13.2. Understanding WSIT Configuration Files

When a web service or a web service client are configured for WSIT features, this information is saved in WSIT Configuration files. The following sections discuss the WSIT configuration files for the service and for the client:

13.2.1. Service-Side WSIT Configuration Files

WSIT features are configured on a web service in the following way:

  1. Right-click the web service in NetBeans IDE.

  2. Select Edit Web Service Attributes.

  3. Select and/or configure the appropriate WSIT features on the Quality Of Service Configuration tab for the web service. Many of the WSIT features are discussed in Using WSIT Security.

  4. Select OK to close the dialog.

  5. Run the web application by right-clicking the project node and selecting Run Project.

The service-side WSIT Configuration file that is used when the web service is deployed can be viewed by expanding the Web Pages | WEB-INF elements of the application in the tree, and then double-clicking the wsit-package.service.xml file to open it in the editor.

For the example application Example: Username Authentication with Symmetric Key (UA), the WSIT configuration file for the service is named wsit-org.me.calculator.CalculatorWS.xml, and looks like this:

<?xml version="1.0" encoding="UTF-8"?>
                <definitions
                xmlns="http://schemas.xmlsoap.org/wsdl/"
                xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
                xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
                name="CalculatorWSService"
                targetNamespace="http://calculator.me.org/"
                xmlns:tns="http://calculator.me.org/"
                xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
                xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/
                oasis-200401-wss-wssecurity-utility-1.0.xsd"
                xmlns:wsaws="http://www.w3.org/2005/08/addressing"
                xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
                xmlns:sc="http://schemas.sun.com/2006/03/wss/server"
                xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
                >
                <message name="add"/>
                <message name="addResponse"/>
                <portType name="CalculatorWS">
                <operation name="add">
                <input message="tns:add"/>
                <output message="tns:addResponse"/>
                </operation>
                </portType>
                <binding name="CalculatorWSPortBinding" type="tns:CalculatorWS">
                <wsp:PolicyReference URI="#CalculatorWSPortBindingPolicy"/>
                <operation name="add">
                <input>
                <wsp:PolicyReference URI="#CalculatorWSPortBinding_add_Input_Policy"/>
                </input>
                <output>
                <wsp:PolicyReference URI="#CalculatorWSPortBinding_add_Output_Policy"/>
                </output>
                </operation>
                </binding>
                <service name="CalculatorWSService">
                <port name="CalculatorWSPort" binding="tns:CalculatorWSPortBinding"/>
                </service>
                <wsp:Policy wsu:Id="CalculatorWSPortBindingPolicy">
                <wsp:ExactlyOne>
                <wsp:All>
                <wsaws:UsingAddressing xmlns:wsaws=
                "http://www.w3.org/2006/05/addressing/wsdl"/>
                <sp:SymmetricBinding>
                <wsp:Policy>
                <sp:ProtectionToken>
                <wsp:Policy>
                <sp:X509Token sp:IncludeToken=
                "http://schemas.xmlsoap.org/
                ws/2005/07/securitypolicy/IncludeToken/Never">
                <wsp:Policy>
                <sp:WssX509V3Token10/>
                </wsp:Policy>
                </sp:X509Token>
                </wsp:Policy>
                </sp:ProtectionToken>
                <sp:Layout>
                <wsp:Policy>
                <sp:Strict/>
                </wsp:Policy>
                </sp:Layout>
                <sp:IncludeTimestamp/>
                <sp:OnlySignEntireHeadersAndBody/>
                <sp:AlgorithmSuite>
                <wsp:Policy>
                <sp:Basic128/>
                </wsp:Policy>
                </sp:AlgorithmSuite>
                </wsp:Policy>
                </sp:SymmetricBinding>
                <sp:Wss11>
                <wsp:Policy>
                <sp:MustSupportRefKeyIdentifier/>
                <sp:MustSupportRefIssuerSerial/>
                <sp:MustSupportRefThumbprint/>
                <sp:MustSupportRefEncryptedKey/>
                </wsp:Policy>
                </sp:Wss11>
                <sp:SignedSupportingTokens>
                <wsp:Policy>
                <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/
                ws/2005/07/securitypolicy/
                IncludeToken/AlwaysToRecipient">
                <wsp:Policy>
                <sp:WssUsernameToken10/>
                </wsp:Policy>
                </sp:UsernameToken>
                </wsp:Policy>
                </sp:SignedSupportingTokens>
                <sc:KeyStore wspp:visibility="private" alias="xws-security-server"/>
                </wsp:All>
                </wsp:ExactlyOne>
                </wsp:Policy>
                <wsp:Policy wsu:Id="CalculatorWSPortBinding_add_Input_Policy">
                <wsp:ExactlyOne>
                <wsp:All>
                <sp:EncryptedParts>
                <sp:Body/>
                </sp:EncryptedParts>
                <sp:SignedParts>
                <sp:Body/>
                <sp:Header Name="To"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="From"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="FaultTo"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="ReplyTo"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header
                Name="MessageID" Namespace=
                "http://www.w3.org/2005/08/addressing"/>
                <sp:Header
                Name="RelatesTo" Namespace=
                "http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="Action"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="AckRequested"
                Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
                <sp:Header Name="SequenceAcknowledgement"
                Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
                <sp:Header Name="Sequence"
                Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
                </sp:SignedParts>
                </wsp:All>
                </wsp:ExactlyOne>
                </wsp:Policy>
                <wsp:Policy wsu:Id="CalculatorWSPortBinding_add_Output_Policy">
                <wsp:ExactlyOne>
                <wsp:All>
                <sp:EncryptedParts>
                <sp:Body/>
                </sp:EncryptedParts>
                <sp:SignedParts>
                <sp:Body/>
                <sp:Header Name="To"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="From"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="FaultTo"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="ReplyTo"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="MessageID"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="RelatesTo"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="Action"
                Namespace="http://www.w3.org/2005/08/addressing"/>
                <sp:Header Name="AckRequested"
                Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
                <sp:Header Name="SequenceAcknowledgement"
                Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
                <sp:Header Name="Sequence"
                Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
                </sp:SignedParts>
                </wsp:All>
                </wsp:ExactlyOne>
                </wsp:Policy>
        </definitions>

13.2.2. Client-Side WSIT Configuration Files

WSIT features are configured on the client in the following way:

  1. Expand the Web Service Reference node for the web service client in NetBeans IDE.

  2. Select Edit Web Service Attributes.

  3. Select and/or configure the appropriate WSIT features on the Quality Of Service tab for the web service client. Many of the WSIT features are discussed in Using WSIT Security.

  4. Select OK to close the dialog.

  5. Run the web service client by right-clicking the project node and selecting Run Project.

The WSIT Configuration information can be viewed by expanding Source Packages | META-INF in NetBeans IDE for the client project. This directory contains two files: serviceService.xml and wsit-client.xml.

The serviceService.xml file is an XML file that must conform to the WSDL specification. The WSIT configuration is written to this file. For the example application Example: Username Authentication with Symmetric Key (UA), the WSIT configuration file for the client is named CalculatorWSService.xml, and looks like this:

<?xml version="1.0" encoding="UTF-8"?>
                <!-- Published by JAX-WS RI at http://jax-ws.java.net. RI's version
                is JAX-WS RI 2.1.2_01-hudson-189-. --><!-- Generated by JAX-WS
                RI at http://jax-ws.java.net. RI's version is JAX-WS RI
                2.1.2_01-hudson-189-. --><definitions xmlns:wsu=
                "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
                utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
                xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
                xmlns:tns="http://calculator.me.org/"
                mlns:xsd="http://www.w3.org/2001/XMLSchema"
                xmlns="http://schemas.xmlsoap.org/wsdl/"
                targetNamespace="http://calculator.me.org/"
                name="CalculatorWSService"
                xmlns:sc="http://schemas.sun.com/2006/03/wss/client"
                xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
                xmlns:tc="http://schemas.sun.com/ws/2006/05/trust/client">
                <wsp:UsingPolicy></wsp:UsingPolicy>
                <types>
                <xsd:schema>
                <xsd:import namespace="http://calculator.me.org/"
                schemaLocation="http://localhost:8080/CalculatorApplication/
                CalculatorWSService?xsd=1">
                </xsd:import>
                </xsd:schema>
                </types>
                <message name="add">
                <part name="parameters" element="tns:add"></part>
                </message>
                <message name="addResponse">
                <part name="parameters" element="tns:addResponse"></part>
                </message>
                <portType name="CalculatorWS">
                <operation name="add">
                <input message="tns:add"></input>
                <output message="tns:addResponse"></output>
                </operation>
                </portType>
                <binding name="CalculatorWSPortBinding" type="tns:CalculatorWS">
                <wsp:PolicyReference URI="#CalculatorWSPortBindingPolicy"/>
                <soap:binding transport="http://schemas.xmlsoap.org/
                soap/http" style="document"></soap:binding>
                <operation name="add">
                <soap:operation soapAction=""></soap:operation>
                <input>
                <soap:body use="literal"></soap:body>
                </input>
                <output>
                <soap:body use="literal"></soap:body>
                </output>
                </operation>
                </binding>
                <service name="CalculatorWSService">
                <port name="CalculatorWSPort" binding="tns:CalculatorWSPortBinding">
                <soap:address location="http://localhost:8080/
                CalculatorApplication/CalculatorWSService">
                </soap:address>
                </port>
                </service>
                <wsp:Policy wsu:Id="CalculatorWSPortBindingPolicy">
                <wsp:ExactlyOne>
                <wsp:All>
                <sc:KeyStore wspp:visibility="private"
                location="c:\Sun\glassfish\domains\domain1\config\keystore.jks"
                storepass="changeit" alias="xws-security-client"/>
                <sc:TrustStore wspp:visibility="private"
                location="c:\Sun\glassfish\domains\domain1\config\cacerts.jks"
                storepass="changeit" peeralias="xws-security-server"/>
                <tc:PreconfiguredSTS wspp:visibility="private"/>
                <sc:CallbackHandlerConfiguration wspp:visibility="private">
                <sc:CallbackHandler default="wsitUser" name="usernameHandler"/>
                <sc:CallbackHandler default="changeit" name="passwordHandler"/>
                </sc:CallbackHandlerConfiguration>
                </wsp:All>
                </wsp:ExactlyOne>
                </wsp:Policy>
            </definitions>

The wsit-client.xml file imports the serviceService.xml file. For the example shown about, the wsit-client.xml file looks like this:

<?xml version="1.0" encoding="UTF-8"?>
                <definitions
                xmlns="http://schemas.xmlsoap.org/wsdl/"
                xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
                xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="mainclientconfig"
                >
                <import location="CalculatorWSService.xml" namespace="http://calculator.me.org/"/>
            </definitions>

When running the client, these two files will need to be in the classpath, either at the classpath root (i.e., build/classes) or in a META-INF directory under the classpath root.


Terms of Use; Privacy Policy; Copyright ©2013-2014 (revision 20140418.2d69abc)
 
 
Close
loading
Please Confirm
Close