[Users] How to add security headers
Pierre-Yves Gibello [via Petals ESB]
ml-node+2947087-255729156-385891 at n3.nabble.com
Mon May 16 11:21:28 CEST 2011
Well, I suppose the 1st thing you need is to activate WS-Security on the
"provide" side (between Petals and the external WS).
Doing so requires some configuration in the jbi.xml, for example as follows
:
<soap:service-parameters>
</soap:service-parameters>
On the "Consumes" side, if you need to enable WS-Security as well, you can
do it as follows (add this in the "jbi:consumes" element of jbi.xml, to
enable WSS in UsernameToken mode):
<soap:modules>rampart</soap:modules>
<soap:service-parameters>
</soap:service-parameters>
Then you have to provide the CallbackHandler specified above (both in
provides and consumes modes).
I provide an example below, assuming the user name can be "bob" or "alice",
and the password is "petals".
You will have to compile it, put it in a jar file, and copy the jar file in
the src/main/jbi directory of your SU.
// java code starts here
package test;
import org.apache.ws.security.WSPasswordCallback;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.IOException;
public class PasswordHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
String id = pwcb.getIdentifer();
System.out.println("PasswordHandler::handle id=" + id);
if("bob".equals(id) || "alice".equals(id)) {
pwcb.setPassword("petals");
}
}
}
}
// java code ends here
Hope this helps... WSS interop is not such a simple topic, and may require
some integration work. Using tools like soapUI (it can generate WSS headers
to test) and tcpmon (to have a look at your soap headers) can be very
helpful, and save a lot of time.
_______________________________________________
If you reply to this email, your message will be added to the discussion below:
http://forum.petalslink.com/How-to-add-security-headers-tp2931027p2947087.html
To start a new topic under Users (get help, provide help), email ml-node+2681628-1333396262-385891 at n3.nabble.com
To unsubscribe from Users (get help, provide help), visit http://forum.petalslink.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2681628&code=dXNlcnNAZm9ydW0ucGV0YWxzbGluay5vcmd8MjY4MTYyOHwtOTE3MDU0NjU4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://forum-list.petalslink.org/pipermail/users/attachments/20110516/f1fdf5e8/attachment.htm>
More information about the Users
mailing list