JBossWS Native + WS-Security - missing WS-SecurityPolicy info in WSDL
kamaze Mar 21, 2010 8:19 AMHi all,
I wonder why the generated WSDL of my JBossWS Native Web Service does not contain any WS-SecurityPolicy information?! I configured WS-Security (without using any JAAS security) with the following server-side configuration:
The Service Endpoint Interface implementation:
@WebService
@BindingType(SOAPBinding.SOAP11HTTP_BINDING)
@EndpointConfig(configName = "Standard WSSecurity Endpoint")
public class ModificationLsdImport {
public void doImport(List<ModCanLsdPair> data) {
// todo
}
}
The jboss-wsse-server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<key-store-file>WEB-INF/keystore.jks</key-store-file>
<key-store-password>password</key-store-password>
<key-store-type>jks</key-store-type>
<trust-store-file>WEB-INF/cacerts.jks</trust-store-file>
<trust-store-password>password</trust-store-password>
<trust-store-type>jks</trust-store-type>
<key-passwords>
<key-password alias="alias" password="password" />
</key-passwords>
<config>
<encrypt type="x509v3" alias="alias" />
<requires>
<encryption/>
</requires>
</config>
</jboss-ws-security>
My endpoint is a servlet endpoint, so the jboss-wsse-server.xml is contained in the WEB-INF directory - besides keystore.jks, cacerts.jks and the web.xml. The WAR is deployed into a JBoss 5.1.0.GA with default JBossWS Native 3.1.2.GA (I also tested it with JBossWS Native 3.2.2.GA). The JDK (SUN) is 1.6.0_12 (Windows Vista 32 Bit). The WAR is contained in an EAR and seems to by deployed correctly. I can get the WSDL by using Firefox pointed to http://127.0.0.1:1977/TestApp/modificationLsdImportService/invoke?wsdl.
The WSDL looks like this:
<?xml version='1.0' encoding='UTF-8'?>
<definitions name='ModificationLsdImportService' targetNamespace='http://server.modLsdImport.webservice.masp.com/' xmlns='http://schemas.xmlsoap.org/wsdl/' xmlns:soap='http://schemas.xmlsoap.org/wsdl/soap/' xmlns:tns='http://server.modLsdImport.webservice.masp.com/' xmlns:xsd='http://www.w3.org/2001/XMLSchema'>
<types>
<xs:schema targetNamespace='http://server.modLsdImport.webservice.masp.com/' version='1.0' xmlns:tns='http://server.modLsdImport.webservice.masp.com/' xmlns:xs='http://www.w3.org/2001/XMLSchema'>
<xs:element name='doImport' type='tns:doImport'/>
<xs:element name='doImportResponse' type='tns:doImportResponse'/>
<xs:complexType name='doImport'>
<xs:sequence>
<xs:element maxOccurs='unbounded' minOccurs='0' name='arg0' type='tns:modCanLsdPair'/>
</xs:sequence>
</xs:complexType>
<xs:complexType name='modCanLsdPair'>
<xs:sequence>
<xs:element minOccurs='0' name='lsd' type='xs:string'/>
<xs:element minOccurs='0' name='modCan' type='xs:string'/>
</xs:sequence>
</xs:complexType>
<xs:complexType name='doImportResponse'>
<xs:sequence/>
</xs:complexType>
</xs:schema>
</types>
<message name='ModificationLsdImport_doImport'>
<part element='tns:doImport' name='doImport'></part>
</message>
<message name='ModificationLsdImport_doImportResponse'>
<part element='tns:doImportResponse' name='doImportResponse'></part>
</message>
<portType name='ModificationLsdImport'>
<operation name='doImport' parameterOrder='doImport'>
<input message='tns:ModificationLsdImport_doImport'></input>
<output message='tns:ModificationLsdImport_doImportResponse'></output>
</operation>
</portType>
<binding name='ModificationLsdImportBinding' type='tns:ModificationLsdImport'>
<soap:binding style='document' transport='http://schemas.xmlsoap.org/soap/http'/>
<operation name='doImport'>
<soap:operation soapAction=''/>
<input>
<soap:body use='literal'/>
</input>
<output>
<soap:body use='literal'/>
</output>
</operation>
</binding>
<service name='ModificationLsdImportService'>
<port binding='tns:ModificationLsdImportBinding' name='ModificationLsdImportPort'>
<soap:address location='http://127.0.0.1:1977/TestApp/modificationLsdImportService/invoke'/>
</port>
</service>
</definitions>
My question is - why doesn't the generated WSDL contain any security related information? How should the Web Service client know that it has to encrypt the message? The WSDL I generated explicitely with wsprovide looks the same.
I already used the JBossWS Metro stack and WS-Security configured (WSIT). The generated WSDL did contain security requirements in this case.
Thanking you in anticipation.