jbossws-cxf | JBossWS-CXF stack | SOAP library

I'm hoping someone can help me with this. I'm using the following :

• WildFly 9
• jbossws-cxf-*-5.0.0.Final
• cxf-core-3.0.5

and I am dealing with an integration issue with a partner endpoint related to SNI in the HTTPS handshake. Following along with another site (here) I have been able to create a custom SSLSocketFactory and set that as the default SSLSocketFactory, but then I ran into the issue where CXF does not use the default SSLSocketFactory(here). With that I have not found a way to inform CXF to use the default SSLSocketFactory through configuration.

By debugging I was able to set the httpsURLConnectionDefaultHostnameVerifier on the TLSClientParameters to true and confirmed that this resolves the issue. I have also seen a number of posts that imply that this value can be set via a configuration file(JBoss WS config or CXF config) or as a startup parameter, but I have not been able to find a way to do this.

Has anyone else been able to accomplish this and if so can you share how?

I'm upgrading a SOAP web service client to JDK 11 and WSS4J 2.2.3 (w/o CXF/Spring). The java code uses the 'stand-alone' approach to handle encryption and fails to decrypt the incoming response because it is encrypted using RSA15. The algorithm was disabled by default as of release 2.0.0 but the migration guide suggests that it is possible to enable the algorithm by setting the WSHandlerConstants.ALLOW_RSA15_KEY_TRANSPORT_ALGORITHM property to "true". How can I do this??

I've looked at the WSS4J code and can see that the RequestData object is instantiated from WSSecurityEngine class in the WSS4J framework and I don't see a hook that would allow me to set the allowRSA15KeyTransportAlgorithm property to 'true'. I've been able to put a break-point in eclipse and change the value to ensure it works as expected and it does. I've searched the web and the closest thing I found was a similar question with no apparent answer here Allow the RSA v1.5 Key Transport Algorithm for WildFly / JBossWS / CXF / WSS4J stack. I've tried to revert WSS4J back to version 1.6 which allows the algorithm but then it failed with a different error "WRONG_DOCUMENT_ERR: A node is used in a different document than the one that created it". This seems to occur when using WSS4J 1.6 with any version of jaxws (external to JDK). The only way I can think to solve this is by hacking into the WSS4J 2.2.3 dependency and setting the property default to "true" in the RequestData class but I really don't want to do that.

I have a java bean project, I need to use jai, so I add a maven depedendency

Recently I worked out a SOAP Web Service/WS-Security solution using JBoss EAP 7 and its JBossWS version (with CXF). This reference was very helpful:

https://docs.jboss.org/author/display/JBWS/WS-Security

The solution is based on a WSDL file that contains a WS-SecurityPolicy.

Now I've been asked to implement a solution based on the same WSDL file, but using JBoss EAP 6.3.

JBoss EAP 7 is the only version of JBoss EAP that I've worked with thus far. I would like to avoid re-inventing the wheel, so to speak, so I'm looking for a hopefully minimal set of configuration changes from the EAP 7 solution.

Does anyone have recommendations for doing this? I've struggled even to find documentation or tutorials, in part because I'm unclear about which version of WildFly, JBossWS, and JBossWS-CXF is included in a JBoss EAP 6.3 installation.