Hello,
The version of Apache CXF to which this post applies is 2.7.7.
I have a WSDL-first web service with a WS-Policy expression that includes an
X.509 token assertion as an option to authenticate with the service.
<wsp:Policy
wsu:Id="WsSecurityUsernameToken-Or-WsSecurityX509CertificateToken">
<wsp:ExactlyOne>
<wsp:All>
<wssp:UsernameToken
IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy/>
</wssp:UsernameToken>
</wsp:All>
<wsp:All>
<wssp:X509Token
IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy/>
</wssp:X509Token>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
I'd like to use the following annotation to specify the pertinent signature
properties for signature validation.
@EndpointProperty(key = "ws-security.signature.properties
", value = "my.properties")
However, I have a requirement where no sensitive information, such as a key
store password, may be in the clear while at rest. I therefore have an
encrypted property in my.properties, which creates an issue.
I'd like to apply my custom decryption utility to an encrypted property
before leveraging the WS-SecurityPolicy and signature validation support in
CXF, but how would one recommend I go about that with WSDL-first service?
Thank you.
The version of Apache CXF to which this post applies is 2.7.7.
I have a WSDL-first web service with a WS-Policy expression that includes an
X.509 token assertion as an option to authenticate with the service.
<wsp:Policy
wsu:Id="WsSecurityUsernameToken-Or-WsSecurityX509CertificateToken">
<wsp:ExactlyOne>
<wsp:All>
<wssp:UsernameToken
IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy/>
</wssp:UsernameToken>
</wsp:All>
<wsp:All>
<wssp:X509Token
IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy/>
</wssp:X509Token>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
I'd like to use the following annotation to specify the pertinent signature
properties for signature validation.
@EndpointProperty(key = "ws-security.signature.properties
", value = "my.properties")
However, I have a requirement where no sensitive information, such as a key
store password, may be in the clear while at rest. I therefore have an
encrypted property in my.properties, which creates an issue.
I'd like to apply my custom decryption utility to an encrypted property
before leveraging the WS-SecurityPolicy and signature validation support in
CXF, but how would one recommend I go about that with WSDL-first service?
Thank you.