jeudi 23 octobre 2014

webservice encryption not working (jbossws-cxf)


Vote count:

0




i am trying to get WS-Security encryption working on Wildfly. I read this doc: http://ift.tt/1oxvrkX.


I want my soap messages to travel encrypted from client to server and vice-versa.


I followed the steps for server and client but the message are not encrypted and the server do not complaint about de unencrypted message that it receives.


The unique difference with the doc example is that we do not use WSDL contract enforcing(Our wsdl does not include information about encryption).


Webservice server and client both works like the encryption is not configured.


1) Webservice Implementation


@WebService(serviceName = "IMDService",



portName="IMDServicePort",

targetNamespace="http://ws.prueba.com")


@SOAPBinding(style = SOAPBinding.Style.RPC)


@Remote(IMDService.class)


@Stateless


@EndpointConfig(configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint")


public class IMDServiceImpl implements IMDService {


...


}


2) The file jaxws-endpoint-config.xml:


xmlns:javaee="http://ift.tt/nSRXKP" xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">



<config-name>Custom WS-Security Endpoint</config-name>

<property>

<property-name>ws-security.signature.properties</property-name>

<property-value>bob.properties</property-value>

</property>

<property>

<property-name>ws-security.encryption.properties</property-name>

<property-value>bob.properties</property-value>

</property>

<property>

<property-name>ws-security.signature.username</property-name>

<property-value>bob</property-value>

</property>

<property>

<property-name>ws-security.encryption.username</property-name>

<property-value>alice</property-value>

</property>

<property>

<property-name>ws-security.callback-handler</property-name>

<property-value>ar.com.condortech.business.KeystorePasswordCallback</property-value>

</property>


3) Here we have bob.properties and alice.properties files content:


alice.properties


================


org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin


org.apache.ws.security.crypto.merlin.keystore.type=jks


org.apache.ws.security.crypto.merlin.keystore.password=password


org.apache.ws.security.crypto.merlin.keystore.alias=alice


org.apache.ws.security.crypto.merlin.keystore.file=alice.jks


bob.properties


==============


org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin


org.apache.ws.security.crypto.merlin.keystore.type=jks


org.apache.ws.security.crypto.merlin.keystore.password=password


org.apache.ws.security.crypto.merlin.keystore.alias=bob


org.apache.ws.security.crypto.merlin.keystore.file=bob.jks


We have generated both keytores correctly.


4) In the client side i put properties into Service interface:


IMDService imdService = this.getService(); //We call to own method for obtain the service...


((BindingProvider)imdService).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new KeystorePasswordCallback());


((BindingProvider)imdService).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,



Thread.currentThread().getContextClassLoader().getResource("alice.properties"));


((BindingProvider)imdService).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,



Thread.currentThread().getContextClassLoader().getResource("alice.properties"));


((BindingProvider)imdService).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME, "alice");


((BindingProvider)imdService).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "bob");


5) I managed dependencies with maven and all are in the provided scope in order to not be indcluded in the final war:




  • org.jboss.ws.native (jbossws-native-core) - 4.2.0.Final




  • org.apache.ws.security (wss4j) - 1.6.17




  • org.apache.cxf (cxf-rt-ws-security, cxf-rt-frontend-jaxws, cxf-rt-transports-http, cxf-rt-transports-http-jetty) - 2.2.3




6) MANIFEST file content is:


Manifest-Version: 1.0


Built-By: laispuru


Build-Jdk: 1.8.0_05


Created-By: Maven Integration for Eclipse


Dependencies: org.apache.ws.security



asked 2 mins ago







webservice encryption not working (jbossws-cxf)

Aucun commentaire:

Enregistrer un commentaire