I am using CXF for my webservice security. I have the following configuration:
<entry key="ws-security.callback-handler" value="PasswordCallbackHandler"/>
<entry key="ws-security.encryption.properties" value="WEB-INF/keystore.properties"/>
<entry key="ws-security.signature.properties" value="WEB-INF/keystore.properties"/>
<entry key="ws-security.encryption.username" value="useReqSigCert"/>
Currently we store the password in keystore.properties as plaintext password. I want to store an encrypted password and then have that used to log into the keystore.
Any idea what i need to do?
Thanks
CXF 3.0.0 supports using encrypted passwords in Crypto properties files. The CallbackHandler must supply the password used to decrypt the encrypted password in this scenario. See here for more information:
http://ws.apache.org/wss4j/newfeatures20.html
http://coheigea.blogspot.ie/2014/02/apache-wss4j-200-part-iv.html
Colm.
Related
I am storing sensitive information like password, APIKey etc in JBoss AS vault.I need to retrieve it in camel route and set camel exchange headers.
I tried in below it is not working.
<setHeader headerName="apikey">
<simple>{{VAULT::event_policy_online::password::1}}</simple>
</setHeader>
how can i achieve it?
You can create an EAP system property (for example, myfusepassword) for the password you created in the vault.
Then the password can be accessed in the camel configuration by using the following notation:
${sys.myfusepassword}
I am creating an API with URI template patient/{name} and production URL to http://localhost:8888/patient/{uri.var.name} in WSO2 APIM. Also adding this sequence
<sequence xmlns="http://ws.apache.org/ns/synapse" name="TestSequence">
<property name="REST_URL_POSTFIX" scope="axis2" action="remove"/>
</sequence>
The target URL is not being invoked with this. Can you please let me know what is the issue?
This error can occur due to Invalid URI provided by you, make sure you are using valid endpoint url for the Production Endpoint.
I'm trying to use WSRR (Websphere Service Registry and Repository) to retrieve the endpoint of the service that I'm consuming. I have a method which will lookup and return the endpoint of the service. I've set this to the publishedEndpointUrl in the properties.
But, it does not replace the value of the "address" and if I remove "address", it throws me an error. Is there another way to achieve this?
This is what I tried:
<cxf:cxfEndpoint id="test" address="https://..." serviceClass="...">
<cxf:properties>
<entry key="publishedEndpointUrl value="#{wsrr.getEndpoint()}">
</cxf:cxfEndpoint>
<cxf:cxfEndpoint>
I am using a CXF component which will take username and password as its properties and I am getting username and password in Camel Exchange Header, So I tried to set this way:
<to uri="cxf:{myurl}?dataFormat=MESSAGE&username=${in.header.username}&password=${in.header.password}"/>
But it is giving me authentication failure error as username and password are not set properly.
See this FAQ about how to use dynamic values in the to
http://camel.apache.org/how-to-use-a-dynamic-uri-in-to.html
So by using recipient list EIP you can do this
<recipientList>
<simple>cxf:{myurl}?dataFormat=MESSAGE&username=${in.header.username}&password=${in.header.password}"</simple>
</recipientList>
Hi I have a Webservice exposed in FUSE ESB using Apache CXF endpoint. Client is required to pass the user name as password as below. Please advice How I can read this in my server from the Camel Exchange object.
((BindingProvider) serviceMnmtApi).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "admin");
((BindingProvider) serviceMnmtApi).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "password");
If you are using JBoss Fuse 6.1, you should be able to setup the the username and password from the endpoint URI option. It is addressed in CAMEL-7145.