Getting a X509Certificate from a SOAP Security Header

Question

Everybody, Hello!

I have a simple stub client for the cxf web-service (spring app). It uses a WSS4JOutInterceptor with action = \"Signature\" So that, the

Answer 1

The solution is to use a BinarySecurityToken header's element:

SoapMessage soapMessage = (SoapMessage) message;
SOAPMessage doc = getSOAPMessage(soapMessage);

Element elem = WSSecurityUtil.getSecurityHeader(doc.getSOAPPart(), "");
// get a BinarySignature tag
Node binarySignatureTag = elem.getFirstChild();
BinarySecurity token = new X509Security((Element) binarySignatureTag);

// a X509Certificate construction
InputStream in = new ByteArrayInputStream(token.getToken());
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)certFactory.generateCertificate(in);

as you can see, you also need to use the org.apache.ws.security package.