Skip to end of metadata
Go to start of metadata

Steps to implementing WS-Security...

1. Determine how to use the TSIK API
This will be our "hello world" starting point. Figure out how to take a soap document on the file system, encrypt it and decrypt it via the TSIK api so we get an understanding of how to use it.

2. Try it with a document which streams in
Download the code at and figure out how to use it. You'll need to start with an XMLStreamReader and end up with a document. Pseudocode:

3. Create a DocumentXMLStreamReader
In this step we're going to forget about encryption and decryption. After decryption we'll end up with a org.w3c.dom.Document. But XFire expects an XMLStreamReader javadoc. So we need to convert between the two.

I've done this before with the XOM xml toolkit. Check out this example. There is also a unit test which shows how to use it.

4. Tie it into XFire
We're going to write a Handler which does the following

  1. takes the incoming XMLStreamReader, reads it into a document
  2. Decrypts the document
  3. Creates another XMLStreamReader from the document

Here's a little pseudo code:

A test service:

and a unit test:

The "/encrypted/document/on/the/classpath.xml" needs to be an encrypted version of this document which the WS-SecurityHandler can understand:

where NAMESPACE is the namespace of your service. The namespace is constructed from the pacakge name. You can easily view this by adding a

to the above test.

  • No labels