With MESSAGE mode, camel-cxf pretty much keeps everything as a stream and bypasses much of the CXF interceptor chain and conversions and such. In some cases, that's very good. Performance and stuff works well. However, it also means a lot of CXF's processing capabilities are not used/usable.
If you flip to PAYLOAD mode or the new CXF_MESSAGE mode, it will likely work find for you. Those will behave more like normal CXF clients/servers that would allow all the ws-security stuff to work. Dan On Nov 20, 2012, at 10:01 AM, Jesper Nygårds <[email protected]> wrote: > I have a scenario where I want to add wss signing to an outgoing web > service call. I am trying to accomplish this by using a cxf consumer and a > cxf producer wired together by camel as a simple proxy. > > The idea is this: a system sends an un-signed SOAP request to our CXF web > service requiring no security. The call is then routed to a CXF client, > which signs th eoutgoing message using wss. This way, the original caller > does not concern itself with any security related issues. > > I have included our spring configuration below. The problem is that the > call gets routed as it should through the two CXF beans, but the outgoing > call leaves the CXF client without being signed. There is no trace of any > wss headers in the outgoing call. > > Turning on debugging, I can see that the WSS4JOutInterceptor is invoked, > and it writes to the debug messages that it has created a > xmldsig:SignedInfo element, but this is never added to the outgoing > message. Can anyone here throw some light on this problem? > > Here's the configuration: > > <?xml version="1.0" encoding="UTF-8"?> > > <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance"; xmlns:camel=" > http://camel.apache.org/schema/spring"; > xmlns:cxf="http://camel.apache.org/schema/cxf"; xmlns:context=" > http://www.springframework.org/schema/context"; > xsi:schemaLocation="http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd > http://www.springframework.org/schema/context > http://www.springframework.org/schema/context/spring-context.xsd > http://camel.apache.org/schema/spring > http://camel.apache.org/schema/spring/camel-spring.xsd > http://camel.apache.org/schema/cxf > http://camel.apache.org/schema/cxf/camel-cxf.xsd";> > > <import resource="classpath:META-INF/cxf/cxf.xml" /> > > <cxf:cxfEndpoint id="receiveOutgoingMessageEndpoint" > wsdlURL="etc/SendOccupationalPensionService.wsdl" > address="/sendOccupationalPension" > serviceName="s:SendOccupationalPensionService" xmlns:s=" > http://ssek.ic.afa.se/";> > <cxf:properties> > <entry key="dataFormat" value="MESSAGE" /> > </cxf:properties> > </cxf:cxfEndpoint> > > <cxf:cxfEndpoint id="sendOutgoingMessageEndpoint" address=" > http://localhost:8088/mockSendOccupationalPensionResponseToFKSOAPBinding";> > <cxf:properties> > <entry key="dataFormat" value="MESSAGE" /> > </cxf:properties> > <cxf:outInterceptors> > <bean > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <constructor-arg> > <map> > <entry key="action" value="Timestamp Signature" /> > <entry key="user" value="myservicekey" /> > <entry key="signatureKeyIdentifier" > value="DirectReference" /> > <entry key="timeToLive" value="10800" /> > <entry key="signaturePropFile" > value="classpath:etc/ssek.serviceKeystore.properties" /> > <entry key="passwordCallbackRef"> > <bean > class="se.afa.ic.ssek.ServiceKeystorePasswordCallback"> > <constructor-arg> > <value>myservicekey</value> > </constructor-arg> > <constructor-arg> > <value>skpass</value> > </constructor-arg> > </bean> > </entry> > <entry key="signatureParts" > value="{Element}{ > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"; > /> > </map> > </constructor-arg> > </bean> > </cxf:outInterceptors> > </cxf:cxfEndpoint> > > <camelContext id="camelContext" xmlns=" > http://camel.apache.org/schema/spring";> > <route trace="true"> > <from uri="cxf:bean:receiveOutgoingMessageEndpoint" /> > <to uri="cxf:bean:sendOutgoingMessageEndpoint" /> > </route> > </camelContext> > > </beans> -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
