Versions Compared

Old Version 2

changes.mady.by.user Ying Tang

Saved on

compared with

New Version Current

changes.mady.by.user Ying Tang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Geronimo allows the CXF/Jetty client to sendor receive the signed or encrypted SOAP messages. You can enable this feature inside <port> in the geronimo-web.xml at client side. For example, The following code snippet is an example for both signing and encrypting, add the following lines to <port>:

Code Block
<port>
<port-name>DoubleItPort</port-name>
<protocol>http</protocol>
<host>localhost</host>
<port>8080</port>
<uri>/doubleit/services/doubleit</uri>
...
<port>

...

Configuring Username token

Geronimo CXF/Jetty provides support of for UsernameToken Profile at server side. For example, to involve UsernameToken profile for the Web service CalculatorService, add the following lines in geronimo-web.xml:

Code Block
<servlet>
<servlet-name>CalculatorService</servlet-name>
<ws-security-binding>
<security-realm-name>geronimo-admin</security-realm-name>
<property name="wss4j.in.action">UsernameToken</property>
</ws-security-binding>
</servlet>

Enabling signed or encrypted SOAP messages

Similarly, you can enable the service side to sendor send or receive the signed or encrypted SOAP messages by configuring the <port> section in geronimo-web.xml. The following example passes security properties:

Code Block
<port>
<port-name>DoubleItPort</port-name>
<protocol>http</protocol>
<host>localhost</host>
<port>8080</port>
<uri>/doubleit/services/doubleit</uri>
..
<port><<servlet>
<servlet-name>DoubleItServiceImpl</servlet-name>
<ws-security-binding>
<security-realm-name></security-realm-name>
<property name="wss4j.in.action">Signature Encrypt Timestamp</property>
<property name="wss4j.in.user">myservicekey</property>
<property name="wss4j.in.keyPassword">skpass</property>
<property name="wss4j.in.signaturePropFile">serviceKeystore.properties</property>
<property name="wss4j.in.decryptionPropFile">serviceKeystore.properties</property>

<property name="wss4j.out.action">Signature Encrypt Timestamp</property>
<property name="wss4j.out.user">myservicekey</property>
<property name="wss4j.out.signaturePropFile">serviceKeystore.properties</property>
<property name="wss4j.out.encryptionPropFile">serviceKeystore.properties</property>
<property name="wss4j.out.encryptionUser">myclientkey</property>
<property name="wss4j.out.signatureKeyIdentifier">DirectReference</property>
<property name="wss4j.out.keyPassword">skpass</property>
<property name="wss4j.out.encryptionSymAlgorithm">http://www.w3.org/2001/04/xmlenc#tripledes-cbc</property>
</ws-security-binding>
</servlet>