I'm using only jaxws-maven-plugin (no Spring or any other library) to generate my webservice client classes from a WSDL which works fine except I need to use WS-Security to encrypt a specific sub-element of my request.
Could you please point me to any documentation or give me a hint how to configure it? Is there a configuration file where do I set the following? Or do I need to use another library like Apache CXF?
WS-A Version: 200508
Key Identifier Type: Binary Security Token
Symmetric Encoding Algorithm: AES256-CBC
Key Encryption Algorithm: RSA-OAEP-MGF1P
Algorithm Suite: Basic256Sha256
Encypted elements XPath: //xxx/yyy
Thanks!
What I found out: (note I still don't understand what's going on)
and configure access to it:
XxxService service = new XxxService();
BindingProvider bp = (BindingProvider) service.getXxxPort();
final Map<String, Object> rqc = bp.getRequestContext();
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.file", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", ...);
rqc.put("security.signature.properties", p);
rqc.put("security.encryption.properties", p);
WSDL Example
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions ... >
...
<wsdl:binding name="..." type="...">
<wsaw:UsingAddressing wsdl:required="false" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" />
<wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
<!-- added to wsdl for encryption -->
<wsp:PolicyReference URI="#general_policy" />
<wsdl:operation name="xxx">
<wsdlsoap:operation soapAction="" />
<wsdl:input name="...">
<!-- added to wsdl for encryption -->
<wsp:PolicyReference URI="#xxx_policy" />
<wsdlsoap:body use="literal" />
</wsdl:input>
<wsdl:output ... >
</wsdl:operation>
</wsdl:binding>
<!-- added to wsdl for encryption -->
<wsp:Policy wsu:Id="general_policy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsp:ExactlyOne>
<wsp:Policy>
<wsp:All>
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:AsymmetricBinding>
</wsp:All>
</wsp:Policy>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="xxx_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:ContentEncryptedElements
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:XPath>/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Body']/*[namespace-uri()='xxx' and local-name()='xxxRequest']/yyy</sp:XPath>
</sp:ContentEncryptedElements>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>