Results 1 to 2 of 2

Thread: Spring-ws Client for .NET Server with WS-Security

  1. Jul 16th, 2008, 09:48 AM #1
    ilana
    ilana is offline Junior Member
    Join Date
    Jul 2008
    Posts
    3

    Default Spring-ws Client for .NET Server with WS-Security

    Hello,

    I am having some problems translating a security token for a WS-Security service into the required context file for a wss4j or xwss securityInterceptor. Here is the token (with alphanumeric codes changed to the name of a tasty steak sauce to protect the innocent--and "http" replaced with [http removed to prevent posting URL error] ):

    <microsoft.web.services3>
    <security>
    <binarySecurityTokenManager>
    <add valueType="[http removed to prevent posting URL error]://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
    <keyAlgorithm name="RSA15"/>
    </add>
    </binarySecurityTokenManager>
    <securityTokenManager>
    <add localName="UsernameToken" type="Microsoft.Web.Services3.Security.Tokens.User nameTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=a1a1a1a1a1a1a1a1" namespace="[http removed to prevent posting URL error]://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <keyAlgorithm name="AES128"/>
    </add>
    </securityTokenManager>
    </security>
    </microsoft.web.services3>

    If somebody could please provide me with the correct xml for a context file or the correct way to set the properties in the Java code, it would be greatly appreciated. I have not yet reached a decision on xwss vs wss4j, so either would work. At this point, I'm just trying to send a very simple HelloWorld request and get back a valid response.

    Thanks in advance for any help.
    Reply With Quote Reply With Quote
  2. Jul 16th, 2008, 04:46 PM #2
    ilana
    ilana is offline Junior Member
    Join Date
    Jul 2008
    Posts
    3

    Default Re: Spring-ws Client for .NET Server with WS-Security

    After getting the username and password from our info-withholding customer, the configuration is as follows:

    <bean id="webServiceClient" class="com.etc.WebServiceClient">
    <property name="interceptors" ref="securityInterceptor"/>
    </bean>

    <bean id="securityInterceptor" class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
    <property name="securementActions" value="UsernameToken"/>
    <property name="securementUsername" value="yourUsername"/>
    <property name="securementPassword" value="yourPassword"/>
    <property name="securementPasswordType" value="PasswordText"/>
    <property name="securementUsernameTokenElements" value="Nonce Created"/>
    <property name="securementMustUnderstand" value="true"/>
    </bean>

    Hopefully this can help someone else
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules