Versions Compared

Old Version 5

changes.mady.by.user Daniel Kulp

Saved on

compared with

New Version 6

changes.mady.by.user Glen Mazza

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Adding comment at the bottom of WS-SecurityPolicy page to better location here.

...

Code Block
xml
xml
<jaxws:client name="{http://InteropBaseAddress/interop}XDC-SEES_IPingService" createdFromAPI="true">
    <jaxws:properties>
        <!-- properties for the external policy -->
        <entry key="ws-security.username" value="abcd"/>

        <!-- properties for the SecureConversationToken bootstrap policy -->
        <entry key="ws-security.username.sct" value="efgh"/>
        <entry key="ws-security.callback-handler.sct" value="interop.client.KeystorePasswordCallback"/>
        <entry key="ws-security.encryption.properties.sct" value="etc/bob.properties"/> 
    </jaxws:properties>
</jaxws:client>

Via the Java API, use code similar to the following:

Code Block

org.apache.cxf.endpoint.Client client;
client.getRequestContext().put("ws-security.username.sct", username);
client.getRequestContext().put("ws-security.password.sct", password);

Note: In most common cases of WS-SecureConversation, you won't need any configuration for the service policy. All of the "hard" stuff is used for the bootstrap policy and the service provides new keys for use by the service policy. This keeps the communication with the service itself as simple and efficient as possible.