XFireHome M5M6-SNAPSHOTDevelopersDeveloper Space |
Steps to implementing WS-Security... 1. Determine how to use the TSIK API 2. Try it with a document which streams in XMLInputFactory factory = XMLInputFactory.getInstance();
XMLStreamReader reader = factory.createXMLStreamReader(inputStreamToFile);
....
// somehow take the reader and create a Document with the above library.
org.w3c.dom.Document doc = ...
3. Create a DocumentXMLStreamReader public class DocumentXMLStreamReader implements XMLStreamReader { public DocumentXMLStreamReader(org.w3c.dom.Document doc) { .... } public int next() { // this would get events as it progressed down the document. } .... } I've done this before with the XOM xml toolkit. Check out this example. There is also a unit test which shows how to use it. 4. Tie it into XFire
Here's a little pseudo code: public class WSSecurityInHandler extends AbstractHandler { public String getPhase() { Phase.PARSE; } public void invoke(MessageContext context) { Document doc = createDoc(context.getInMessage().getXMLStreamReader); decrypt(doc); XMLStreamReader reader = createStream(doc); context.getInMessage().setXMLStreamReader(reader); } } A test service: public class Echo { public String echo(string echo) { return echo; } } and a unit test: public class WSSecurityTest extends AbstractXFireTest { Service service; public void setUp() { // Creates a service from the echo class service = getServiceFactory().create(Echo.class); // Registers it getServiceRegistry().register(service); // Add in a WS-Security Handler service.addInHandler(new WSSecurityHandler()); } public void testService() { // sends a message to your service. the handler intercepts the document and decrypts org.codehaus.yom.Document response = invokeService("Echo", "/encrypted/document/on/the/classpath.xml"); // prints the response to System.out printNode(response); // Checks to make sure we get the echo'd response addNamespace("e", service.getServiceInfo().getName().getNamespace()); assertValid("//e:echoResponse", response); } } The "/encrypted/document/on/the/classpath.xml" needs to be an encrypted version of this document which the WS-SecurityHandler can understand: <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"> <env:Body> <m:echo xmlns:m="NAMESPACE"> <m:in0>Yo Yo</m:in0> </m:echo> </env:Body> </env:Envelope> where NAMESPACE is the namespace of your service. The namespace is constructed from the pacakge name. You can easily view this by adding a System.out.println(service.getServiceInfo().getName().getNamespace());
to the above test. |