How to enable SSL with JBossWS without "server.xml" ?
mauro.brasil May 24, 2011 11:25 AMHello there!
We have a fully operational client/server application that uses JBossWS at server side and Axis2C at client side to provide Web Service communication.
We are just using "username autentication" and "timestamp validation" WS-Security features as shown below on "jboss-wsse-server.xml" file:
<?xml version="1.0" encoding="UTF-8"?> <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <config> <requires/> <timestamp ttl="60" /> <authenticate> <usernameAuth /> </authenticate> <authorize> <role>AllowedRole01</role> <role>AllowedRole02</role> </authorize> </config> <timestamp-verification createdTolerance="30" warnCreated="true" expiresTolerance="10" warnExpires="true" /> </jboss-ws-security>
Now we need to use SSL for all Web Services provided by our application.
Following Alessio Soldano's article at http://community.jboss.org/wiki/JBossWS-SecureTransport#Client_side, we were able to make SSL work changing file "web.xml" accordingly to alternative 2.
The problem is that we want to use the first approach with "@WebContext" annotation.
I've reverted "web.xml" configurations and changed current annotation from just:
@WebService( name = "user" ) @EndpointConfig( configName = "Standard WSSecurity Endpoint" ) @SecurityDomain( "SECURITY_DOMAIN" ) public class UserWSImpl extends AbstractBaseWS implements IUserWS {
To:
@WebService( name = "user" ) @EndpointConfig( configName = "Standard WSSecurity Endpoint" ) @SecurityDomain( "SECURITY_DOMAIN" ) @WebContext ( contextRoot = "/CONTEXT_ROOT", urlPattern = "/user", transportGuarantee = "CONFIDENTIAL", secureWSDLAccess = false ) public class UserWSImpl extends AbstractBaseWS implements IUserWS {
But it didn't work.
Am I missing something ?
Please let me know if you guys need any more information to figure out the problem.
Thank's a lot and best regards,
Mauro.