[Users] How to add security headers

Pierre-Yves Gibello [via Petals ESB] ml-node+2947087-255729156-385891 at n3.nabble.com
Mon May 16 11:21:28 CEST 2011 


Well, I suppose the 1st thing you need is to activate WS-Security on the
"provide" side (between Petals and the external WS).
Doing so requires some configuration in the jbi.xml, for example as follows
:

<soap:service-parameters>
  
</soap:service-parameters>

On the "Consumes" side, if you need to enable WS-Security as well, you can
do it as follows (add this in the "jbi:consumes" element of jbi.xml, to
enable WSS in UsernameToken mode):

<soap:modules>rampart</soap:modules>
<soap:service-parameters>
  
</soap:service-parameters>

Then you have to provide the CallbackHandler specified above (both in
provides and consumes modes).
I provide an example below, assuming the user name can be "bob" or "alice",
and the password is "petals".
You will have to compile it, put it in a jar file, and copy the jar file in
the src/main/jbi directory of your SU.

// java code starts here
package test;

import org.apache.ws.security.WSPasswordCallback;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.IOException;

public class PasswordHandler implements CallbackHandler {
  public void handle(Callback[] callbacks) throws IOException,
  UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
      WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
      String id = pwcb.getIdentifer();
      System.out.println("PasswordHandler::handle id=" + id);
      if("bob".equals(id) || "alice".equals(id)) {
        pwcb.setPassword("petals");
      }
    }
  }
}
// java code ends here

Hope this helps... WSS interop is not such a simple topic, and may require
some integration work. Using tools like soapUI (it can generate WSS headers
to test) and tcpmon (to have a look at your soap headers) can be very
helpful, and save a lot of time.


_______________________________________________
If you reply to this email, your message will be added to the discussion below:
http://forum.petalslink.com/How-to-add-security-headers-tp2931027p2947087.html
To start a new topic under Users (get help, provide help), email ml-node+2681628-1333396262-385891 at n3.nabble.com
To unsubscribe from Users (get help, provide help), visit http://forum.petalslink.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2681628&code=dXNlcnNAZm9ydW0ucGV0YWxzbGluay5vcmd8MjY4MTYyOHwtOTE3MDU0NjU4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://forum-list.petalslink.org/pipermail/users/attachments/20110516/f1fdf5e8/attachment.htm>

More information about the Users mailing list