WS-Security Policy is not updated in WSDL even if WS-Security is configured in cxf.xml in EAP 6

Solution Verified - Updated -

Issue

  • We are using JBoss bundled CXF (CXF 2.4.9) to publish web services. Basically we are using code first approach for publishing the web services using CXF.
  • We want to have WS-Security authentication and configured WSS4J interceptor accordingly, but after deploying the web service the WSDL is generated but header related info doesn't come which needs to be used by client.
  • we have a cxf.xml (spring bean file) in which we configure the jaxws:endpoint and configure the interceptors (WSS4JInterceptor in our case) and we are able to validate the username token from the request and it works.
  • But when the WSDL is accessed after the deployment, it does not have any WS-Policy (security header) related information as well as any other custom header information which we expect.
  • As of now we manually tell the clients to pass on this information.
  • We would like to know how this can be configured in code first approach.

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.