| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <beans xmlns="http://www.springframework.org/schema/beans" |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xmlns:jaxws="http://cxf.apache.org/jaxws" |
| xsi:schemaLocation=" |
| http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd |
| http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd |
| "> |
| |
| <jaxws:client name="{http://apache.org/hello_world_soap_http}TimestampSignEncrypt" createdFromAPI="true"> |
| <jaxws:features> |
| <bean class="org.apache.cxf.feature.LoggingFeature"/> |
| </jaxws:features> |
| <jaxws:outInterceptors> |
| <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/> |
| <ref bean="TimestampSignEncrypt_Request"/> |
| </jaxws:outInterceptors> |
| <jaxws:inInterceptors> |
| <ref bean="TimestampSignEncrypt_Response"/> |
| <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> |
| </jaxws:inInterceptors> |
| </jaxws:client> |
| |
| <!-- --> |
| <!-- This bean is an Out interceptor which will add a Timestamp, --> |
| <!-- sign the Timstamp and Body, and then encrypt the Timestamp --> |
| <!-- and Body. It uses 3DES as the symmetric key algorithm. --> |
| <!-- --> |
| <bean |
| class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" |
| id="TimestampSignEncrypt_Request"> |
| <constructor-arg> |
| <map> |
| <entry key="action" value="Timestamp Signature Encrypt"/> |
| <!-- <entry key="action" value="Timestamp Signature"/> --> |
| <entry key="user" value="alice"/> |
| <entry key="signaturePropFile" value="org/apache/servicemix/camel/ws/security/alice.properties"/> |
| <entry key="encryptionPropFile" value="org/apache/servicemix/camel/ws/security/bob.properties"/> |
| <entry key="encryptionUser" value="Bob"/> |
| <entry key="signatureKeyIdentifier" value="DirectReference"/> |
| <entry key="passwordCallbackClass" value="org.apache.servicemix.camel.nmr.ws.security.KeystorePasswordCallback"/> |
| <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/> |
| <!-- --> |
| <!-- Recommendation: signatures should be encrypted --> |
| <!-- --> |
| <entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/> |
| <!-- <entry key="encryptionKeyTransportAlgorithm" value="RSA15"/> --> |
| <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> |
| </map> |
| </constructor-arg> |
| </bean> |
| |
| <!-- --> |
| <!-- This bean is an In interceptor which validated a signed, --> |
| <!-- encrypted resposne, and timestamped. --> |
| <!-- --> |
| <!-- --> |
| <bean |
| class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor" |
| id="TimestampSignEncrypt_Response"> |
| <constructor-arg> |
| <map> |
| <entry key="action" value="Timestamp Signature Encrypt"/> |
| <entry key="signaturePropFile" value="org/apache/servicemix/camel/ws/security/bob.properties"/> |
| <entry key="decryptionPropFile" value="org/apache/servicemix/camel/ws/security/alice.properties"/> |
| <entry key="passwordCallbackClass" value="org.apache.servicemix.camel.nmr.ws.security.KeystorePasswordCallback"/> |
| </map> |
| </constructor-arg> |
| </bean> |
| |
| </beans> |