ws-security

Spring XWSS Message Signing

最后都变了- 提交于 2021-02-11 12:41:06
问题 I am currently working on a client interface which connects to a third party web service. This 3rd party web service requires that all messages sent to them are signed with the client's private key. I am attempting to implement this using Spring's XWSS support as documented here: http://docs.spring.io/spring-ws/site/reference/html/security.html The issue I'm facing is that the messages I send out are not being signed despite what as far as I can tell is a correct configuration. My

How can I configure WCF to only sign the TimeStamp header

不问归期 提交于 2021-01-27 06:56:48
问题 I am trying to configure my WCF client to create a SOAP 1.1 request that includes WS-Addressing, WS-Security and TLS. The security requirements are that the message includes a Username Token, TimeStamp and that the TimeStamp is signed using an included BinarySecurityToken. I have used the example from the following link to create my WCF client binding. I have slightly modified the the example (see below) so that HTTPS is used as the transport mechanism and the MessageSecurity is based on

How can I configure WCF to only sign the TimeStamp header

扶醉桌前 提交于 2021-01-27 06:54:47
问题 I am trying to configure my WCF client to create a SOAP 1.1 request that includes WS-Addressing, WS-Security and TLS. The security requirements are that the message includes a Username Token, TimeStamp and that the TimeStamp is signed using an included BinarySecurityToken. I have used the example from the following link to create my WCF client binding. I have slightly modified the the example (see below) so that HTTPS is used as the transport mechanism and the MessageSecurity is based on

How to configure WCF client for WS-Security (UsernameToken + Encrypted body SOAP (no signature))

百般思念 提交于 2020-06-17 02:18:09
问题 I need to configure my WCF client for consuming a JAX service with WS-Security UsernameToken + Timestamp + Encryption BODY Soap message with certificate. For the request I need a SOAP message as below: <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <xenc:EncryptedKey Id="EK-8653216552B106D28F13688042014758" xmlns:xenc=

Generate an XML signature digest using PHP

流过昼夜 提交于 2020-01-23 12:12:19
问题 I'm trying to implement WS-Security for my PHP SOAP client. The first step is being able to generate a valid XML digest from the outgoing request, but I haven't been able to do this. I've been looking for answers for a few days now but most of the answers end up being something like "don't solve it yourself, just use an existing Java library". That's not feasible in my current situation. I have been looking at several examples on the net trying to reproduce the same digest they have, for

Invoking a web service with WS Security from .NET

泪湿孤枕 提交于 2020-01-19 10:48:12
问题 I need to consume a web service secured with WS-Security from ASP.NET. I'm testing the service with SoapUI, being the envelop request: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://aduana.gov.py/webservices"> <soapenv:Header/> <soapenv:Body> <web:agregarGuia> <!--Optional:--> <guia>?</guia> <!--Optional:--> <autenticacion> <!--Optional:--> <codAduana>?</codAduana> <!--Optional:--> <firmaWSAA>?</firmaWSAA> <!--Optional:--> <idUsuario>?</idUsuario

WS-Security Policy node not being generated in Apache CXF with Spring and custom context file

拥有回忆 提交于 2020-01-15 12:15:39
问题 I have an SOAP web service generated with Apache CXF and using Spring. The interface was generated from a WSDL without WS-Security Policy. Now I need to include this WS-Security node in the generated WSDL: <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" wsu:Id="wss_saml_or

Retrieve plaintext WS-Security password at service endpoint with Metro + WSIT?

烂漫一生 提交于 2020-01-14 14:39:10
问题 I'm writing a SOAP service (let's call it X) that acts as a "forwarding proxy" of sorts, replacing several elements in the body, then calling another SOAP service (Y). I would like to use the same WS-Security credentials ( plaintext username and password) that I receive in X when I call Y, but I am having trouble retrieving the value of the Password element. The policy that I declare in my wsit-package.service.xml file references an implementation of com.sun.xml.wss.impl.callback

org.jboss.as.server.deployment.DeploymentUnitProcessingException: Apache CXF library detected in ws endpoint deployment

邮差的信 提交于 2020-01-14 13:07:07
问题 I am using Eclipse Juno and WildFly 8.2 and try to deploy soap web services with ws-security. This is my ref site. https://docs.jboss.org/author/display/JBWS/WS-Security#WS-Security-Authenticationandauthorization Deployment is ok! But the problem seems to be the client of Eclipse. I made some jsp codes with eclipse ide <%@ page import="javax.xml.ws.BindingProvider"%> <%@ page import="javax.xml.namespace.QName"%> <%@ page import="java.net.URL"%> <%@ page import="javax.xml.ws.Service"%> <%@

org.jboss.as.server.deployment.DeploymentUnitProcessingException: Apache CXF library detected in ws endpoint deployment

喜欢而已 提交于 2020-01-14 13:06:31
问题 I am using Eclipse Juno and WildFly 8.2 and try to deploy soap web services with ws-security. This is my ref site. https://docs.jboss.org/author/display/JBWS/WS-Security#WS-Security-Authenticationandauthorization Deployment is ok! But the problem seems to be the client of Eclipse. I made some jsp codes with eclipse ide <%@ page import="javax.xml.ws.BindingProvider"%> <%@ page import="javax.xml.namespace.QName"%> <%@ page import="java.net.URL"%> <%@ page import="javax.xml.ws.Service"%> <%@