...
Geronimo allows the CXF/Jetty client to sendor receive the signed or encrypted SOAP messages. You can enable this feature inside <port> in the geronimo-web.xml
at client side. For example, The following code snippet is an example for both signing and encrypting, add the following lines to <port>:
Code Block |
---|
<port> <port-name>DoubleItPort</port-name> <protocol>http</protocol> <host>localhost</host> <port>8080</port> <uri>/doubleit/services/doubleit</uri> ... <port> |
...
Configuring Username token
Geronimo CXF/Jetty provides support of for UsernameToken Profile at server side. For example, to involve UsernameToken profile for the Web service CalculatorService, add the following lines in geronimo-web.xml
:
Code Block |
---|
<servlet> <servlet-name>CalculatorService</servlet-name> <ws-security-binding> <security-realm-name>geronimo-admin</security-realm-name> <property name="wss4j.in.action">UsernameToken</property> </ws-security-binding> </servlet> |
Enabling signed or encrypted SOAP messages
Similarly, you can enable the service side to sendor send or receive the signed or encrypted SOAP messages by configuring the <port> section in geronimo-web.xml
. The following example passes security properties:
Code Block |
---|
<port> <port-name>DoubleItPort</port-name> <protocol>http</protocol> <host>localhost</host> <port>8080</port> <uri>/doubleit/services/doubleit</uri> .. <port><<servlet> <servlet-name>DoubleItServiceImpl</servlet-name> <ws-security-binding> <security-realm-name></security-realm-name> <property name="wss4j.in.action">Signature Encrypt Timestamp</property> <property name="wss4j.in.user">myservicekey</property> <property name="wss4j.in.keyPassword">skpass</property> <property name="wss4j.in.signaturePropFile">serviceKeystore.properties</property> <property name="wss4j.in.decryptionPropFile">serviceKeystore.properties</property> <property name="wss4j.out.action">Signature Encrypt Timestamp</property> <property name="wss4j.out.user">myservicekey</property> <property name="wss4j.out.signaturePropFile">serviceKeystore.properties</property> <property name="wss4j.out.encryptionPropFile">serviceKeystore.properties</property> <property name="wss4j.out.encryptionUser">myclientkey</property> <property name="wss4j.out.signatureKeyIdentifier">DirectReference</property> <property name="wss4j.out.keyPassword">skpass</property> <property name="wss4j.out.encryptionSymAlgorithm">http://www.w3.org/2001/04/xmlenc#tripledes-cbc</property> </ws-security-binding> </servlet> |