Spring Ws Digital Certificate Authentication Wss4J

You may also like...

6
Leave a Reply

avatar
4 Comment threads
2 Thread replies
2 Followers
 
Most reacted comment
Hottest comment thread
4 Comment authors
VivekPavan KumarJuan Carlos Rubiano PanaderoJoão Recent comment authors
  Subscribe  
newest oldest
Notify of
João
Guest
João

Great article, but I have a problem.
The server is able to receive data from the client.

//Server
@PayloadRoot(namespace = NAMESPACE_URI, localPart = “getBeerRequest”)
@ResponsePayload
public GetBeerResponse getBeer(@RequestPayload GetBeerRequest request) {
GetBeerResponse beerResponse = new GetBeerResponse();
Beer beer = new Beer();
beer.setId(request.getId());
beer.setName(“Duff Beer”);
beerResponse.setBeer(beer);
System.out.println(“ID: “+request.getId());
return beerResponse;
}

ID: 2

But the client is not being able to receive data from the server.

//Client
GetBeerResponse resp = wsclient.getBeer(request);
System.out.println(“response: ” + resp);
response: [email protected]

or

GetBeerResponse resp = wsclient.getBeer(request);
System.out.println(“response: ” + resp.getBeer());
response: null

Both the server and the client are able to receive or send their xms, and the server can retrieve the client data, but the client can not retrieve the data from the server.

João
Guest
João

You have to add the Bean securityCallbackHandler in the SoapClientConfig class

@Bean
public KeyStoreCallbackHandler securityCallbackHandler(){
KeyStoreCallbackHandler callbackHandler = new KeyStoreCallbackHandler();
callbackHandler.setPrivateKeyPassword(“changeit”);
return callbackHandler;
}

And modify the Bean securityInterceptor to

@Bean
public Wss4jSecurityInterceptor securityInterceptor() throws Exception {
Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();

// set security actions
securityInterceptor.setSecurementActions(“Timestamp Signature Encrypt”);

// sign the request
securityInterceptor.setSecurementUsername(“client”);
securityInterceptor.setSecurementPassword(“changeit”);
securityInterceptor.setSecurementSignatureCrypto(getCryptoFactoryBean().getObject());

// encrypt the request
securityInterceptor.setSecurementEncryptionUser(“server-public”);
securityInterceptor.setSecurementEncryptionCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setSecurementEncryptionParts(“{Content}{http://memorynotfound.com/beer}getBeerRequest”);

// sign the response
securityInterceptor.setValidationActions(“Signature Encrypt”);
securityInterceptor.setValidationSignatureCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setValidationDecryptionCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setValidationCallbackHandler(securityCallbackHandler());

return securityInterceptor;
}

Vivek
Guest
Vivek

Yes this worked and thanks for sharing this snippet.

Juan Carlos Rubiano Panadero
Guest
Juan Carlos Rubiano Panadero

How can I make this value read from the message information received in the service?

securityInterceptor.setSecurementEncryptionUser()

Pavan Kumar
Guest
Pavan Kumar

Where can I find the WSDL file for this example?

Pavan Kumar
Guest
Pavan Kumar

Where can I find the WSDL file for this example?