WSRFlite security settings involve both server side security, and client side security. Transport-level security through SSL (optionally client-authenticated) is supported.
Usually, the services.xml file contains a set of properties defining the security settings. You have to configure several things
Here's an example
<services> <!-- server side SSL example --> <property name="unicore.wsrflite.ssl" value="true"/> <property name="unicore.wsrflite.ssl.clientauth" value="false"/> <property name="unicore.wsrflite.ssl.keystore" value="demo_keystore"/> <property name="unicore.wsrflite.ssl.keypass" value="demo123"/> <property name="unicore.wsrflite.ssl.keytype" value="JKS"/> <property name="unicore.wsrflite.ssl.truststore" value="demo_keystore"/> <property name="unicore.wsrflite.ssl.truststorepass" value="demo123"/> <property name="unicore.wsrflite.ssl.truststoretype" value="JKS"/> </services>
To access secure services using WSRFlite, you will need to configure the way SSL is done. On the client side, you need to specify a trust sture containing certificates of the servers that you want to trust. This can be done using a services.xml file, as for the server.
<services> <!-- SSL example --> <property name="unicore.wsrflite.ssl" value="true"/> <property name="unicore.wsrflite.ssl.clientauth" value="false"/> <property name="unicore.wsrflite.ssl.keystore" value="demo_keystore"/> <property name="unicore.wsrflite.ssl.keypass" value="demo123"/> <property name="unicore.wsrflite.ssl.keytype" value="JKS"/> <property name="unicore.wsrflite.ssl.truststore" value="demo_keystore"/> <property name="unicore.wsrflite.ssl.truststorepass" value="demo123"/> <property name="unicore.wsrflite.ssl.truststoretype" value="JKS"/> </services>
WSRFlite allows you to add any custom handlers to the underlying SOAP engine. Check the config guide for details.