Hi Everyone,

I have a requirement where I need to implement WS Security for a Spring WS implementation. In our application we have multiple webservices deployed on Weblogic 10.3. All of them are JAX-WS based except one. Which is Spring WS. For all the rest of the webservices I am able to add the below lines of annotations and secure them.

import weblogic.jws.Policy;
import weblogic.jws.security.RolesAllowed;
import weblogic.jws.security.SecurityRole;

@Policy(uri = "policy:My_Policy.xml", direction = Policy.Direction.inbound, attachToWsdl = true)
@RolesAllowed({@SecurityRole (role="MyRole")})

For the Spring WS there is no endpoint. All we have is an inbound gateway and their mappings to org.springframework.integration.ws.SimpleWebServic eInboundGateway

<beans:bean id="endpointMapping"
class="org.springframework.ws.server.endpoint.mapp ing.PayloadRootQNameEndpointMapping">

All Spring-WS security examples post to a simple user id password available in the same config xml. I need it to go against the User-Role defined on the weblogic security realm. Any pointers for this will help a lot. I have searched and searched around. No one seems to have implemented this.

Some of my thought directions were ..
Is there a way I can make the Spring WS behave like JAX-WS service?
Can I write a interceptor and use the MessageHeader to call another normal JAX-WS webservice for authentication?
Any out of the box integration possible with Weblogic?