Using annotations instead of WSDL to specify the WSS policy.

rmartinc · Jul 21, 2017 · d4bb664 · d4bb664
1 parent b910da3
commit d4bb664
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 8 deletions.
diff --git a/src/main/java/com/sample/redhat/Echo.java b/src/main/java/com/sample/redhat/Echo.java
@@ -10,6 +10,7 @@
 import javax.jws.WebMethod;
 import javax.jws.WebService;
 import javax.jws.soap.SOAPBinding;
+import org.apache.cxf.annotations.Policy;
 import org.apache.cxf.interceptor.InInterceptors;
 import org.jboss.ws.api.annotation.EndpointConfig;
 
@@ -19,21 +20,21 @@
  * The security domain JBossWS is used to login using keycloak bearer login module.</p>
  *
  * <p>Examples of more information about WSS configuration:</p>
- * <ul><li><a href="http://www.superglobals.net/java-ee-soap-example/">
- *       Sample application that uses a SOAP ejb endpoint</a>.</li>
- *     <li><a href="https://docs.jboss.org/author/display/WFLY10/WS-Security">
- *       Documentation about WSS in wildfly<a>.</li>
- *     <li><a href="https://github.com/rareddy/ws-security-examples/tree/master/jaxws-usernametoken">
- *       Example application for WSS</a>.</li>
+ * <ul>
+ *   <li><a href="http://www.superglobals.net/java-ee-soap-example/">Sample application that uses a SOAP ejb endpoint</a>.</li>
+ *   <li><a href="https://docs.jboss.org/author/display/WFLY10/WS-Security">Documentation about WSS in wildfly</a>.</li>
+ *   <li><a href="https://github.com/rareddy/ws-security-examples/tree/master/jaxws-usernametoken"> Example application for WSS</a>.</li>
+ *   <li><a href="https://github.com/mposolda/keycloak-remote-ejb/">Example of ejb-security under keycloak by Marek Posolda</a>.</li>
  * </ul>
  * 
  * @author rmartinc
  */
 @Stateless
 @WebService(name = "echo", 
         targetNamespace = "http://com.sample.redhat/ws", 
-        serviceName = "echo-service",
-        wsdlLocation = "WEB-INF/wsdl/echo-security.wsdl")
+        //wsdlLocation = "WEB-INF/wsdl/echo-security.wsdl",
+        serviceName = "echo-service")
+@Policy(placement = Policy.Placement.BINDING, uri = "WssUsernameToken10.xml")
 @SOAPBinding(style = SOAPBinding.Style.RPC)
 @SecurityDomain("JBossWS")
 @DeclareRoles("static")

diff --git a/src/main/resources/WssUsernameToken10.xml b/src/main/resources/WssUsernameToken10.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<wsp:Policy wsu:Id="SecurityPolicy" xmlns:wsp="http://www.w3.org/ns/ws-policy"
+    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+    <wsp:ExactlyOne>
+        <wsp:All>
+            <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+                <wsp:Policy>
+                    <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+                        <wsp:Policy>
+                            <sp:WssUsernameToken10/>
+                        </wsp:Policy>
+                    </sp:UsernameToken>
+                </wsp:Policy>
+            </sp:SupportingTokens>
+        </wsp:All>
+    </wsp:ExactlyOne>
+</wsp:Policy>