You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by Colm O hEigeartaigh <co...@apache.org> on 2014/10/08 15:04:27 UTC
Re: Error while testing secured proxy service.
Getting to this a bit late but...you need to change the action to also
include a timestamp. e.g.:
<entry key="action" value="Timestamp UsernameToken"/>
Colm.
On Fri, Jul 4, 2014 at 7:36 AM, Royamit <am...@gmail.com> wrote:
> Hi all,
>
> I have been trying to implement authentication to proxy example provided in
> the apache camel bundle. So i have implemented interceptors on the
> camel-config file as:
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:camel="http://camel.apache.org/schema/spring"
> xmlns:cxf="http://camel.apache.org/schema/cxf"
> xmlns:context="http://www.springframework.org/schema/context"
> xsi:schemaLocation="
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd
> http://www.springframework.org/schema/context
> http://www.springframework.org/schema/context/spring-context.xsd
> http://camel.apache.org/schema/spring
> http://camel.apache.org/schema/spring/camel-spring.xsd
> http://camel.apache.org/schema/cxf
> http://camel.apache.org/schema/cxf/camel-cxf.xsd">
>
>
> <context:property-placeholder
> location="classpath:incident.properties,file:target/custom.properties"
> ignore-resource-not-found="true"/>
>
>
>
> <bean id="realWebService"
> class="org.apache.camel.example.cxf.proxy.RealWebServiceBean"
> init-method="start" destroy-method="stop">
>
> <property name="url"
> value="http://localhost:${real.port}/real-webservice"/>
> </bean>
>
>
> <bean id="enrichBean"
> class="org.apache.camel.example.cxf.proxy.EnrichBean"/>
>
> <bean id="loggingOutInterceptor"
> class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
> <bean id="loggingInInterceptor"
> class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
>
> <bean id="wss4jInInterceptor"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="UsernameToken"/>
> <entry key="passwordType" value="PasswordText"/>
> <entry key="passwordCallbackClass"
> value="org.apache.camel.example.cxf.proxy.UTPasswordCallback"/>
> </map>
> </constructor-arg>
> </bean>
>
> *
> <cxf:cxfEndpoint id="reportIncident"
>
> address="http://localhost:
> ${proxy.port}/camel-example-cxf-proxy/webservices/incident"
> endpointName="s:ReportIncidentEndpoint"
> serviceName="s:ReportIncidentEndpointService"
> wsdlURL="etc/report_incident.wsdl"
> xmlns:s="
> http://reportincident.example.camel.apache.org">
> <cxf:inInterceptors>
> <ref bean="loggingInInterceptor"/>
> <ref bean="wss4jInInterceptor"/>
> </cxf:inInterceptors>
> <cxf:outInterceptors>
> <ref bean="loggingOutInterceptor"/>
> </cxf:outInterceptors>
> </cxf:cxfEndpoint>*
>
>
>
> <camelContext xmlns="http://camel.apache.org/schema/spring">
>
>
> <propertyPlaceholder id="properties"
> location="classpath:incident.properties,file:target/custom.properties"/>
>
> <endpoint id="callRealWebService"
> uri="http://localhost:
> ${real.port}/real-webservice?throwExceptionOnFailure=false"/>
>
> <route>
>
> <from uri="cxf:bean:reportIncident?dataFormat=MESSAGE"/>
>
> <to uri="log:input"/>
>
> <to uri="bean:enrichBean"/>
>
> <to ref="callRealWebService"/>
>
> <to uri="log:output"/>
> </route>
>
> </camelContext>
>
> </beans>
>
>
> Now i do mvn compile and then mvn camel:run and my proxy service is
> accesible on port 9080.
>
> When i try to test this proxy service using soapui with the following
> request :
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/
> "
> xmlns:rep="http://reportincident.example.camel.apache.org">
> <soapenv:Header>
> <wsse:Security
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> soap:mustUnderstand="1">
> <wsu:Timestamp
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="Timestamp-2">
>
> <wsu:Created>2010-07-14T09:40:29.637Z</wsu:Created>
>
> <wsu:Expires>2010-07-14T09:45:29.637Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="UsernameToken-1">
>
> <wsse:Username>charles</wsse:Username>
> <wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">charlespassword</wsse:Password>
> <wsse:Nonce
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> ">WsMNSm/C4dzdPS3OhUi94Q==</wsse:Nonce>
>
> <wsu:Created>2010-07-14T09:40:29.637Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body>
> <rep:inputReportIncident>
> <incidentId></incidentId>
> <incidentDate>2011-11-18</incidentDate>
> <givenName>Bob</givenName>
> <familyName>Smith</familyName>
> <summary>Bla bla</summary>
> <details>More bla</details>
> davsclaus@apache.org
> <phone>12345678</phone>
> </rep:inputReportIncident>
> </soapenv:Body>
> </soapenv:Envelope>
>
> I get the following error as:
> Fri Jul 04 11:26:19 IST 2014 Inside UTPasswordCallback()-->
> UTPasswordCallback Class
> 2014-07-04 11:26:22,188 [qtp12803765-33 ] WARN WSS4JInInterceptor
> - Security processing
> failed (actions mismatch)
> 2014-07-04 11:26:22,267 [qtp12803765-33 ] WARN WSS4JInInterceptor
> -
> org.apache.ws.security.WSSecurityException: An error was discovered
> processing the <wsse:Security> h
> eader
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:
> 354)
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java
> :310)
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java
> :95)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> at
>
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:1
> 21)
> at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestinat
> ion.java:355)
> at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.j
> ava:319)
> at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
> at
>
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1088)
> at
>
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1024)
> at
>
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> at
>
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection
> .java:255)
> at
>
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> at
>
> org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java
> :494)
> at
>
> org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
> at
>
> org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnec
> tion.java:1043)
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
> at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
> at
>
> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
> at
>
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)
> at
>
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
> at
>
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
> at
>
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
> at java.lang.Thread.run(Thread.java:722)
> 2014-07-04 11:26:22,319 [qtp12803765-33 ] WARN PhaseInterceptorChain
> - Interceptor for {ht
> tp://reportincident.example.camel.apache.org}ReportIncidentEndpointService
> has thrown exception, unw
> inding now
> org.apache.cxf.binding.soap.SoapFault: An error was discovered processing
> the <wsse:Security> header
> .
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.ja
> va:844)
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java
> :327)
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java
> :95)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
> at
>
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:1
> 21)
> at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestinat
> ion.java:355)
> at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.j
> ava:319)
> at
>
> org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
> at
>
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1088)
> at
>
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1024)
> at
>
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> at
>
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection
> .java:255)
> at
>
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> at
>
> org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java
> :494)
> at
>
> org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
> at
>
> org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnec
> tion.java:1043)
> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
> at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
> at
>
> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
> at
>
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)
> at
>
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
> at
>
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
> at
>
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
> at java.lang.Thread.run(Thread.java:722)
> Caused by: org.apache.ws.security.WSSecurityException: An error was
> discovered processing the <wsse:
> Security> header
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:
> 354)
> at
>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java
> :310)
> ... 23 more
>
> I am not sure what i am doing wrong? Please suggest what is missing. Thanks
> in advance.
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/Error-while-testing-secured-proxy-service-tp5753316.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com