Permalink
Browse files

Adding CXF WSS X509 token sign example

  • Loading branch information...
1 parent 82a07ed commit 4734c93fa1521a9e7abf44d7693cbf1b7b5aa904 @kylape committed Nov 27, 2012
No changes.
Binary file not shown.
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=password
+org.apache.ws.security.crypto.merlin.keystore.alias=alice
+org.apache.ws.security.crypto.merlin.file=META-INF/alice.jks
Binary file not shown.
@@ -0,0 +1,5 @@
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=password
+org.apache.ws.security.crypto.merlin.keystore.alias=bob
+org.apache.ws.security.crypto.merlin.file=META-INF/bob.jks
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 4.2//EN" "http://www.jboss.org/j2ee/dtd/jboss_4_2.dtd">
+
+<jboss>
+ <security-domain>java:/jaas/JBossWS</security-domain>
+</jboss>
@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation="http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
+ <bean id="Sign_Request" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Timestamp Signature"/>
+ <entry key="signaturePropFile" value="META-INF/bob.properties"/>
+ <entry key="passwordCallbackClass" value="com.redhat.gss.wsse.KeystorePasswordCallback"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ <bean id="Sign_Response" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
+ <constructor-arg>
+ <map>
+ <entry key="action" value="Timestamp Signature"/>
+ <entry key="user" value="bob"/>
+ <entry key="signaturePropFile" value="META-INF/bob.properties"/>
+ <entry key="signatureKeyIdentifier" value="DirectReference"/>
+ <entry key="passwordCallbackClass" value="com.redhat.gss.wsse.KeystorePasswordCallback"/>
+ <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
+ </map>
+ </constructor-arg>
+ </bean>
+ <jaxws:endpoint id="ServiceImpl" address="http://@jboss.bind.address@:8080/cxfWssX509EjbEap5/ServiceImpl" implementor="com.redhat.gss.wsse.ServiceImpl">
+ <jaxws:outInterceptors>
+ <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
+ <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
+ <ref bean="Sign_Response"/>
+ </jaxws:outInterceptors>
+ <jaxws:inInterceptors>
+ <ref bean="Sign_Request"/>
+ <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
+ <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
+ </jaxws:inInterceptors>
+ </jaxws:endpoint>
+</beans>
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<definitions targetNamespace="http://www.jboss.org/jbossws/ws-extensions/wssecurity" name="SecurityService"
+ xmlns:tns="http://www.jboss.org/jbossws/ws-extensions/wssecurity"
+ xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+ xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
+ xmlns="http://schemas.xmlsoap.org/wsdl/">
+ <types>
+ <xsd:schema>
+ <xsd:import namespace="http://www.jboss.org/jbossws/ws-extensions/wssecurity" schemaLocation="SecurityService_schema1.xsd"/>
+ </xsd:schema>
+ </types>
+ <message name="sayHello">
+ <part name="parameters" element="tns:sayHello"/>
+ </message>
+ <message name="sayHelloResponse">
+ <part name="parameters" element="tns:sayHelloResponse"/>
+ </message>
+ <portType name="ServiceIface">
+ <operation name="sayHello">
+ <input message="tns:sayHello"/>
+ <output message="tns:sayHelloResponse"/>
+ </operation>
+ </portType>
+ <binding name="SecurityServicePortBinding" type="tns:ServiceIface">
+ <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+ <operation name="sayHello">
+ <soap:operation soapAction=""/>
+ <input>
+ <soap:body use="literal"/>
+ </input>
+ <output>
+ <soap:body use="literal"/>
+ </output>
+ </operation>
+ </binding>
+ <service name="SecurityService">
+ <port name="SecurityServicePort" binding="tns:SecurityServicePortBinding">
+ <soap:address location="http://@jboss.bind.address@:8080/jaxws-samples-wsse-sign"/>
+ </port>
+ </service>
+</definitions>
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<xs:schema version="1.0" targetNamespace="http://www.jboss.org/jbossws/ws-extensions/wssecurity" xmlns:tns="http://www.jboss.org/jbossws/ws-extensions/wssecurity" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+ <xs:element name="sayHello" type="tns:sayHello"/>
+
+ <xs:element name="sayHelloResponse" type="tns:sayHelloResponse"/>
+
+ <xs:complexType name="sayHello">
+ <xs:sequence/>
+ </xs:complexType>
+
+ <xs:complexType name="sayHelloResponse">
+ <xs:sequence>
+ <xs:element name="return" type="xs:string" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
+
@@ -0,0 +1,3 @@
+###X509 WS-Security Example for CXF in EAP 5
+
+This is an example of how to set up WS-Security X509 profile. The client signs the message using alice's private key (via the WSS4J action `Timestamp Signature`), and the endpoint verifies the signature. The endpoint also signs the response using bob's key, and the client verifies. `ant deploy` to build and deploy and `ant test` to run the test client.
@@ -0,0 +1,2 @@
+test-client=com.redhat.gss.wsse.SignTest
+auth-conf=${basedir}/auth.conf
Oops, something went wrong.

0 comments on commit 4734c93

Please sign in to comment.