MyCompanyControlPolicy.wsse Sample
This topic inludes the source code for the MyCompanyControlPolicy.wsse Sample.
Sample Location
This sample is located in the following directory in your WebLogic Workshop installation:
BEA_HOME/weblogic81/samples/workshop/SamplesApp/WebServices/security/wsse/reqResp/client/
Sample Source Code
01 <wsSecurityPolicy xsi:schemaLocation="WSSecurity-policy.xsd" xmlns="http://www.bea.com/2003/03/wsse/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
02 <wsSecurityOut>
03 <!--
04 Accompany the SOAP message with a valid username and password
05 -->
06 <userNameToken>
07 <userName>weblogic</userName>
08 <password type="TEXT">weblogic</password>
09 </userNameToken>
10 <!--
11 Encrypt the SOAP message with the recipient's (MyCompany.jws) public key.
12 Only the recipient's private key can decrypt it.
13 Ensures the confidentiality of the SOAP message.
14 (This process requires that the sender's keystore already contains
15 a digital certificate containing the recients public key.)
16 -->
17 <encryption>
18 <encryptionKey>
19 <alias>mycompany</alias>
20 </encryptionKey>
21 </encryption>
22 <!--
23 Sign the SOAP message with the sender's (Client.jws) private key.
24 Only the sender's public key can validate the signature.
25 Ensures the authenticity of the sender, i.e., that the sender is
26 in fact the source of the SOAP message.
27 -->
28 <signatureKey>
29 <alias>client1</alias>
30 <password>password</password>
31 </signatureKey>
32 </wsSecurityOut>
33
34 <wsSecurityIn>
35 <!--
36 Incoming SOAP message must be accompanied by a valid username
37 and password.
38 -->
39 <token tokenType="username"/>
40 <!--
41 Incoming SOAP messages must be encrypted with client.jws's
42 public key. The alias and password to access the client.jws's
43 decrypting private key in the keystore are provided by
44 the <decryptionKey> element below.
45 -->
46 <encryptionRequired>
47 <decryptionKey>
48 <alias>client1</alias>
49 <password>password</password>
50 </decryptionKey>
51 </encryptionRequired>
52 <!--
53 Incoming SOAP messages must be digitally signed with the sender's
54 private key.
55 The sender's public key is used to validate the signature.
56 -->
57 <signatureRequired>true</signatureRequired>
58 </wsSecurityIn>
59
60 <!--
61 Look for the client.jks keystore in the default location, the server domain
62 root, in this case, BEA_HOME\weblogic81\samples\domains\workshop.
63 -->
64 <keyStore>
65 <keyStoreLocation>samples_client.jks</keyStoreLocation>
66 <keyStorePassword>password</keyStorePassword>
67 </keyStore>
68 </wsSecurityPolicy>
|