JBoss.org Community Documentation

5.26.4.3. Client side WSSE declaration (jboss-wsse-client.xml)

<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/ws-security/config 
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
(1)  <config>
(2)    <sign type="x509v3" alias="wsse"/>
(3)    <requires>
(4)      <signature/>
</requires>
</config>
</jboss-ws-security>

  1. Here we start our root config block. The root config block is the default configuration for all web service clients (Call, Proxy objects).

  2. This means that the client must sign the message body of all requests it sends. Type means that we are to use a X.509v3 certificate (a standard certificate). The alias option says that the certificate/key pair to use for signing is in the key store under the "wsse" alias

  3. Here we start our optional requires block. This block specifies all security requirements that must be met when the client receives a response.

  4. This means that all web service clients must receive signed response messages.