Stefan Norberg
2012-01-26 08:16:27 UTC
Hi,
I have setup a CXF proxy config that uses HTTPS connector SSL client certificates on the receiving end.
I'm using standard Web Service Security on the outbound endpoint and would like to use the SSL client certificate CN (common name) as the username.
Any hints on how to accomplish that based on the below configuration would be very much appreciated.
Thanks,
Stefan
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:https="http://www.mulesoft.org/schema/mule/https" ...">
<spring:beans>
<spring:bean id="clientCallback" name="Bean" class="ClientPasswordCallback" doc:name="clientPasswordCallback"/>
</spring:beans>
<https:connector name="httpsConnector" validateConnections="false" doc:name="httpsConnector">
<https:tls-key-store path="mykey.jks" keyPassword="pass" storePassword="pass"/>
<https:tls-server path="cacerts.jks" storePassword="trustme" *requireClientAuthentication="true*"/>
</https:connector>
<https:endpoint host="localhost" port="65081" name="clientEndpoint" connector-ref="httpsConnector" keep-alive="true" doc:name="httpsClientEndpoint"/>
<flow name="Sprouts-external" doc:name="Sprouts-external" processingStrategy="synchronous">
<inbound-endpoint address="https://localhost:65081/services/SproutsProxy" exchange-pattern="request-response" connector-ref="httpsConnector" doc:name="HTTP">
<cxf:proxy-service wsdlLocation="SproutsWebFacade.wsdl" mtomEnabled="true" service="SproutsWebFacade" namespace="http://facade.sprouts.pensionsmyndigheten.se/">
</cxf:proxy-service>
</inbound-endpoint>
<outbound-endpoint address="http://127.0.0.1:8090/sprouts/ws/SproutsWebFacade" doc:name="HTTP">
<cxf:proxy-client mtomEnabled="true">
<cxf:outInterceptors>
<spring:bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
<spring:bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<spring:constructor-arg>
<spring:map>
<spring:entry key="action" value="UsernameToken"/>
<spring:entry key="user" value="testuser"/>
<spring:entry key="passwordType" value="PasswordText"/>
<spring:entry key="passwordCallbackRef" value-ref="clientCallback"/>
</spring:map>
</spring:constructor-arg>
</spring:bean>
</cxf:outInterceptors>
</cxf:proxy-client>
</outbound-endpoint>
</flow>
</mule>
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email
I have setup a CXF proxy config that uses HTTPS connector SSL client certificates on the receiving end.
I'm using standard Web Service Security on the outbound endpoint and would like to use the SSL client certificate CN (common name) as the username.
Any hints on how to accomplish that based on the below configuration would be very much appreciated.
Thanks,
Stefan
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:https="http://www.mulesoft.org/schema/mule/https" ...">
<spring:beans>
<spring:bean id="clientCallback" name="Bean" class="ClientPasswordCallback" doc:name="clientPasswordCallback"/>
</spring:beans>
<https:connector name="httpsConnector" validateConnections="false" doc:name="httpsConnector">
<https:tls-key-store path="mykey.jks" keyPassword="pass" storePassword="pass"/>
<https:tls-server path="cacerts.jks" storePassword="trustme" *requireClientAuthentication="true*"/>
</https:connector>
<https:endpoint host="localhost" port="65081" name="clientEndpoint" connector-ref="httpsConnector" keep-alive="true" doc:name="httpsClientEndpoint"/>
<flow name="Sprouts-external" doc:name="Sprouts-external" processingStrategy="synchronous">
<inbound-endpoint address="https://localhost:65081/services/SproutsProxy" exchange-pattern="request-response" connector-ref="httpsConnector" doc:name="HTTP">
<cxf:proxy-service wsdlLocation="SproutsWebFacade.wsdl" mtomEnabled="true" service="SproutsWebFacade" namespace="http://facade.sprouts.pensionsmyndigheten.se/">
</cxf:proxy-service>
</inbound-endpoint>
<outbound-endpoint address="http://127.0.0.1:8090/sprouts/ws/SproutsWebFacade" doc:name="HTTP">
<cxf:proxy-client mtomEnabled="true">
<cxf:outInterceptors>
<spring:bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
<spring:bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<spring:constructor-arg>
<spring:map>
<spring:entry key="action" value="UsernameToken"/>
<spring:entry key="user" value="testuser"/>
<spring:entry key="passwordType" value="PasswordText"/>
<spring:entry key="passwordCallbackRef" value-ref="clientCallback"/>
</spring:map>
</spring:constructor-arg>
</spring:bean>
</cxf:outInterceptors>
</cxf:proxy-client>
</outbound-endpoint>
</flow>
</mule>
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email