WS security

WS-Security (Web Services Security, short WSS) is an extension to SOAP to apply security to web services. It is a member of the WS-* family of web service specifications and was published by OASIS.

The protocol specifies how integrity and confidentiality can be enforced on messages and allows the communication of various security token formats, such as SAML, Kerberos, and X.509. Its main focus is the use of XML Signature and XML Encryption to provide end-to-end security.

[추가필요한 lib]

<!-- WS-Security -->

<dependency>

<groupId>org.apache.ws.security</groupId>

<artifactId>wss4j</artifactId>

<version>1.6.4</version>

</dependency>

<dependency>

<groupId>org.apache.cxf</groupId>

<artifactId>cxf-rt-ws-security</artifactId>

<version>2.4.1</version>

</dependency>

<dependency>

<groupId>com.sun.xml.ws</groupId>

<artifactId>jaxws-rt</artifactId>

<version>2.2.9-b14002</version>

</dependency>

[ClientPasswordCallback.java 추가생성]

import java.io.IOException;

import javax.security.auth.callback.Callback;

import javax.security.auth.callback.CallbackHandler;

import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;

import org.springframework.beans.factory.annotation.Value;

import org.springframework.stereotype.Component;

@Component

public class ClientPasswordCallback implements CallbackHandler

{

@Value("${webservice.wssecurity.accept.passwd}")

private String wssecurityAcceptId;

   public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException

   {

      WSPasswordCallback pc = (WSPasswordCallback)callbacks[0];

         pc.setPassword(wssecurityAcceptId);

   }

}

[consumer에 추가할 코드]

xxxxxClass {

@Value("${webservice.wssecurity.accept.id}")

private String wssecurityAcceptId;

try{

       JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();

       factory.setServiceClass(PSFmsTOneossGetOrgCarPort.class);

       factory.setAddress("http://osb/ABCD/GetsdtddodoDfc");

       PSFmsTOneossGetOrgCarPort port = (PSFmsTOneossGetOrgCarPort)factory.create();

       Client client = ClientProxy.getClient(port);

       Endpoint cxfEndpoint = client.getEndpoint();

       Map<String, Object> outProps = new HashMap<String, Object>();

       

       outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);       

       outProps.put(WSHandlerConstants.USER, wssecurityAcceptId);

       outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);       

       outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());

       WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);

       cxfEndpoint.getOutInterceptors().add(wssOut);

       

       위 코드 추가 후....

       위에서 생성된 port로 웹서비스 호출하면 끝

       

   }

   

   

   

ps. 물론 provider에도 인증 계정정보 셋팅 필요