OSGI-INF.blueprint.blueprint.xml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of secure-soap Show documentation
Show all versions of secure-soap Show documentation
Secure SOAP example using JAXWS with WS-Security
The newest version!
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (C) FuseSource, Inc.
http://fusesource.com
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!--
This is the OSGi Blueprint XML file defining the CXF JAX-WS beans. Because the file is in the
OSGI-INF/blueprint directory inside our JAR, it will be automatically activated as soon as the artifact is installed.
The root element for any OSGi Blueprint file is 'blueprint' - you also see the namespace definitions for both the Blueprint
and the CXF JAX-WS namespaces.
-->
<blueprint
xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/blueprint/jaxws"
xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://cxf.apache.org/blueprint/jaxws http://cxf.apache.org/schemas/blueprint/jaxws.xsd">
<!--
Using the <jaxws:endpoint/>, we're configuring the actual JAX-WS endpoint, referring to our web service implementation class
and the URI address we want to assign to our service. The address is relative to the CXF servlet URI,
with the default configuration in place, this endpoint will be available at 'http://localhost:8181/cxf/HelloWorld'.
-->
<jaxws:endpoint id="helloWorld"
implementor="org.fusesource.examples.cxf.jaxws.security.HelloWorldImpl"
address="/HelloWorldSecurity">
<!--
We will be adding two interceptors to the inbound interceptor chain:
- the CXF WSS4J interceptor to support WS-Security for passing along the credentials
- a reference to the the JAAS authentication interceptor defined as a separate bean later on
this will ensure that the credentials are being authenticated in the JAAS realm defined there ('karaf')
-->
<jaxws:inInterceptors>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText"/>
</map>
</property>
</bean>
<ref component-id="authenticationInterceptor"/>
</jaxws:inInterceptors>
<jaxws:outInterceptors>
<bean class="org.fusesource.examples.cxf.jaxws.security.EnableCORSInterceptor"/>
</jaxws:outInterceptors>
<!--
TODO: Add a description about the purpose of this extra property
-->
<jaxws:properties>
<entry key="ws-security.validate.token" value="false"/>
</jaxws:properties>
</jaxws:endpoint>
<!--
We are using the OSGi Blueprint XML syntax to define a bean that we referred to in our JAX-WS endpoint setup.
This bean is a CXF interceptor that ensures that a request has been authenticated before allowing it to pass. For
performing the authentication, this interceptor will delegate to JAAS, using the realm name 'karaf'. This will allow
it to reuse the same authentication mechanism that is being used to secure other ESB facilities, such as the remote
SSH shell and the webconsole.
-->
<bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
<property name="contextName" value="karaf"/>
</bean>
</blueprint>
© 2015 - 2025 Weber Informatics LLC | Privacy Policy