Spring Ws Digital Certificate Authentication Wss4J

You may also like...

Subscribe
Notify of
guest
8 Comments
Oldest
Newest
Inline Feedbacks
View all comments
João
João
January 30, 2017 13:15

Great article, but I have a problem. The server is able to receive data from the client. //Server @PayloadRoot(namespace = NAMESPACE_URI, localPart = “getBeerRequest”) @ResponsePayload public GetBeerResponse getBeer(@RequestPayload GetBeerRequest request) { GetBeerResponse beerResponse = new GetBeerResponse(); Beer beer = new Beer(); beer.setId(request.getId()); beer.setName(“Duff Beer”); beerResponse.setBeer(beer); System.out.println(“ID: “+request.getId()); return beerResponse; } ID: 2 But the client is not being able to receive data from the server. //Client GetBeerResponse resp = wsclient.getBeer(request); System.out.println(“response: ” + resp); response: [email protected] or GetBeerResponse resp = wsclient.getBeer(request); System.out.println(“response: ” + resp.getBeer()); response: null Both the server and the client are able to receive or send their… Read more »

João
João
January 30, 2017 13:42
Reply to  João

You have to add the Bean securityCallbackHandler in the SoapClientConfig class

@Bean
public KeyStoreCallbackHandler securityCallbackHandler(){
KeyStoreCallbackHandler callbackHandler = new KeyStoreCallbackHandler();
callbackHandler.setPrivateKeyPassword(“changeit”);
return callbackHandler;
}

And modify the Bean securityInterceptor to

@Bean
public Wss4jSecurityInterceptor securityInterceptor() throws Exception {
Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();

// set security actions
securityInterceptor.setSecurementActions(“Timestamp Signature Encrypt”);

// sign the request
securityInterceptor.setSecurementUsername(“client”);
securityInterceptor.setSecurementPassword(“changeit”);
securityInterceptor.setSecurementSignatureCrypto(getCryptoFactoryBean().getObject());

// encrypt the request
securityInterceptor.setSecurementEncryptionUser(“server-public”);
securityInterceptor.setSecurementEncryptionCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setSecurementEncryptionParts(“{Content}{http://memorynotfound.com/beer}getBeerRequest”);

// sign the response
securityInterceptor.setValidationActions(“Signature Encrypt”);
securityInterceptor.setValidationSignatureCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setValidationDecryptionCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setValidationCallbackHandler(securityCallbackHandler());

return securityInterceptor;
}

Vivek
Vivek
June 18, 2018 19:18
Reply to  João

Yes this worked and thanks for sharing this snippet.

Juan Carlos Rubiano Panadero
Juan Carlos Rubiano Panadero
February 4, 2017 22:42

How can I make this value read from the message information received in the service?

securityInterceptor.setSecurementEncryptionUser()

Pavan Kumar
Pavan Kumar
October 3, 2017 16:02

Where can I find the WSDL file for this example?

Pavan Kumar
Pavan Kumar
October 3, 2017 16:02

Where can I find the WSDL file for this example?

shri
shri
June 15, 2020 05:38

I am getting Cannot find SOAP wrapper for element [xenc:EncryptedData: null], when tried to encrypt the whole body. any suggestions.

Rabinson Ghatani
Rabinson Ghatani
August 27, 2020 08:05

It is a best are that I got in the internet. Could you help me with this similar problem. I have posted a question on stackoverflow, though you could help me on that.
Link: https://stackoverflow.com/questions/63593636/wss-config-on-soap-call

8
0
Would love your thoughts, please comment.x
()
x