How to set WS-SecurityPolicy in an inbound CXF service in Mule?

Posted by Brakara on Stack Overflow See other posts from Stack Overflow or by Brakara
Published on 2010-05-27T09:08:08Z Indexed on 2010/05/27 9:11 UTC
Read the original article Hit count: 290

Filed under:

cxf

|

ws-security

|

mule

When configuring the service for handling UsernameToken and signatures, it's setup like this:

<service name="serviceName">
  <inbound>
    <cxf:inbound-endpoint address="someUrl" protocolConnector="httpsConnector" >
      <cxf:inInterceptors>
        <spring:bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
        <spring:bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
        <spring:constructor-arg>
          <spring:map>
            <spring:entry key="action" value="UsernameToken Timestamp Signature" />
            <spring:entry key="passwordCallbackRef" value-ref="serverCallback" />
            <spring:entry key="signaturePropFile" value="wssecurity.properties" />
          </spring:map>
        </spring:constructor-arg>
        </spring:bean>
      </cxf:inInterceptors>
    </cxf:inbound-endpoint>
  </inbound>
</service>

But how is it possible to create a policy of what algorithms that are allowed, and what parts of the message that should be signed?

© Stack Overflow or respective owner

Related posts about cxf

In apache cxf, How do i know the soap request message is gzip compressed?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using Apache CXF to send soap message. in specific case, i have to send a soap message gzip compressed. Using log4j, i printed detailed info. would you let me know how i can know the message is gzip compressed and transfered to server. thanks in advance. Below is my java code for gzip and… >>> More
Problem in Apache CXF (Simple Frontend): 'Already connected'

as seen on Stack Overflow - Search for 'Stack Overflow'
I am using apache CXF for the first time. I am trying to establish a connection based on the CXF simple front end (Configuration notes) technology. I can't really see what I've done wrong, but I am getting a weird error (see below). I have also posted this question to [email protected], but I haven't… >>> More
java.lang.NoSuchMethodError: org.w3c.dom.Document.setDocumentURI

as seen on Stack Overflow - Search for 'Stack Overflow'
I am getting a NoSuchMethodError error for org.w3c.dom.Document.setDocumentURI. This is strange, as I have rt.jar in the JAVA_HOME path. I am creating a web service using CXF, and the error seem to be coming out of CXF: java.lang.NoSuchMethodError: org.w3c.dom.Document.setDocumentURI(Ljava/lang/String;)V … >>> More
org.apache.cxf.interceptor.Fault: Unmarshalling Error: Duplicate default namespace declaration.

as seen on Stack Overflow - Search for 'Stack Overflow'
Not sure why I am receiving this after the webservice ran and I am trying to return back to my client side bean. The webservice works perfectly outside of my webserver in SoapUI. org.apache.cxf.interceptor.Fault: Unmarshalling Error: Duplicate default namespace declaration. at [row,col {unknown-source}]:… >>> More
how can i overriding the inbound message validation with cxf?

as seen on Stack Overflow - Search for 'Stack Overflow'
when i input a non-numeric content to a Integer types of field, i have got a fault mesasge 'Not a number: 0.012A'. How to do ability to in prior to the Unmarshal for schema validation and output custom error messages? I used cxf 2.6.1 and also configuration with <entry key="schema-validation-enabled"… >>> More

Related posts about ws-security

Websphere federated repository for Active Directory

as seen on Server Fault - Search for 'Server Fault'
Hi, What I am trying to achieve is to have Websphere 6.1 use Active Directory users authentication. Websphere is running on Windows 2008 R2. What I've done already: Succesfully setup a federated repository for Windows Active Directory (LDAP); Create a realm definition for the federated repository… >>> More
WS-Security on iphone, is it possible?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I'm new here and I'm facing a problem. I need to know if it is possible to implement the WS-Security protocol with X.509 certificates on a native iPhone application. I haven't found much information on the web, except this information from Apple about security services. I just want to ask… >>> More
How do I use WS-Security with WCF?

as seen on Stack Overflow - Search for 'Stack Overflow'
Below is the style of header I need to create. I am expected to use either a public/private key or a SSL style certificate. I don't know for certain, but I think my counter-party is using some form of Java. <soap-env:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> … >>> More
WCF WS-Security and WSE Nonce Authentication

as seen on West-Wind - Search for 'West-Wind'
WCF makes it fairly easy to access WS-* Web Services, except when you run into a service format that it doesn't support. Even then WCF provides a huge amount of flexibility to make the service clients work, however finding the proper interfaces to make that happen is not easy to discover and for the… >>> More
wss4j: - Cannot find key for alias: monit

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi I'm using axis1.4 and wss4j. When I define in client-config.wsdd for WSDoAllSender and WSDoAllReceiver different signaturePropFiles where I have different key stores defined with different certificates, I'm able to have different certificates for sending and receiving. But when I use the same signaturePropFiles'… >>> More