Reputation: 87
how to load the cxf wss4j crypto property file from external location other than the classpath
i am trying to externalize the crypto.properties files which is needed to sign the SOAP CXF request messages. According to the framework it should have the property file in the classpath. I am not able to load it from external. Please help me , i have tried a lot of techniques.
i am getting the below exception
org.apache.ws.security.WSSecurityException: General security error (Cannot load the resource file:
it is very necessary to externalize the file as we have synced up our development and production environment code base
The CXF framework used is 2.6.10
Upvotes: 5
Views: 6701
Answers (2)
Reputation: 1356
As noted in Colm O hEigeartaigh's answer it is possible to load the configuration settings from an external file using recent versions of CXF and WSS4J. However, this still means needing to write the properties to a file and loading them again.
You can also construct a Properties object in-memory, and have CXF use that instead. This also works for older CXF versions. This is done by extending WSS4JInInterceptor and WSS4JOutInterceptor, and then overriding the Crypto loadCryptoFromPropertiesFile(String propFilename, RequestData reqData) method and just returning your own Crypto object, which you can create using CryptoFactory.getInstance(properties).
So something like:
Properties cxfProps = new Properties();
cxfProps.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
cxfProps.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
cxfProps.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", "client");
cxfProps.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", PASSWORD);
cxfProps.setProperty("org.apache.ws.security.crypto.merlin.keystore.file", "keystore.j2");
Crypto crypto = CryptoFactory.getInstance(cxfProps);
Map<String, Object> inProps = new HashMap<String, Object>();
Map<String, Object> outProps = new HashMap<String, Object>();
inProps.put(WSHandlerConstants.ACTION, "Signature");
inProps.put(WSHandlerConstants.SIG_PROP_FILE, "dummy_value"); // Only necessary to avoid NPE
outProps.put(WSHandlerConstants.ACTION, "Signature");
outProps.put(WSHandlerConstants.USER, "client");
outProps.put(WSHandlerConstants.SIG_PROP_FILE, "dummy_value"); // Only necessary to avoid NPE
WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps) {
@Override
protected Crypto loadCryptoFromPropertiesFile(String propFilename, RequestData reqData)
throws WSSecurityException {
return crypto;
}
};
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps) {
@Override
protected Crypto loadCryptoFromPropertiesFile(String propFilename, RequestData reqData)
throws WSSecurityException {
return crypto;
}
};
Upvotes: 7
Reputation: 1900
It is supported, see my comment here: https://issues.apache.org/jira/browse/WSS-540
Upvotes: 3
Related Questions
- CXF WS-Security with keystore from HSM
- How do you use TLS/SSL Http Authentication with a CXF client to a web service?
- How to make WSS4J load the keystore password from a callback?
- cxf ws-security client does not bind the configuration file
- Apache CXF - configure WSS4J to extract server's x.509 certificate from SOAP header
- Configure CXF for STS/WS-Trust by code
- No encryption crypto object found exception in Apache CXF
- How do I load truststore from classpath with Apache CXF?
- Adding ws-security to wsdl2java generated classes
- Java - Apache CXF Load WSDL From Jar