You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Ni...@cargarantie.com on 2015/06/29 22:28:01 UTC
Antwort: RE: Antwort: RE: Antwort: RE: Antwort: RE: Custom WS-Security
Policy for Webservice
Hi Andrei, pleas apologize my late reply. I was away the last two months!
> > > > I've debugged the PlicyAnnotationListener at the recommended
> > > position, but no
> > > > result. Both methods in case ENDPOINT_SELECTED (addPolicies(...)
and
> > > > addEndpointImplPolicies(...)) do not add a policy since the
> > policylists are
> > > > always empty (null). The reason for this is probably that the
> > > PropertyMap of the
> > > > endpoint interface is also null. In summray, no policies (policy
> > > annotations) are
> > > > found.
> > >
> > > Did you see @Policies annotations for the implClass in
> > > addEndpointImplPolicies(...) in debugger variables explorer?
> > > Is the implementation class correct one?
> >
> > I'm not sure if I understood your question correctly, but in
> Variables Explorer, I
> > see that other annotation properties I've made for WS-Security,
> like encryption
> > properties, username, etc., are loaded correctly (the
> implementation class is
> > JaxWsEndpointImpl). I think this shows that the correct class is
loaded.
>
> I mean just to verify in debugger inside addEndpointImplPolicies()
> method that cls (implementation class) has all declared annotations
> (including @Policies).
> You can add cls.getAnnotations() in debugger expressions window and
> see what is declared on class level.
The cls contains my web service interface, the implCls contains the actual
implementation of the interface. The cls object contains all declared
annotations of the interface class. However, the implCls is missing
@EndpointConfig and @Policy which are declared in the implementaton class.
> Was the following check inside addEndpointImplPolicies()
> unsuccessful or you go inside?:
> Policy p = cls.getAnnotation(Policy.class);
> Policies ps = cls.getAnnotation(Policies.class);
> if (p != null || ps != null) {
> ...
Yes, it was unsuccessful. Both p and ps are null.
> Could you try to start you class standalone, without application
> server and see if the problem persists?
If I run my web service in standalone mode, the implClass used in the
endpoint contains the policy annotaitons.
My assumption is that the class loading does not work properly, maybe
because the wrong class loader is used. Do you have any suggestion how to
proceed?
Thanks
Nik
> Regards,
> Andrei.
>
> >
> > Regards
> > Niko
> >
> > >
> > > Regards,
> > > Andrei.
> > >
> > > >
> > > > Thanks
> > > > Niko
> > > >
> > > > >
> > > > > Thanks
> > > > > Niko
> > > > >
> > > > > >
> > > > > > Regards,
> > > > > > Andrei.
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Nikolaus.Huber@cargarantie.com
> > > > > > > [mailto:Nikolaus.Huber@cargarantie.com]
> > > > > > > Sent: Dienstag, 21. April 2015 12:46
> > > > > > > To: users@cxf.apache.org
> > > > > > > Subject: Antwort: RE: Custom WS-Security Policy for
Webservice
> > > > > > >
> > > > > > > Hi,
> > > > > > >
> > > > > > > thanks for the link to the examples. I'm using a similar
> > > > > > configuration now, but
> > > > > > > without success.
> > > > > > >
> > > > > > > Concerning your questions: What I want to achieve is
basically
> > the
> > > > > policy
> > > > > > > described here (
> > > > > > >
> > > > >
> > > >
> >
http://docs.oasis-open.org/ws-sx/security-policy/examples/ws-sp-usecases-
> > > > > > > examples.html#_Toc274723250
> > > > > > > ). The only difference is that I want to use Basic128 as the
> > > > > > Algorithm Suite. This
> > > > > > > is the requirement of our customer. Thus, I do not register
an
> > > > > interceptor
> > > > > > > provider. The policy assertions I use should be standard,
right?
> > > > > > >
> > > > > > > Thanks
> > > > > > > Niko
> > > > > > >
> > > > > > > Andrei Shakirin <as...@talend.com> schrieb am 20.04.2015
> > > > 21:06:03:
> > > > > > >
> > > > > > > > Von: Andrei Shakirin <as...@talend.com>
> > > > > > > > An: "users@cxf.apache.org" <us...@cxf.apache.org>
> > > > > > > > Datum: 20.04.2015 21:07
> > > > > > > > Betreff: RE: Custom WS-Security Policy for Webservice
> > > > > > > >
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > Take a look in following system tests:
> > > > > > > >
> > > >
https://github.com/apache/cxf/blob/master/systests/ws-security/src/
> > > > > > > >
> > > > >
> > test/java/org/apache/cxf/systest/ws/policy/JavaFirstPolicyService.java
> > > > > > > >
> > > >
https://github.com/apache/cxf/blob/master/systests/ws-security/src/
> > > > > > > > test/java/org/apache/cxf/systest/ws/policy/javafirst/
> > > > > > > > OperationSimpleServiceImpl.java
> > > > > > > >
> > > > > > > > One possible issue is that uri attribute in @Policy
> > > > > > > > annotation can
> > > >
> > > > > be
> > > > > > > > required to be in URI form (classpath:/xxx, file:///xxx).
> > > > > > > > Do you register interceptor provider for the custom policy
> > > > assertion
> > > > > > > > or it contains standard assertions? What is your
expectation
> > > > > > > > from activating of custom policy?
> > > > > > > >
> > > > > > > > Regards,
> > > > > > > > Andrei.
> > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Nikolaus.Huber@cargarantie.com
> > > > > > > > > [mailto:Nikolaus.Huber@cargarantie.com]
> > > > > > > > > Sent: Montag, 20. April 2015 12:24
> > > > > > > > > To: users@cxf.apache.org
> > > > > > > > > Subject: Custom WS-Security Policy for Webservice
> > > > > > > > >
> > > > > > > > > Hi all,
> > > > > > > > >
> > > > > > > > > I'm trying to apply a custom WS-Security policy to a web
> > > > service.
> > > > > > > > > I'm
> > > > > > > using
> > > > > > > > > wsimport from the jaxws-maven-plugin to generate the
SEI.
> > The
> > > > > > > > > implementation of the SEI looks like this:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > import javax.jws.WebService;
> > > > > > > > > import org.apache.cxf.annotations.Policy;
> > > > > > > > > import
org.jboss.ws.api.annotation.EndpointConfig;
> > > > > > > > >
> > > > > > > > > @WebService(
> > > > > > > > > portName = "VehicleOrderRetailDelivery",
> > > > > > > > > serviceName =
"VehicleOrderRetailDelivery",
> > > > > > > > > targetNamespace = "some/namespace",
> > > > > > > > > wsdlLocation =
> > > > > > > > > "/WEB-INF/wsdl/VehicleOrderRetailDelivery.wsdl",
> > > > > > > > > endpointInterface =
> > > > > > > > > "mypackage.IVehicleOrderRetailDelivery"
> > > > > > > > > )
> > > > > > > > > @Policies({@Policy(placement =
> > > > > > > > > Policy.Placement.BINDING,
> > > >
> > > > > uri
> > > > > > > > > = "CustomPolicy.xml", includeInWSDL=true)})
> > > > > > > > > @EndpointConfig(configFile =
> > > > > > > "WEB-INF/jaxws-endpoint-config.xml"
> > > > > > > > > , configName = "Custom WS-Security Endpoint")
> > > > > > > > > public class VehicleOrderRetailDelivery
implements
> > > > > > > > > IVehicleOrderRetailDelivery {
> > > > > > > > >
> > > > > > > > > public void report(@XmlElement(required
=
> > > > > > > > > true)
> > > > > > > > ReportRequestType
> > > > > > > > > reportRequest) { ... }
> > > > > > > > > }
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > The problem is that the custom WS-Security policy is not
> > active.
> > > >
> > > > > If
> > > > > > > > > I
> > > > > > > send
> > > > > > > > > requests to the endpoint using SoapUI, I get a soap
fault
> > > > telling
> > > > > me
> > > > > > > that
> > > > > > > > > the message contains encrypted data. I'm using Wildfly
> > > > > > > > > 8.1.0 and I've already set the log level to DEBUG but
> > > > > > > > > there is no
> > > > > information
> > > > > > > > > in the
> > > > > > > log
> > > > > > > > > what goes wrong or why the policy is not active. This
part
> > of
> > > > the
> > > > > > > > > log makes me believe that there is some kind of policy
> > > > > > > > > that
> > it
> > > > is
> > > > > > > > > loaded
> > > > > > > > >
> > > > > > > > > 21:43:17,813 FINE
> > > > > > > > > [org.apache.cxf.phase.PhaseInterceptorChain]
> > > > > > > (default
> > > > > > > > > task-5) Chain
> > > > org.apache.cxf.phase.PhaseInterceptorChain@3aa6c815
> > > > > > > > > was modified. `Current flow:` receive
> > > > > > > > > [PolicyInInterceptor, EndpointAssociationInterceptor,
> > AttachmentInInterceptor]
> > > > > > > > > pre-stream [CertConstraintsInterceptor]
> > > > > > > > > post-stream [StaxInInterceptor]
> > > > > > > > > read [WSDLGetInterceptor, ReadHeadersInterceptor,
> > > > > > > > > SoapActionInInterceptor, StartBodyInterceptor]
> > > > > > > > > pre-protocol [EnableDecoupledFaultInterceptor,
> > > > MEXInInterceptor,
> > > > > > > > > MustUnderstandInterceptor]
> > > > > > > > > pre-protocol-frontend [HandlerAuthInterceptor]
> > > > > > > > > post-protocol [CheckFaultInterceptor,
> > > > > > > JAXBAttachmentSchemaValidationHack
> > > > > > > > > ]
> > > > > > > > > unmarshal [DocLiteralInInterceptor,
SoapHeaderInterceptor]
> > > > > > > > > pre-logical [NsCtxSelectorStoreInterceptor,
> > > > > > > OneWayProcessorInterceptor,
> > > > > > > > > MustUnderstandEndingInterceptor]
> > > > > > > > > post-logical [WrapperClassInInterceptor]
> > > > > > > > > pre-invoke [SwAInInterceptor, HolderInInterceptor]
> > > > > > > > > invoke [ServiceInvokerInterceptor,
> > > > > > > > > UltimateReceiverMustUnderstandInterceptor]
> > > > > > > > > post-invoke [OutgoingChainInterceptor,
> > > > StaxInEndingInterceptor]
> > > > > > > > >
> > > > > > > > > but why is it not active? Does anybody have an idea why
> > > > > > > > > the
> > > > custom
> > > > > > > policy
> > > > > > > > > is not loaded? Any hints are highly appreciated.
> > > > > > > > >
> > > > > > > > > Cheers
> > > > > > > > > Nik