How Do I … ? / How to handle WS security |
The client consists in sending a message and retrieving messages clients sent to it.
Before that, create the client stub from the wsdl:
fglwsdl -domHandler myservice.wsdl
The client stub reference handlers:
SecureMessageBox_HandleRequest
SecureMessageBox_HandleResponse
SecureMessageBox_HandleResponseFault
For more details about client SOAP handlers see Client stub and handlers.
What to do when a message is sent:
sign with client private key
encrypt with server public key
key to identify the sender/client
key to identify the recipient/server
key used to encrypt the data (usually a symmetric key encrypted by the recipient public key)
sign the message
encrypt the message
What to do to retrieve messages:
Identify the sender and validate the sender (search in keystore)
Identify the recipient (should be the server itself)
Decrypt the request
Check the signature
Retrieve messages for the recipient