You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Raagu <rk...@gmail.com> on 2013/12/12 09:47:55 UTC
How to parse wsdl policies in java
I have a java application, in which I have used jaxws-ri library, to make
webservice calls to different webservice application. In order to make
webservice clients, I have used dispatch APIs. Now I'm making my code to
handle ws-security as well, if the webservice application exposes security
considerations interms of wsdl policies. To handle ws-security, since
jaxws-ri (reference implementation) does not support that,I have explored
other libraries and found Apache CXF does support that. I have tried running
sample client program using Apache CXF (doubleit services) and was able to
invoke webservice which has different policy assertion (STS, Encryption,
Addressing, Signature and so on). The sample snippet I tried are as follows.
URL wsdlURL = new
URL("http://localhost:8080/doubleit/services/doubleit?wsdl");
Service service = Service.create(wsdlURL, new
QName("http://www.example.org/contract/DoubleIt","DoubleItService"));
Dispatch<SOAPMessage> disp = service.createDispatch(new
QName("http://www.example.org/contract/DoubleIt","DoubleItPort"),
SOAPMessage.class, Service.Mode.MESSAGE);
MessageFactory factory = MessageFactory.newInstance();
SOAPMessage loginRequestSOAPMesage = factory.createMessage();
SOAPPart requestSoapPart = loginRequestSOAPMesage.getSOAPPart();
SOAPEnvelope requestEnvelope = requestSoapPart.getEnvelope();
SOAPBody requestBody = requestEnvelope.getBody();
SOAPBodyElement element =
requestBody.addBodyElement(requestEnvelope.createName("DoubleIt", "ser",
"http://www.example.org/schema/DoubleIt"));
element.addChildElement("numberToDouble").addTextNode("222");
disp.getRequestContext().put("ws-security.encryption.username",
"mystskey");
disp.getRequestContext().put("ws-security.encryption.properties",
"clientKeystore.properties");
disp.getRequestContext().put("ws-security.callback-handler",
"client.ClientCallbackHandler");
disp.getRequestContext().put("ws-security.username", "alice");
SOAPMessage response = disp.invoke(loginRequestSOAPMesage);
In the above code, I had hard coded some of the ws-security properties with
values to make sure all the required values are present in the
requestContext based on the policy assertions in the wsdl. But my question
is how to make it generic ? Are there any APIs using which we can parse all
the policies from wsdl, pragmatically in Java, and based on the policies
present in the wsdl, we get required values and set to proper ws-security
properties ? I had googled for it in many places but I did not get relevant
topics of my interest ?
--
View this message in context: http://cxf.547215.n5.nabble.com/How-to-parse-wsdl-policies-in-java-tp5737761.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: How to parse wsdl policies in java
Posted by Daniel Kulp <dk...@apache.org>.
The only real “API” that I’m aware of is Neethi, which is what we use.
My suggestion would be to write an interceptor that runs after our PolicyIn/OutInterceptors and does:
AssertionInfoMap map = message.get(AssertionInfoMap.class);
From that map, you can find the QNames and such of the policies that CXF is trying to use and use them to verify other settings on the message. Anything missing can be added as a property to the message itself.
Dan
On Dec 12, 2013, at 3:47 AM, Raagu <rk...@gmail.com> wrote:
> I have a java application, in which I have used jaxws-ri library, to make
> webservice calls to different webservice application. In order to make
> webservice clients, I have used dispatch APIs. Now I'm making my code to
> handle ws-security as well, if the webservice application exposes security
> considerations interms of wsdl policies. To handle ws-security, since
> jaxws-ri (reference implementation) does not support that,I have explored
> other libraries and found Apache CXF does support that. I have tried running
> sample client program using Apache CXF (doubleit services) and was able to
> invoke webservice which has different policy assertion (STS, Encryption,
> Addressing, Signature and so on). The sample snippet I tried are as follows.
>
> URL wsdlURL = new
> URL("http://localhost:8080/doubleit/services/doubleit?wsdl");
> Service service = Service.create(wsdlURL, new
> QName("http://www.example.org/contract/DoubleIt","DoubleItService"));
> Dispatch<SOAPMessage> disp = service.createDispatch(new
> QName("http://www.example.org/contract/DoubleIt","DoubleItPort"),
> SOAPMessage.class, Service.Mode.MESSAGE);
>
> MessageFactory factory = MessageFactory.newInstance();
> SOAPMessage loginRequestSOAPMesage = factory.createMessage();
>
> SOAPPart requestSoapPart = loginRequestSOAPMesage.getSOAPPart();
> SOAPEnvelope requestEnvelope = requestSoapPart.getEnvelope();
> SOAPBody requestBody = requestEnvelope.getBody();
> SOAPBodyElement element =
> requestBody.addBodyElement(requestEnvelope.createName("DoubleIt", "ser",
> "http://www.example.org/schema/DoubleIt"));
> element.addChildElement("numberToDouble").addTextNode("222");
>
> disp.getRequestContext().put("ws-security.encryption.username",
> "mystskey");
> disp.getRequestContext().put("ws-security.encryption.properties",
> "clientKeystore.properties");
> disp.getRequestContext().put("ws-security.callback-handler",
> "client.ClientCallbackHandler");
> disp.getRequestContext().put("ws-security.username", "alice");
>
> SOAPMessage response = disp.invoke(loginRequestSOAPMesage);
>
> In the above code, I had hard coded some of the ws-security properties with
> values to make sure all the required values are present in the
> requestContext based on the policy assertions in the wsdl. But my question
> is how to make it generic ? Are there any APIs using which we can parse all
> the policies from wsdl, pragmatically in Java, and based on the policies
> present in the wsdl, we get required values and set to proper ws-security
> properties ? I had googled for it in many places but I did not get relevant
> topics of my interest ?
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/How-to-parse-wsdl-policies-in-java-tp5737761.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
Re: How to parse wsdl policies in java
Posted by Daniel Kulp <dk...@apache.org>.
Instead of:
Client client = ClientProxy.getClient(port);
cast the Dispatch to our org.apache.cxf.jaxws.DispatchImpl and call the getClient() method on that. The rest should be exactly the same.
Dan
On Dec 17, 2013, at 3:50 AM, Raagu <rk...@gmail.com> wrote:
> Hi Daniel and Andrie,
>
> Thanks a lot for the reply. I have followed the links and information you
> had given and understood how it works. Since I am more interested in
> connecting to MicroSoft Dynamics CRM webservices from Apache CXF, I have
> followed the link
> http://groovyjava-tom.blogspot.com.ar/2012/01/cxf-and-ms-crm-2011.html.
> Here and in the above tutorials of Apache CXF, the registration of
> AssetionInterceptor and AssertionBuilder will be done using
> org.apache.cxf.frontend.ClientProxy and org.apache.cxf.Bus.
>
> But I am not using generated code from the wsdl instead using dispatch API
> to make web service calls from my Java application.
>
> With the approach of dispatch API, how do I register Assertion Builder and
> Interceptor to the Apache CXF framework ?
>
> Thanks
> Raagu
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/How-to-parse-wsdl-policies-in-java-tp5737761p5737898.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
RE: How to parse wsdl policies in java
Posted by Raagu <rk...@gmail.com>.
Hi Daniel and Andrie,
Thanks a lot for the reply. I have followed the links and information you
had given and understood how it works. Since I am more interested in
connecting to MicroSoft Dynamics CRM webservices from Apache CXF, I have
followed the link
http://groovyjava-tom.blogspot.com.ar/2012/01/cxf-and-ms-crm-2011.html.
Here and in the above tutorials of Apache CXF, the registration of
AssetionInterceptor and AssertionBuilder will be done using
org.apache.cxf.frontend.ClientProxy and org.apache.cxf.Bus.
But I am not using generated code from the wsdl instead using dispatch API
to make web service calls from my Java application.
With the approach of dispatch API, how do I register Assertion Builder and
Interceptor to the Apache CXF framework ?
Thanks
Raagu
--
View this message in context: http://cxf.547215.n5.nabble.com/How-to-parse-wsdl-policies-in-java-tp5737761p5737898.html
Sent from the cxf-user mailing list archive at Nabble.com.
RE: How to parse wsdl policies in java
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
Additionally to Dan answer, you can look into Policy Interceptor Providers (http://cxf.apache.org/using-ws-policy-in-cxf-projects.html , http://cxf.apache.org/docs/ws-policy-framework-overview.html ).
You can register your own interceptor(s) associated with specified policy assertion using this mechanism.
For example, if policy contains IssuedToken assertion, your interceptor will activated before the WSS4J ones and dynamically prepare security properties like ws-security.encryption.username, ws-security.callback-handler, etc.
I have used this mechanism and some custom projects and that works pretty well.
Regards,
Andrei.
> -----Original Message-----
> From: Raagu [mailto:rknilekani2005@gmail.com]
> Sent: Donnerstag, 12. Dezember 2013 09:48
> To: users@cxf.apache.org
> Subject: How to parse wsdl policies in java
>
> I have a java application, in which I have used jaxws-ri library, to make
> webservice calls to different webservice application. In order to make
> webservice clients, I have used dispatch APIs. Now I'm making my code to
> handle ws-security as well, if the webservice application exposes security
> considerations interms of wsdl policies. To handle ws-security, since jaxws-ri
> (reference implementation) does not support that,I have explored other
> libraries and found Apache CXF does support that. I have tried running
> sample client program using Apache CXF (doubleit services) and was able to
> invoke webservice which has different policy assertion (STS, Encryption,
> Addressing, Signature and so on). The sample snippet I tried are as follows.
>
> URL wsdlURL = new
> URL("http://localhost:8080/doubleit/services/doubleit?wsdl");
> Service service = Service.create(wsdlURL, new
> QName("http://www.example.org/contract/DoubleIt","DoubleItService"));
> Dispatch<SOAPMessage> disp = service.createDispatch(new
> QName("http://www.example.org/contract/DoubleIt","DoubleItPort"),
> SOAPMessage.class, Service.Mode.MESSAGE);
>
> MessageFactory factory = MessageFactory.newInstance();
> SOAPMessage loginRequestSOAPMesage = factory.createMessage();
>
> SOAPPart requestSoapPart = loginRequestSOAPMesage.getSOAPPart();
> SOAPEnvelope requestEnvelope = requestSoapPart.getEnvelope();
> SOAPBody requestBody = requestEnvelope.getBody();
> SOAPBodyElement element =
> requestBody.addBodyElement(requestEnvelope.createName("DoubleIt",
> "ser", "http://www.example.org/schema/DoubleIt"));
> element.addChildElement("numberToDouble").addTextNode("222");
>
> disp.getRequestContext().put("ws-security.encryption.username",
> "mystskey");
> disp.getRequestContext().put("ws-security.encryption.properties",
> "clientKeystore.properties");
> disp.getRequestContext().put("ws-security.callback-handler",
> "client.ClientCallbackHandler");
> disp.getRequestContext().put("ws-security.username", "alice");
>
> SOAPMessage response = disp.invoke(loginRequestSOAPMesage);
>
> In the above code, I had hard coded some of the ws-security properties with
> values to make sure all the required values are present in the
> requestContext based on the policy assertions in the wsdl. But my question
> is how to make it generic ? Are there any APIs using which we can parse all
> the policies from wsdl, pragmatically in Java, and based on the policies
> present in the wsdl, we get required values and set to proper ws-security
> properties ? I had googled for it in many places but I did not get relevant
> topics of my interest ?
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/How-to-
> parse-wsdl-policies-in-java-tp5737761.html
> Sent from the cxf-user mailing list archive at Nabble.com.