You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Freddy Exposito <ex...@gmail.com> on 2014/08/11 22:51:13 UTC
WS-SecureConversation not working with .NET client
Hi,
I have a .NET client trying to do WS-SecureConversation against a CXF
Service and it is not working. It was working fine until this commit
8c40b37ab7fd41482ea4f1e42b4993703ee6be29
<https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=8c40b37ab7fd41482ea4f1e42b4993703ee6be29>
where the SecureConversationInInterceptor was moved from PRE_PROTOCOL to
PRE_STREAM phase.
What is failing for me now is that the SecureConversationInInterceptor is
not able to get the addressing properties
JAXWSAConstants.SERVER_ADDRESSING_PROPERTIES_INBOUND required to 'get' the
SoapAction when dealing with "//MS/WCF".
What I believe is happening is that this properties is set in the
ContextUtils.storeMaps() ( exec ContextUtils.getMAPProperty() ) method
invoked from the MAPCodec interceptor but this interceptor is still in
PRE_PROTOCOL phase, so now it is not being triggered before the
SecureConversationInInterceptor which is now in PRE_STREAM.
Is it something wrong with .NET integration in CXF or I am missing something
in the configuration?
Thanks,
Freddy
--
View this message in context: http://cxf.547215.n5.nabble.com/WS-SecureConversation-not-working-with-NET-client-tp5747626.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: WS-SecureConversation not working with .NET client
Posted by Colm O hEigeartaigh <co...@apache.org>.
>From what I can remember, it was required to get the use-case working,
which was the scenario of a
EndorsingSupportingToken->SecureConversationToken->TransportBinding. In
this case, the SecureConversationInInterceptor needed something from the
HttpsTokenInInterceptor, which was in PRE_STREAM. In general, all of the
WS-Security interceptor stuff is in PRE_STREAM in CXF 3.x so that it can
work for both the DOM + StAX cases.
Colm.
On Tue, Aug 12, 2014 at 9:38 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> I know on 3.0.x, this change was needed to support the new StAX based
> WS-Security processing. We needed to know up front which type of crypto’s
> and such we need to setup for the stax code to use. Not sure why this was
> needed on 2.7.x. Colm is on vacation this week so I’ll have to wait for
> him to get back to follow up about that.
>
> I just pushed some changes (to all three branches) that will detect this
> case and if the action isn’t there will add an additional interceptor to
> the chain to handle things later after the WS-Addressing stuff has been
> parsed. On 3.0.x, this will also then turn off the StAX based ws-security
> processing and use the DOM based processing. Not ideal, but it should at
> least allow this to work until I can chat with Colm about this a bit more.
>
> Dan
>
>
>
> On Aug 11, 2014, at 4:51 PM, Freddy Exposito <ex...@gmail.com> wrote:
>
> > Hi,
> >
> > I have a .NET client trying to do WS-SecureConversation against a CXF
> > Service and it is not working. It was working fine until this commit
> > 8c40b37ab7fd41482ea4f1e42b4993703ee6be29
> > <
> https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=8c40b37ab7fd41482ea4f1e42b4993703ee6be29
> >
> > where the SecureConversationInInterceptor was moved from PRE_PROTOCOL to
> > PRE_STREAM phase.
> >
> > What is failing for me now is that the SecureConversationInInterceptor is
> > not able to get the addressing properties
> > JAXWSAConstants.SERVER_ADDRESSING_PROPERTIES_INBOUND required to 'get'
> the
> > SoapAction when dealing with "//MS/WCF".
> >
> > What I believe is happening is that this properties is set in the
> > ContextUtils.storeMaps() ( exec ContextUtils.getMAPProperty() ) method
> > invoked from the MAPCodec interceptor but this interceptor is still in
> > PRE_PROTOCOL phase, so now it is not being triggered before the
> > SecureConversationInInterceptor which is now in PRE_STREAM.
> >
> > Is it something wrong with .NET integration in CXF or I am missing
> something
> > in the configuration?
> >
> > Thanks,
> > Freddy
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > --
> > View this message in context:
> http://cxf.547215.n5.nabble.com/WS-SecureConversation-not-working-with-NET-client-tp5747626.html
> > Sent from the cxf-user mailing list archive at Nabble.com.
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: WS-SecureConversation not working with .NET client
Posted by Daniel Kulp <dk...@apache.org>.
I know on 3.0.x, this change was needed to support the new StAX based WS-Security processing. We needed to know up front which type of crypto’s and such we need to setup for the stax code to use. Not sure why this was needed on 2.7.x. Colm is on vacation this week so I’ll have to wait for him to get back to follow up about that.
I just pushed some changes (to all three branches) that will detect this case and if the action isn’t there will add an additional interceptor to the chain to handle things later after the WS-Addressing stuff has been parsed. On 3.0.x, this will also then turn off the StAX based ws-security processing and use the DOM based processing. Not ideal, but it should at least allow this to work until I can chat with Colm about this a bit more.
Dan
On Aug 11, 2014, at 4:51 PM, Freddy Exposito <ex...@gmail.com> wrote:
> Hi,
>
> I have a .NET client trying to do WS-SecureConversation against a CXF
> Service and it is not working. It was working fine until this commit
> 8c40b37ab7fd41482ea4f1e42b4993703ee6be29
> <https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=8c40b37ab7fd41482ea4f1e42b4993703ee6be29>
> where the SecureConversationInInterceptor was moved from PRE_PROTOCOL to
> PRE_STREAM phase.
>
> What is failing for me now is that the SecureConversationInInterceptor is
> not able to get the addressing properties
> JAXWSAConstants.SERVER_ADDRESSING_PROPERTIES_INBOUND required to 'get' the
> SoapAction when dealing with "//MS/WCF".
>
> What I believe is happening is that this properties is set in the
> ContextUtils.storeMaps() ( exec ContextUtils.getMAPProperty() ) method
> invoked from the MAPCodec interceptor but this interceptor is still in
> PRE_PROTOCOL phase, so now it is not being triggered before the
> SecureConversationInInterceptor which is now in PRE_STREAM.
>
> Is it something wrong with .NET integration in CXF or I am missing something
> in the configuration?
>
> Thanks,
> Freddy
>
>
>
>
>
>
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/WS-SecureConversation-not-working-with-NET-client-tp5747626.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com