MyEclipse :: View topic - Need tutorial about Secure Web Services

MyEclipse

Web Services - Need tutorial about Secure Web Services

alababi - Apr 24, 2007 - 05:33 PM
Post subject: Need tutorial about Secure Web Services

I need a MyEclipse Tutorial about secure Web Services, I cannot find it anywhere in the Learning Center, or the support forum. If you have the tutorial please send me

tomeksz - Apr 24, 2007 - 05:35 PM
Post subject:

You can find some articles about WS-Security here : http://xfire.codehaus.org/Articles

alababi - Apr 25, 2007 - 05:49 AM
Post subject:

Can you give me a more detail tutorial? About encrypting the soap message. Sorry I'm new I need a step by step tutorial.

tomeksz - Apr 25, 2007 - 09:41 AM
Post subject:

Its really simple.
All information you need are here : http://xfire.codehaus.org/WS-Security
You can also check XFire ws-security examples, there is a complete example how to encrypt message.

alababi - Apr 25, 2007 - 12:24 PM
Post subject:

I read through http://xfire.codehaus.org/WS-Security but cannot catch the idea, for i.e. This session

Code:

This WS-Security scenario adds username and password values to the message header. A password can be sent as plain text or in hashed form (depending on "passwordType" property).

Client side configuration :

protected void configureOutProperties(Properties config)
{
// Action to perform : user token
config.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
// Password type : plain text
config.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
// for hashed password use:
//properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
// User name to send
config.setProperty(WSHandlerConstants.USER, "serveralias");
// Callback used to retrive password for given user.
config.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
}

The PasswordHandler class is responsible for finding the password for given user name and must implement the org.apache.ws.security.WSPasswordCallback interface.

You can also specify an existing handler instance, using the WSHandlerConstants.PW_CALLBACK_REF property on the client/service instance or MessageContext ( e.g. client.setProperty(new PasswordHandler())).

The WSHandlerConstants.PASSWORD_TYPE property determines how the password will be sent. If it is set to WSConstants.PW_TEXT, the password will be sent as plain text. If the value is WSConstants.PW_DIGEST, a password digest will be sent. If no value is set, a digest is used by default..

I don't know which file to put this method and so on. If you have time please make a simple HelloWorld WS with Soap Message Encryption. Thanks in advance

tomeksz - Apr 25, 2007 - 01:40 PM
Post subject:

As i wrote before you have working example in /examples/ws-security sample application inside XFire distribution.

hbozic - Oct 12, 2007 - 07:11 PM
Post subject:

Quote:

As i wrote before you have working example in /examples/ws-security sample application inside XFire distribution.

It would be nice for myeclipse to generate the basic code and configuration for ws-security , just as it generates the basic code and configuration for web services.
( this is a feature request )

support-nipun - Oct 15, 2007 - 08:47 AM
Post subject:

Hi hbozic,
Thank you for this post. You can start a thread with your request on the Feature request forum so that other users can add their votes in favour of this request as well.