Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
This gist shows how to verify a signed Soap-Message using Apache WSS4J
package de.wolff.wsst;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.Properties;
import java.util.regex.Pattern;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.engine.WSSecurityEngine;
import org.apache.wss4j.dom.handler.RequestData;
public class WSSecurityVerifier {
private static final String TRUSTSTORE_FILE = System.getProperty("truststore.file");
private static final String TRUSTSTORE_PASSWD = System.getProperty("truststore.password");
public static void main(String[] args) throws Throwable {
SOAPMessage message = readSoapMessage(args[0]);
WSSecurityEngine engine = new WSSecurityEngine();
engine.processSecurityHeader(message.getSOAPPart(), requestData());
System.out.println("Message valid!");
}
private static SOAPMessage readSoapMessage(String path) throws IOException, SOAPException, FileNotFoundException {
try (InputStream stream = new FileInputStream(path)) {
return MessageFactory.newInstance().createMessage(null, stream);
}
}
private static RequestData requestData() throws WSSecurityException {
Crypto crypto = crypto();
RequestData requestData = new RequestData();
requestData.setDecCrypto(crypto);
requestData.setSigVerCrypto(crypto);
requestData.setSubjectCertConstraints(Arrays.asList(Pattern.compile(".*")));
return requestData;
}
private static Crypto crypto() throws WSSecurityException {
Properties properties = new Properties();
properties.setProperty("org.apache.wss4j.crypto.merlin.truststore.file", TRUSTSTORE_FILE);
properties.setProperty("org.apache.wss4j.crypto.merlin.truststore.password", TRUSTSTORE_PASSWD);
return CryptoFactory.getInstance(properties);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment