This section contains the following topics:
Configure WSS Agent Security Interceptor Protection for JAX-RPC Web Services Over HTTP Transport
Configure WSS Agent Security Interceptor Protection for JAX-WS Web Services Over HTTP Transport
Configure WSS Agent Security Interceptor Protection for JAX-WS Web Services Over JMS Transport
Configure the WSS Agent Login Module
Restart the JBoss Application Server
To configure the WSS Agent Web Interceptor to protect JAX-RPC web services over HTTP transport, configure those services to invoke the WSS Agent JAX-RPC HTTP Handler. You can configure global use of the JAX-RPC Handler for all JAX-RPC HTTP web services or configure it for individual web services, as required.
To configure the WSS Agent JAX-RPC Handler to be invoked for all JAX-RPC HTTP web services, add the WSS Agent JAX-RPC Handler class (com.ca.soa.agent.jaxrpcplugin.JaxrpcHandler) to the standard JAX-RPC endpoint configuration file, standard-jaxrpc-endpoint-config.xml.
By default, the standard-jaxrpc-endpoint-config.xml file is in the following location:
JBOSS_HOME/server/instance_type/deployers/jbossws.deployer/META-INF
Specifies the JBoss Application Server instance type (one of default, minimal, production, standard, or web).
Follow these steps:
<handler> <j2ee:handler-name>SM XMLAgentJaxrpc Handler</j2ee:handler-name> <j2ee:handler-class> com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandler </j2ee:handler-class> </handler>
The JBoss WSS Agent JAX-RPC Handler will be invoked for all JAX-RPC web services.
Example standard-jaxrpc-endpoint-config.xml file
<jaxrpc-config xmlns="urn:jboss:jaxrpc-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:j2ee="http://java.sun.com/xml/ns/j2ee" xsi:schemaLocation="urn:jboss:jaxrpc-config:2.0 jaxrpc-config_2_0.xsd">
<endpoint-config> <config-name>Standard Endpoint</config-name> <pre-handler-chain> <handler-chain-name>SM XMLAgentJaxrpc Handlers</handler-chain-name> <handler> <j2ee:handler-name>SM XMLAgentJaxrpc Handler</j2ee:handler-name> <j2ee:handler-class> com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandler </j2ee:handler-class> </handler> </pre-handler-chain>
</endpoint-config> </jaxrpc-config>
Configure individual JAX-RPC HTTP web services to invoke the WSS Agent JAX-RPC HTTP Handler by defining the com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandler in the application webservices.xml deployment descriptor.
For example:
<webservices ...> <webservice-description> ... <port-component> ... <handler> <handler-name>SM XMLAgentJaxrpc Handler</handler-name> <handler-class>com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandler</handler-class> </handler> </port-component> </webservice-description> </webservices>
The JBoss WSS Agent JAX-RPC HTTP Handler will be invoked only for this web service.
To configure the WSS Agent Security Interceptor to protect JAX-WS web services over HTTP transport, configure those services to invoke the WSS Agent JAX-WS HTTP Handler. You can configure global use of the JAX-WS Handler for all JAX-WS HTTP web services or configure it for individual web services, as required.
To configure the WSS Agent JAX-WS HTTP Handler to be invoked for all JAX-WS HTTP web services, add the WSS Agent JAX-WS Handler class (com.ca.soa.agent.jaxwsplugin.JaxWsHandler) to the standard JAX-WS endpoint configuration file, standard-jaxws-endpoint-config.xml.
By default, the standard-jaxws-endpoint-config.xml file is in the following location:
JBOSS_HOME/server/instance_type/deployers/jbossws.deployer/META-INF
Specifies the JBoss Application Server instance type (one of default, minimal, production, standard, or web).
Follow these steps:
<javaee:handler> <javaee:handler-name> JBoss JAX-WS PEP Interceptor </javaee:handler-name> <javaee:handler-class> com.ca.soa.agent.jaxwsplugin.JaxWsHandler </javaee:handler-class> </javaee:handler>
The JBoss WSS Agent JAX-WS Handler will be invoked for all JAX-WS web services.
Example standard-jaxws-endpoint-config.xml file
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> <endpoint-config> <config-name>Standard Endpoint</config-name> <pre-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name> JBoss JAX-WS PEP Interceptor </javaee:handler-name> <javaee:handler-class> com.ca.soa.agent.jaxwsplugin.JaxWsHandler </javaee:handler-class> </javaee:handler> <javaee:handler> <javaee:handler-name>Recording Handler</javaee:handler-name> <javaee:handler-class> org.jboss.wsf.framework.invocation.RecordingServerHandler </javaee:handler-class> </javaee:handler> </javaee:handler-chain> </pre-handler-chains> </endpoint-config>
Configure individual JAX-WS HTTP web services to invoke the WSS Agent JAX-WS Handler.
Follow these steps:
<?xml version="1.0" encoding="UTF-8"?> <handler-chains xmlns="http://java.sun.com/xml/ns/javaee"> <handler-chain> <handler> <handler-name>JBoss JAX-WS PEP Interceptor</handler-name> <handler-class>com.ca.soa.agent.jaxwsplugin.JaxWsHandler</handler-class> </handler> </handler-chain> </handler-chains>
@HandlerChain(file = "Services_handler.xml")
The JBoss WSS Agent JAX-WS Handler is invoked for the web service.
To configure the WSS Agent Web Interceptor to protect JAX-WS web services over JMS transport, configure those services to invoke the WSS Agent JAX-WS JMS Handler. You can configure global use of the JAX-WS JMS Handler for all JAX-WS JMS web services or configure it for individual web services, as required.
Important! Do not place the WSS Agent JAX-WS HTTP Handler and the WSS Agent JAX-WS JMS Handler in the same handler chain. If you configure either handler in the default handler chain for the container, verify that all JAX-WS web services in the container use the corresponding transport.
Important! Do not place the WSS Agent JAX-WS HTTP Handler and the WSS Agent JAX-WS JMS Handler in the same handler chain. If you configure either handler in the default handler chain for the container, verify that all JAX-WS web services in the container use the corresponding transport.
To configure the WSS Agent JAX-WS JMS Handler to be invoked for all JAX-WS JMS web services, add the WSS Agent JAX-WS JMS Handler class (com.ca.soa.agent.jmsplugin.JaxWsJMSHandler) to the standard JAX-WS endpoint configuration file, standard-jaxws-endpoint-config.xml.
The standard-jaxws-endpoint-config.xml file is located in JBOSS_HOME/server/instance_type/deployers/jbossws.deployer/META-INF.
Specifies the JBoss Application Server instance type (one of default, minimal, production, standard, or web).
Follow these steps:
<javaee:handler> <javaee:handler-name> JBoss JAX-WS PEP Interceptor </javaee:handler-name> <javaee:handler-class> com.ca.soa.agent.jmsplugin.JaxWsJMSHandler </javaee:handler-class> </javaee:handler>
The JBoss WSS Agent JAX-WS Handler will be invoked for all JAX-WS web services.
Example standard-jaxws-endpoint-config.xml file
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> <endpoint-config> <config-name>Standard Endpoint</config-name> <pre-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name> JBoss JAX-WS PEP Interceptor </javaee:handler-name> <javaee:handler-class> com.ca.soa.agent.jmsplugin.JaxWsJMSHandler </javaee:handler-class> </javaee:handler> <javaee:handler> <javaee:handler-name>Recording Handler</javaee:handler-name> <javaee:handler-class> org.jboss.wsf.framework.invocation.RecordingServerHandler </javaee:handler-class> </javaee:handler> </javaee:handler-chain> </pre-handler-chains> </endpoint-config>
You can configure individual JAX-WS JMS web services to invoke the WSS Agent JAX-WS JMS Handler.
Follow these steps:
<?xml version="1.0" encoding="UTF-8"?> <handler-chains xmlns="http://java.sun.com/xml/ns/javaee"> <handler-chain> <handler> <handler-name>JBoss JAX-WS PEP Interceptor</handler-name> <handler-class>com.ca.soa.agent.jmsplugin.JaxWsJMSHandler</handler-class> </handler> </handler-chain> </handler-chains>
@HandlerChain(file = "Services_handler.xml")
The JBoss WSS Agent JAX-WS Handler will be invoked only for this web service.
Define a JBoss security domain named system.XMLAgent that configures the WSS Agent Login Module required to authenticate credentials obtained by the WSS Agent Handlers.
You configure the system.XMLAgent by adding an application-policy element to the login-config.xml file located in JBOSS_HOME/server/instance_type/conf.
Specifies the JBoss Application Server instance type (one of default, minimal, production, standard, or web).
To configure SiteMinder Agent Authenticators at the global level
<application-policy name="system.XMLAgent"> <authentication> <login-module code="com.ca.soa.agent.appserver.jaas.XMLAgentLoginModule" flag="required"> <module-option name="unauthenticatedIdentity">anonymous</module-option> </login-module> </authentication> </application-policy>
Restart the JBoss Application Server to commit configuration changes you made for the SiteMinder Agent.
To restart the JBoss Application Server
The JBoss Application Server restarts with the configuration changes you made for the SiteMinder Agent.
Copyright © 2014 CA.
All rights reserved.
|
|