更新时间:2022-06-24 08:04:17
这是一个博客,详细介绍了如何使用Apache CXF:将X.509安全标头添加到Apache CXF SOAP调用(WS-SecurityPolicy方法)
Here's a blog with details on using Apache CXF: Adding X.509 security headers to Apache CXF SOAP calls (WS-SecurityPolicy method)
还有一个教程,其源代码已配置为使用WS-SecurityPolicy方法。
There's also a tutorial with source code configured for using the WS-SecurityPolicy Method.
编辑:修复了断开的链接,添加了教程链接。
fixed broken link, added link to tutorial.
现在可以很好地概述 CXF网站,它引用了上面的链接。
There is now a good overview of the various settings for WS-SecurityPolicy on the CXF site, and it references the link above.
简而言之(如果链接再次被吹走),WS-Security策略配置类似于CXF wiki上描述的 CXF拦截器方法,但对于cxf.xml和cxf-servlet.xml中的一些更改:
In a nutshell (in case the links are blown away again), the WS-SecurityPolicy is configured similar to the CXF interceptor method described on the CXF wiki except for a few changes in the cxf.xml and the cxf-servlet.xml:
cxf.xml
<jaxws:client name="{http://myport" createdFromAPI="true">
<!-- You will need to add the corresponding values to a properties file -->
<jaxws:properties>
<entry key="ws-security.callback-handler" value="client.ClientKeystorePasswordCallback"/>
<entry key="ws-security.encryption.properties" value=keystore.properties"/>
<entry key="ws-security.signature.properties" value="keystore.properties"/>
<entry key="ws-security.encryption.username" value="myservicekey"/>
</jaxws:properties>
cxf-servlet.xml
cxf-servlet.xml
<jaxws:properties>
<entry key="ws-security.callback-handler">
<ref bean="myPasswordCallback"/>
</entry>
<entry key="ws-security.encryption.properties" value="serviceKeystore.properties"/>
<entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
<entry key="ws-security.encryption.username" value="useReqSigCert"/>
</jaxws:properties>