CXF With UsernameToken (Interceptor)

CXF With UsernameToken (Interceptor) explains about step by step details of securing a Web service using UsernameToken Interceptor

CXF gives two different techniques for adding UsernameToken

1) WS-SecurityPolicy -> In WS-SecurityPolicy, we are applying on WSDL 
level, Here we are defining WS-SecurityPolicy elements on WSDL and 
implement the security mechanism. This could be the best approach 
because client can able to understand which security mechanism is 
implemented and client can able to proceed accordingly.

2) Using CXF interceptors -> Here we are manually adding security 
mechanism to CXF interceptors,the problem on this approach client 
cant able to understand which security mechanism is implemented 
because it is not available on wsdl

If you are interested to add WS-Security on WSDL level using WS-SecurityPolicy, you can use following article

CXF With UsernameToken (WS-Security Policy)

Required Libraries

You need to download

  1. JDK 6
  2. Eclipse 3.7
  3. CXF-2.7.3
  4. Tomcat 7

Following jar must be in ClassPath

  1. commons-logging-1.1.1.jar
  2. cxf-2.7.3.jar
  3. httpasyncclient-4.0-beta3.jar
  4. httpclient-4.2.1.jar
  5. httpcore-4.2.2.jar
  6. httpcore-nio-4.2.2.jar
  7. jaxb-api-2.2.6.jar
  8. jaxb-impl-2.2.6.jar
  9. neethi-3.0.2.jar
  10. spring-aop-3.0.7.RELEASE.jar
  11. spring-asm-3.0.7.RELEASE.jar
  12. spring-beans-3.0.7.RELEASE.jar
  13. spring-context-3.0.7.RELEASE.jar
  14. spring-core-3.0.7.RELEASE.jar
  15. spring-expression-3.0.7.RELEASE.jar
  16. spring-web-3.0.7.RELEASE.jar
  17. wsdl4j-1.6.2.jar
  18. wss4j-1.6.9.jar
  19. xmlschema-core-2.0.3.jar
  20. xmlsec-1.5.3.jar

CXF With UsernameToken (Interceptor) Tutorial

I am creating a sample web service project that pass Student object and return with some changes on that object. The service is using simple POJO (Plain Old Java Object) bean.

Firstly create a Dynamic Web Project (File->New->Dynamic Web Project) named "CXFTutorial" according to following screenshot

CXF With UsernameToken (Interceptor) CXF With UsernameToken (Interceptor)

1 2 3 4 Next

4 Responses to "CXF With UsernameToken (Interceptor)"
  1. Kumar 2012-08-17 07:57:29.0
  1. admin 2012-08-18 07:57:29.0
  1. Sunil Gulabani 2012-08-19 07:57:29.0
  1. admin 2012-08-20 07:57:29.0

Your email address will not be published. Required fields are marked *