor to PayloadRootQNameEndpointMapping

That's all for the server with the required jars

Cleint application context would look like below:
<bean id="echoClient" class="org.springframework.ws.samples.echo.client. sws.EchoClient">
<property name="defaultUri" value="http://localhost:8080/springwsecho2/services"/>
<property name="request" value="classpath:org/springframework/ws/samples/echo/client/sws/echoRequest.xml"/>
<property name="interceptors">
<list>
<ref local="wsSecurityInterceptor"/>
</list>
</property>
</bean>
<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
<property name="securementActions" value="UsernameToken"/>
<property name="securementUsername" value="Vijay"/>
<property name="securementPassword" value="Akula"/>
</bean>

**vijay.akula** · Apr 7th, 2008, 08:57 PM

Timestamp is pretty simple
Server Application Context:
<bean id="wsTimestampSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
<property name="validationActions" value="Timestamp"/>
<property name="timestampStrict" value="true"/>
<property name="timeToLive" value="10"/>
</bean>

Client Application Context:
<bean id="timeStampSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
<property name="securementActions" value="Timestamp"/>
<property name="timestampPrecisionInMilliseconds" value="true"/>
</bean>

**vijay.akula** · Apr 7th, 2008, 10:13 PM

Cool I got Digital Signatures working

Generated Key using keytool -genkey -alias signFiles -keypass kpi135 -keystore akulastore.jks -storepass ab987c
Server Side Interceptor
<bean id="wsDigCerSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
<property name="validationActions" value="Signature"/>
<property name="validationSignatureCrypto">
<bean class="org.springframework.ws.soap.security.wss4j. support.CryptoFactoryBean">
<property name="keyStorePassword" value="ab987c"/>
<property name="keyStoreLocation" value="classpath:/akulastore.jks"/>
</bean>
</property>
</bean>
Client Side Interceptor
<bean id="wsDigCerSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
<property name="securementActions" value="Signature"/>
<property name="securementUsername" value="signFiles"/>
<property name="securementPassword" value="kpi135"/>
<property name="securementSignatureCrypto">
<bean class="org.springframework.ws.soap.security.wss4j. support.CryptoFactoryBean">
<property name="keyStorePassword" value="ab987c"/>
<property name="keyStoreLocation" value="classpath:/akulastore.jks"/>
</bean>
</property>
</bean>

**jonesy** · Apr 9th, 2008, 05:40 AM

I'm trying to use wss4j with spring-ws, I've followed your steps on the server side but I'm having an error when I ask for WSDL , the error is

2008-04-09 07:34:16,804 ERROR [org.springframework.ws.transport.http.MessageDispa tcherServlet] - Context initialization failed
org.springframework.beans.factory.BeanCreationExce ption: Error creating bean with name 'payloadMapping' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]: Cannot resolve reference to bean 'wsSecurityInterceptor' while setting bean property 'interceptors' with key [2]; nested exception is org.springframework.beans.factory.CannotLoadBeanCl assException: Cannot find class [org.springframework.ws.soap.security.wss4j.Wss4jSe curityInterceptor] for bean with name 'wsSecurityInterceptor' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]; nested exception is java.lang.ClassNotFoundException: org.springframework.ws.soap.security.wss4j.Wss4jSe curityInterceptor
Caused by: org.springframework.beans.factory.CannotLoadBeanCl assException: Cannot find class [org.springframework.ws.soap.security.wss4j.Wss4jSe curityInterceptor] for bean with name 'wsSecurityInterceptor' defined in ServletContext resource [/WEB-INF/spring-ws-servlet.xml]; nested exception is java.lang.ClassNotFoundException: org.springframework.ws.soap.security.wss4j.Wss4jSe curityInterceptor
Caused by: java.lang.ClassNotFoundException: org.springframework.ws.soap.security.wss4j.Wss4jSe curityInterceptor
at org.apache.catalina.loader.WebappClassLoader.loadC lass(WebappClassLoader.java:1363)
at org.apache.catalina.loader.WebappClassLoader.loadC lass(WebappClassLoader.java:1209)

I'm using Eclipse + Tomcat and my build path contains:
spring-oxm-1.0.3.jar
spring-ws-core-1.0.3.jar
spring-ws-security-1.0.3.jar
spring-xml-1.0.3.jar

I need another jar? Any idea how I can fix it?

**fbascheper** · Apr 9th, 2008, 09:45 AM

Well, since wss4j support is available since spring-ws 1.5.0, I don't think you're going to succeed with 1.0.3.

**vijay.akula** · Apr 9th, 2008, 04:02 PM

If you can't upgrade to 1.0.5. You may try using xwss instead. Otherwise I haven't worked with xwss I pressume the appraoch should be same.

**jonesy** · Apr 10th, 2008, 06:38 AM

Thank you for the answers, will upgrade to 1.5.0

**swestenzweig** · Apr 10th, 2008, 02:18 PM

Thanks for the great info.

I am very green on web service security. I followed the steps above for implementing digital signatures using wss4j; however, I am running into a problem:

Code:

[4/10/08 14:52:46:657 EDT] 00000029 SystemErr     R org.springframework.ws.soap.client.SoapFaultClientException: No WS-Security header found
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.soap.client.core.SoapFaultMessageResolver.resolveFault(SoapFaultMessageResolver.java:37)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.client.core.WebServiceTemplate.handleFault(WebServiceTemplate.java:668)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:502)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:440)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:289)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:283)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:275)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.pnc.wire.web.controller.WireFxServiceClient.getFxRate(WireFxServiceClient.java:33)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.pnc.wire.web.controller.WireFxServiceHandler.getFxRate(WireFxServiceHandler.java:25)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.pnc.wire.web.controller.WireController.doAction(WireController.java:107)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.pnc.wire.web.servlet.initiateWire.doPost(initiateWire.java:34)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.pnc.wire.web.servlet.initiateWire.doGet(initiateWire.java:25)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:966)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:478)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:463)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3129)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:238)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1433)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:93)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:465)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:394)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:274)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:152)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:213)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.io.async.AbstractAsyncFuture.fireCompletionActions(AbstractAsyncFuture.java:195)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:194)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:741)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:863)
[4/10/08 14:52:46:751 EDT] 00000029 SystemErr     R 	at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1510)

Aside from implementing the interceptors on both the server and client, is there any implementation required in my code base to use wss4j?

Thread: Spring and WSS4J Example

Thread Tools

Display

Spring and WSS4J Example

Posting Permissions