使用Apache CXF签名和加密SOAP消息 [英] Sign and Encrypt SOAP Messages with Apache CXF

问题描述

我正在尝试使用Apache CXF编写安全Hello WorldWeb服务;我应该注意到，我对Java和WS- *的东西都不熟悉。

I'm trying to write a "Secure Hello World" web service using Apache CXF also; I should note that I'm kind of new to Java and WS-* stuff.

基本上，我想做的是一个带有soap消息的hello-world web服务往返于此网络服务使用x.509证书进行签名和加密。

Basically, what I want to do is a hello-world web service with soap messages to and from this web service signed and encrypted using x.509 certificate(s).

我已阅读 Apache CXF网站上关于WS-Security的教程但是;我想使用WS-SecurityPolicy而不是拦截器。

I have already read the tutorial on Apache CXF site about WS-Security but; I want to use WS-SecurityPolicy instead of Interceptors.

有人能指出我正确的方向吗？

Can anyone point me in the right direction?

推荐答案

这是一个博客，详细介绍了如何使用Apache CXF：将X.509安全标头添加到Apache CXF SOAP调用（WS-SecurityPolicy方法）

Here's a blog with details on using Apache CXF: Adding X.509 security headers to Apache CXF SOAP calls (WS-SecurityPolicy method)

还有一个教程，其源代码已配置为使用WS-SecurityPolicy方法。

There's also a tutorial with source code configured for using the WS-SecurityPolicy Method.

编辑：修复了断开的链接，添加了教程链接。

fixed broken link, added link to tutorial.

现在可以很好地概述 CXF网站，它引用了上面的链接。

There is now a good overview of the various settings for WS-SecurityPolicy on the CXF site, and it references the link above.

简而言之（如果链接再次被吹走），WS-Security策略配置类似于CXF wiki上描述的 CXF拦截器方法，但对于cxf.xml和cxf-servlet.xml中的一些更改：

In a nutshell (in case the links are blown away again), the WS-SecurityPolicy is configured similar to the CXF interceptor method described on the CXF wiki except for a few changes in the cxf.xml and the cxf-servlet.xml:

cxf.xml

   <jaxws:client name="{http://myport" createdFromAPI="true">
            <!-- You will need to add the corresponding values to a properties file -->
            <jaxws:properties>
                <entry key="ws-security.callback-handler" value="client.ClientKeystorePasswordCallback"/>        
                <entry key="ws-security.encryption.properties" value=keystore.properties"/>
                <entry key="ws-security.signature.properties" value="keystore.properties"/>
                <entry key="ws-security.encryption.username" value="myservicekey"/>
            </jaxws:properties>

cxf-servlet.xml

cxf-servlet.xml

  <jaxws:properties>
            <entry key="ws-security.callback-handler">
                <ref bean="myPasswordCallback"/>
            </entry>
            <entry key="ws-security.encryption.properties" value="serviceKeystore.properties"/>
            <entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
            <entry key="ws-security.encryption.username" value="useReqSigCert"/>
        </jaxws:properties> 

这篇关于使用Apache CXF签名和加密SOAP消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！