You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Sunil Bapat <su...@gmail.com> on 2012/10/04 19:30:33 UTC
TransportBinding and SignatureConfirmation
I am working on writing a client to a web service using CXF 2.6.2. The
service has a security policy which uses TransportBinding with SAML
EndorsingSupportingTokens. The policy also requires Signature Confirmation
(<sp:RequireSignatureConfirmation/>).
What is happening is that the client calls the service correctly with the
required security elements. The response from the server contains a
Signature Confirmation element, and the response fails with the error:
Received a SignatureConfirmation element, but there are no stored signature
values
Debugging through the CXF code, here's what is happening:
- After configuring the client, the WSS11Builder calls
setRequireSignatureConfirmation(true) based on the policy.
- In the constructor of AbstractBindingBuilder, it initializes the
signatures array property with an empty array, and puts it in the message
as follows:
message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
- In the TransportBindingHandler.handleEndorsingToken (line 300), it calls
addSig, which eventually calls the doSignature. However, the signature is
never added to the signatures array. (SymmetricBindingHandler and
AsymmetricBindingHandler do a signatures.add)
- As a result when the service response comes to the WSS4JInInterceptor, it
calls checkSignatureConfirmation in WSHandler, which retrieves the
savedSignatures using
List<byte[]> savedSignatures =
(List<byte[]>) getProperty(reqData.getMsgContext(),
WSHandlerConstants.SEND_SIGV);
- This array is empty, since the signature was never added by
TransportBindingHandler. Therefore it throws the above exception.
The question is - is this a bug, or is it by design that the
SignatureConfirmation does not work with TransportBinding, and that they
are not allowed together?
Thanks
Sunil.
Re: TransportBinding and SignatureConfirmation
Posted by Jason Pell <ja...@pellcorp.com>.
oops sorry wrong topic!
On Tue, Oct 23, 2012 at 1:19 PM, Jason Pell <ja...@pellcorp.com> wrote:
> https://issues.apache.org/jira/browse/CXF-4595
>
> I will attach a test case to prove the issue asap
>
> On Sat, Oct 20, 2012 at 6:26 AM, Sunil Bapat <su...@gmail.com> wrote:
>> I was able to successfully build it.
>>
>> The issue and the patch is at https://issues.apache.org/jira/browse/CXF-4587.
>>
>> Thanks for all the help.
>> Sunil.
>>
>>
>> On Wed, Oct 10, 2012 at 6:24 PM, <ja...@gmail.com> wrote:
>>> I can't get a successful build without using -Pfastinstall behind a proxy
>>> server.
>>>
>>> Sent from my Galaxy S2
>>> On Oct 11, 2012 12:54 AM, "Sunil Bapat" <su...@gmail.com> wrote:
>>>
>>>> I built in the project root. I am using Oracle Java version 1.6.0_31
>>>> using Maven 3.0.4.
>>>> I am not on a VM, but behind a proxy server. Wondering if that could
>>>> be causing the issues. I will try outside the proxy server and see if
>>>> it is any better.
>>>>
>>>> Thanks
>>>> Sunil.
>>>>
>>>>
>>>> On Wed, Oct 10, 2012 at 3:21 AM, <ja...@gmail.com> wrote:
>>>> > Speak of the devil while trying to build at work systests/ws-rm fails as
>>>> > soon as I on train connected to internet via my phones wifi hotspot no
>>>> > problems!
>>>> >
>>>> > Sent from my Galaxy S2
>>>> > On Oct 10, 2012 5:27 PM, "Jason Pell" <ja...@pellcorp.com> wrote:
>>>> >
>>>> >> The trunk build should build successfully. A few things that might
>>>> >> cause issues:
>>>> >>
>>>> >> You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
>>>> >> least that's my experience)
>>>> >> If you are behind a corporate proxy server you may have problems - my
>>>> >> experience again
>>>> >> If you are building inside of a VMWARE image you may also have
>>>> problems.
>>>> >>
>>>> >> See the problems I had, and the solution was to run outside of vmware
>>>> >>
>>>> >> http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
>>>> >>
>>>> >>
>>>> >> On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com>
>>>> >> wrote:
>>>> >> > Hi,
>>>> >> >
>>>> >> > A quick question, did you build from the project root or just a
>>>> module?
>>>> >> >
>>>> >> > -------------
>>>> >> > Freeman Fang
>>>> >> >
>>>> >> > Red Hat, Inc.
>>>> >> > FuseSource is now part of Red Hat
>>>> >> > Web: http://fusesource.com | http://www.redhat.com/
>>>> >> > Twitter: freemanfang
>>>> >> > Blog: http://freemanfang.blogspot.com
>>>> >> > http://blog.sina.com.cn/u/1473905042
>>>> >> > weibo: http://weibo.com/u/1473905042
>>>> >> >
>>>> >> > On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
>>>> >> >
>>>> >> >> Sure. I can try submitting the bug and a patch.
>>>> >> >>
>>>> >> >> I downloaded the trunk code, and tried to build without making any
>>>> >> >> changes. I am getting test failures. Are they
>>>> >> >>
>>>> >> >> expected? Is there any other setup required other than what is
>>>> >> >> described at http://cxf.apache.org/building.html?
>>>> >> >>
>>>> >> >> Maybe I am missing something.
>>>> >> >>
>>>> >> >> The test failures are:
>>>> >> >>
>>>> >> >> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
>>>> >> >> creating bean with name 'greeter-service-endpoint': Cannot create
>>>> >> >> inner bean '(inner bean)' of type
>>>> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>>>> >> >> property 'serviceBean'; nested exception is
>>>> >> >> org.springframework.beans.factory.BeanCreationException: Error
>>>> >> >> creating bean with name '(inner bean)' defined in class path resource
>>>> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>>>> >> >> exception is java.lang.ExceptionInInitializerError
>>>> >> >>
>>>> >> >> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
>>>> >> >> Error creating bean with name 'greeter-service-endpoint': Cannot
>>>> >> >> create inner bean '(inner bean)' of type
>>>> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>>>> >> >> property 'serviceBean'; nested exception is
>>>> >> >> org.springframework.beans.factory.BeanCreationException: Error
>>>> >> >> creating bean with name '(inner bean)' defined in class path resource
>>>> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>>>> >> >> exception is java.lang.NoClassDefFoundError: Could not initialize
>>>> >> >> class org.apache.cxf.javascript.hwdemo.GreeterImpl
>>>> >> >>
>>>> >> >>
>>>> >> >> ...
>>>> >> >>
>>>> >> >> Inner exception is:
>>>> >> >>
>>>> >> >> Caused by: java.lang.RuntimeException: Uncompilable source code -
>>>> >> >> cannot find symbol
>>>> >> >> symbol: class Greeter
>>>> >> >> at
>>>> >>
>>>> org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
>>>> >> >> ... 53 more
>>>> >> >>
>>>> >> >>
>>>> >> >> ...
>>>> >> >>
>>>> >> >> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
>>>> >> >>
>>>> >> >> The missing Greeter class is in testutils.
>>>> >> >>
>>>> >> >> Thanks
>>>> >> >> Sunil.
>>>> >> >>
>>>> >> >>
>>>> >> >> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org>
>>>> wrote:
>>>> >> >>>
>>>> >> >>> Definitely looks like a bug to me. Any chance you can log it?
>>>> Since
>>>> >> you've already dug into there, any chance you can create a patch?
>>>> >> >>>
>>>> >> >>> Dan
>>>> >> >>>
>>>> >> >>>
>>>> >> >>>
>>>> >> >>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>>>> >> >>>
>>>> >> >>>> I am working on writing a client to a web service using CXF 2.6.2.
>>>> The
>>>> >> >>>> service has a security policy which uses TransportBinding with SAML
>>>> >> >>>> EndorsingSupportingTokens. The policy also requires Signature
>>>> >> Confirmation
>>>> >> >>>> (<sp:RequireSignatureConfirmation/>).
>>>> >> >>>>
>>>> >> >>>> What is happening is that the client calls the service correctly
>>>> with
>>>> >> the
>>>> >> >>>> required security elements. The response from the server contains a
>>>> >> >>>> Signature Confirmation element, and the response fails with the
>>>> error:
>>>> >> >>>> Received a SignatureConfirmation element, but there are no stored
>>>> >> signature
>>>> >> >>>> values
>>>> >> >>>>
>>>> >> >>>> Debugging through the CXF code, here's what is happening:
>>>> >> >>>>
>>>> >> >>>> - After configuring the client, the WSS11Builder calls
>>>> >> >>>> setRequireSignatureConfirmation(true) based on the policy.
>>>> >> >>>>
>>>> >> >>>> - In the constructor of AbstractBindingBuilder, it initializes the
>>>> >> >>>> signatures array property with an empty array, and puts it in the
>>>> >> message
>>>> >> >>>> as follows:
>>>> >> >>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>>>> >> >>>>
>>>> >> >>>> - In the TransportBindingHandler.handleEndorsingToken (line 300),
>>>> it
>>>> >> calls
>>>> >> >>>> addSig, which eventually calls the doSignature. However, the
>>>> >> signature is
>>>> >> >>>> never added to the signatures array. (SymmetricBindingHandler and
>>>> >> >>>> AsymmetricBindingHandler do a signatures.add)
>>>> >> >>>>
>>>> >> >>>> - As a result when the service response comes to the
>>>> >> WSS4JInInterceptor, it
>>>> >> >>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>>>> >> >>>> savedSignatures using
>>>> >> >>>> List<byte[]> savedSignatures =
>>>> >> >>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>>>> >> >>>> WSHandlerConstants.SEND_SIGV);
>>>> >> >>>>
>>>> >> >>>> - This array is empty, since the signature was never added by
>>>> >> >>>> TransportBindingHandler. Therefore it throws the above exception.
>>>> >> >>>>
>>>> >> >>>> The question is - is this a bug, or is it by design that the
>>>> >> >>>> SignatureConfirmation does not work with TransportBinding, and that
>>>> >> they
>>>> >> >>>> are not allowed together?
>>>> >> >>>>
>>>> >> >>>> Thanks
>>>> >> >>>> Sunil.
>>>> >> >>>
>>>> >> >>> --
>>>> >> >>> Daniel Kulp
>>>> >> >>> dkulp@apache.org - http://dankulp.com/blog
>>>> >> >>> Talend Community Coder - http://coders.talend.com
>>>> >> >>>
>>>> >> >
>>>> >>
>>>>
Re: TransportBinding and SignatureConfirmation
Posted by Jason Pell <ja...@pellcorp.com>.
https://issues.apache.org/jira/browse/CXF-4595
I will attach a test case to prove the issue asap
On Sat, Oct 20, 2012 at 6:26 AM, Sunil Bapat <su...@gmail.com> wrote:
> I was able to successfully build it.
>
> The issue and the patch is at https://issues.apache.org/jira/browse/CXF-4587.
>
> Thanks for all the help.
> Sunil.
>
>
> On Wed, Oct 10, 2012 at 6:24 PM, <ja...@gmail.com> wrote:
>> I can't get a successful build without using -Pfastinstall behind a proxy
>> server.
>>
>> Sent from my Galaxy S2
>> On Oct 11, 2012 12:54 AM, "Sunil Bapat" <su...@gmail.com> wrote:
>>
>>> I built in the project root. I am using Oracle Java version 1.6.0_31
>>> using Maven 3.0.4.
>>> I am not on a VM, but behind a proxy server. Wondering if that could
>>> be causing the issues. I will try outside the proxy server and see if
>>> it is any better.
>>>
>>> Thanks
>>> Sunil.
>>>
>>>
>>> On Wed, Oct 10, 2012 at 3:21 AM, <ja...@gmail.com> wrote:
>>> > Speak of the devil while trying to build at work systests/ws-rm fails as
>>> > soon as I on train connected to internet via my phones wifi hotspot no
>>> > problems!
>>> >
>>> > Sent from my Galaxy S2
>>> > On Oct 10, 2012 5:27 PM, "Jason Pell" <ja...@pellcorp.com> wrote:
>>> >
>>> >> The trunk build should build successfully. A few things that might
>>> >> cause issues:
>>> >>
>>> >> You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
>>> >> least that's my experience)
>>> >> If you are behind a corporate proxy server you may have problems - my
>>> >> experience again
>>> >> If you are building inside of a VMWARE image you may also have
>>> problems.
>>> >>
>>> >> See the problems I had, and the solution was to run outside of vmware
>>> >>
>>> >> http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
>>> >>
>>> >>
>>> >> On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com>
>>> >> wrote:
>>> >> > Hi,
>>> >> >
>>> >> > A quick question, did you build from the project root or just a
>>> module?
>>> >> >
>>> >> > -------------
>>> >> > Freeman Fang
>>> >> >
>>> >> > Red Hat, Inc.
>>> >> > FuseSource is now part of Red Hat
>>> >> > Web: http://fusesource.com | http://www.redhat.com/
>>> >> > Twitter: freemanfang
>>> >> > Blog: http://freemanfang.blogspot.com
>>> >> > http://blog.sina.com.cn/u/1473905042
>>> >> > weibo: http://weibo.com/u/1473905042
>>> >> >
>>> >> > On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
>>> >> >
>>> >> >> Sure. I can try submitting the bug and a patch.
>>> >> >>
>>> >> >> I downloaded the trunk code, and tried to build without making any
>>> >> >> changes. I am getting test failures. Are they
>>> >> >>
>>> >> >> expected? Is there any other setup required other than what is
>>> >> >> described at http://cxf.apache.org/building.html?
>>> >> >>
>>> >> >> Maybe I am missing something.
>>> >> >>
>>> >> >> The test failures are:
>>> >> >>
>>> >> >> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
>>> >> >> creating bean with name 'greeter-service-endpoint': Cannot create
>>> >> >> inner bean '(inner bean)' of type
>>> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>>> >> >> property 'serviceBean'; nested exception is
>>> >> >> org.springframework.beans.factory.BeanCreationException: Error
>>> >> >> creating bean with name '(inner bean)' defined in class path resource
>>> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>>> >> >> exception is java.lang.ExceptionInInitializerError
>>> >> >>
>>> >> >> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
>>> >> >> Error creating bean with name 'greeter-service-endpoint': Cannot
>>> >> >> create inner bean '(inner bean)' of type
>>> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>>> >> >> property 'serviceBean'; nested exception is
>>> >> >> org.springframework.beans.factory.BeanCreationException: Error
>>> >> >> creating bean with name '(inner bean)' defined in class path resource
>>> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>>> >> >> exception is java.lang.NoClassDefFoundError: Could not initialize
>>> >> >> class org.apache.cxf.javascript.hwdemo.GreeterImpl
>>> >> >>
>>> >> >>
>>> >> >> ...
>>> >> >>
>>> >> >> Inner exception is:
>>> >> >>
>>> >> >> Caused by: java.lang.RuntimeException: Uncompilable source code -
>>> >> >> cannot find symbol
>>> >> >> symbol: class Greeter
>>> >> >> at
>>> >>
>>> org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
>>> >> >> ... 53 more
>>> >> >>
>>> >> >>
>>> >> >> ...
>>> >> >>
>>> >> >> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
>>> >> >>
>>> >> >> The missing Greeter class is in testutils.
>>> >> >>
>>> >> >> Thanks
>>> >> >> Sunil.
>>> >> >>
>>> >> >>
>>> >> >> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org>
>>> wrote:
>>> >> >>>
>>> >> >>> Definitely looks like a bug to me. Any chance you can log it?
>>> Since
>>> >> you've already dug into there, any chance you can create a patch?
>>> >> >>>
>>> >> >>> Dan
>>> >> >>>
>>> >> >>>
>>> >> >>>
>>> >> >>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>>> >> >>>
>>> >> >>>> I am working on writing a client to a web service using CXF 2.6.2.
>>> The
>>> >> >>>> service has a security policy which uses TransportBinding with SAML
>>> >> >>>> EndorsingSupportingTokens. The policy also requires Signature
>>> >> Confirmation
>>> >> >>>> (<sp:RequireSignatureConfirmation/>).
>>> >> >>>>
>>> >> >>>> What is happening is that the client calls the service correctly
>>> with
>>> >> the
>>> >> >>>> required security elements. The response from the server contains a
>>> >> >>>> Signature Confirmation element, and the response fails with the
>>> error:
>>> >> >>>> Received a SignatureConfirmation element, but there are no stored
>>> >> signature
>>> >> >>>> values
>>> >> >>>>
>>> >> >>>> Debugging through the CXF code, here's what is happening:
>>> >> >>>>
>>> >> >>>> - After configuring the client, the WSS11Builder calls
>>> >> >>>> setRequireSignatureConfirmation(true) based on the policy.
>>> >> >>>>
>>> >> >>>> - In the constructor of AbstractBindingBuilder, it initializes the
>>> >> >>>> signatures array property with an empty array, and puts it in the
>>> >> message
>>> >> >>>> as follows:
>>> >> >>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>>> >> >>>>
>>> >> >>>> - In the TransportBindingHandler.handleEndorsingToken (line 300),
>>> it
>>> >> calls
>>> >> >>>> addSig, which eventually calls the doSignature. However, the
>>> >> signature is
>>> >> >>>> never added to the signatures array. (SymmetricBindingHandler and
>>> >> >>>> AsymmetricBindingHandler do a signatures.add)
>>> >> >>>>
>>> >> >>>> - As a result when the service response comes to the
>>> >> WSS4JInInterceptor, it
>>> >> >>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>>> >> >>>> savedSignatures using
>>> >> >>>> List<byte[]> savedSignatures =
>>> >> >>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>>> >> >>>> WSHandlerConstants.SEND_SIGV);
>>> >> >>>>
>>> >> >>>> - This array is empty, since the signature was never added by
>>> >> >>>> TransportBindingHandler. Therefore it throws the above exception.
>>> >> >>>>
>>> >> >>>> The question is - is this a bug, or is it by design that the
>>> >> >>>> SignatureConfirmation does not work with TransportBinding, and that
>>> >> they
>>> >> >>>> are not allowed together?
>>> >> >>>>
>>> >> >>>> Thanks
>>> >> >>>> Sunil.
>>> >> >>>
>>> >> >>> --
>>> >> >>> Daniel Kulp
>>> >> >>> dkulp@apache.org - http://dankulp.com/blog
>>> >> >>> Talend Community Coder - http://coders.talend.com
>>> >> >>>
>>> >> >
>>> >>
>>>
Re: TransportBinding and SignatureConfirmation
Posted by Sunil Bapat <su...@gmail.com>.
I was able to successfully build it.
The issue and the patch is at https://issues.apache.org/jira/browse/CXF-4587.
Thanks for all the help.
Sunil.
On Wed, Oct 10, 2012 at 6:24 PM, <ja...@gmail.com> wrote:
> I can't get a successful build without using -Pfastinstall behind a proxy
> server.
>
> Sent from my Galaxy S2
> On Oct 11, 2012 12:54 AM, "Sunil Bapat" <su...@gmail.com> wrote:
>
>> I built in the project root. I am using Oracle Java version 1.6.0_31
>> using Maven 3.0.4.
>> I am not on a VM, but behind a proxy server. Wondering if that could
>> be causing the issues. I will try outside the proxy server and see if
>> it is any better.
>>
>> Thanks
>> Sunil.
>>
>>
>> On Wed, Oct 10, 2012 at 3:21 AM, <ja...@gmail.com> wrote:
>> > Speak of the devil while trying to build at work systests/ws-rm fails as
>> > soon as I on train connected to internet via my phones wifi hotspot no
>> > problems!
>> >
>> > Sent from my Galaxy S2
>> > On Oct 10, 2012 5:27 PM, "Jason Pell" <ja...@pellcorp.com> wrote:
>> >
>> >> The trunk build should build successfully. A few things that might
>> >> cause issues:
>> >>
>> >> You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
>> >> least that's my experience)
>> >> If you are behind a corporate proxy server you may have problems - my
>> >> experience again
>> >> If you are building inside of a VMWARE image you may also have
>> problems.
>> >>
>> >> See the problems I had, and the solution was to run outside of vmware
>> >>
>> >> http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
>> >>
>> >>
>> >> On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com>
>> >> wrote:
>> >> > Hi,
>> >> >
>> >> > A quick question, did you build from the project root or just a
>> module?
>> >> >
>> >> > -------------
>> >> > Freeman Fang
>> >> >
>> >> > Red Hat, Inc.
>> >> > FuseSource is now part of Red Hat
>> >> > Web: http://fusesource.com | http://www.redhat.com/
>> >> > Twitter: freemanfang
>> >> > Blog: http://freemanfang.blogspot.com
>> >> > http://blog.sina.com.cn/u/1473905042
>> >> > weibo: http://weibo.com/u/1473905042
>> >> >
>> >> > On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
>> >> >
>> >> >> Sure. I can try submitting the bug and a patch.
>> >> >>
>> >> >> I downloaded the trunk code, and tried to build without making any
>> >> >> changes. I am getting test failures. Are they
>> >> >>
>> >> >> expected? Is there any other setup required other than what is
>> >> >> described at http://cxf.apache.org/building.html?
>> >> >>
>> >> >> Maybe I am missing something.
>> >> >>
>> >> >> The test failures are:
>> >> >>
>> >> >> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
>> >> >> creating bean with name 'greeter-service-endpoint': Cannot create
>> >> >> inner bean '(inner bean)' of type
>> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>> >> >> property 'serviceBean'; nested exception is
>> >> >> org.springframework.beans.factory.BeanCreationException: Error
>> >> >> creating bean with name '(inner bean)' defined in class path resource
>> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>> >> >> exception is java.lang.ExceptionInInitializerError
>> >> >>
>> >> >> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
>> >> >> Error creating bean with name 'greeter-service-endpoint': Cannot
>> >> >> create inner bean '(inner bean)' of type
>> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>> >> >> property 'serviceBean'; nested exception is
>> >> >> org.springframework.beans.factory.BeanCreationException: Error
>> >> >> creating bean with name '(inner bean)' defined in class path resource
>> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>> >> >> exception is java.lang.NoClassDefFoundError: Could not initialize
>> >> >> class org.apache.cxf.javascript.hwdemo.GreeterImpl
>> >> >>
>> >> >>
>> >> >> ...
>> >> >>
>> >> >> Inner exception is:
>> >> >>
>> >> >> Caused by: java.lang.RuntimeException: Uncompilable source code -
>> >> >> cannot find symbol
>> >> >> symbol: class Greeter
>> >> >> at
>> >>
>> org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
>> >> >> ... 53 more
>> >> >>
>> >> >>
>> >> >> ...
>> >> >>
>> >> >> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
>> >> >>
>> >> >> The missing Greeter class is in testutils.
>> >> >>
>> >> >> Thanks
>> >> >> Sunil.
>> >> >>
>> >> >>
>> >> >> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org>
>> wrote:
>> >> >>>
>> >> >>> Definitely looks like a bug to me. Any chance you can log it?
>> Since
>> >> you've already dug into there, any chance you can create a patch?
>> >> >>>
>> >> >>> Dan
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>> >> >>>
>> >> >>>> I am working on writing a client to a web service using CXF 2.6.2.
>> The
>> >> >>>> service has a security policy which uses TransportBinding with SAML
>> >> >>>> EndorsingSupportingTokens. The policy also requires Signature
>> >> Confirmation
>> >> >>>> (<sp:RequireSignatureConfirmation/>).
>> >> >>>>
>> >> >>>> What is happening is that the client calls the service correctly
>> with
>> >> the
>> >> >>>> required security elements. The response from the server contains a
>> >> >>>> Signature Confirmation element, and the response fails with the
>> error:
>> >> >>>> Received a SignatureConfirmation element, but there are no stored
>> >> signature
>> >> >>>> values
>> >> >>>>
>> >> >>>> Debugging through the CXF code, here's what is happening:
>> >> >>>>
>> >> >>>> - After configuring the client, the WSS11Builder calls
>> >> >>>> setRequireSignatureConfirmation(true) based on the policy.
>> >> >>>>
>> >> >>>> - In the constructor of AbstractBindingBuilder, it initializes the
>> >> >>>> signatures array property with an empty array, and puts it in the
>> >> message
>> >> >>>> as follows:
>> >> >>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>> >> >>>>
>> >> >>>> - In the TransportBindingHandler.handleEndorsingToken (line 300),
>> it
>> >> calls
>> >> >>>> addSig, which eventually calls the doSignature. However, the
>> >> signature is
>> >> >>>> never added to the signatures array. (SymmetricBindingHandler and
>> >> >>>> AsymmetricBindingHandler do a signatures.add)
>> >> >>>>
>> >> >>>> - As a result when the service response comes to the
>> >> WSS4JInInterceptor, it
>> >> >>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>> >> >>>> savedSignatures using
>> >> >>>> List<byte[]> savedSignatures =
>> >> >>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>> >> >>>> WSHandlerConstants.SEND_SIGV);
>> >> >>>>
>> >> >>>> - This array is empty, since the signature was never added by
>> >> >>>> TransportBindingHandler. Therefore it throws the above exception.
>> >> >>>>
>> >> >>>> The question is - is this a bug, or is it by design that the
>> >> >>>> SignatureConfirmation does not work with TransportBinding, and that
>> >> they
>> >> >>>> are not allowed together?
>> >> >>>>
>> >> >>>> Thanks
>> >> >>>> Sunil.
>> >> >>>
>> >> >>> --
>> >> >>> Daniel Kulp
>> >> >>> dkulp@apache.org - http://dankulp.com/blog
>> >> >>> Talend Community Coder - http://coders.talend.com
>> >> >>>
>> >> >
>> >>
>>
Re: TransportBinding and SignatureConfirmation
Posted by ja...@gmail.com.
I can't get a successful build without using -Pfastinstall behind a proxy
server.
Sent from my Galaxy S2
On Oct 11, 2012 12:54 AM, "Sunil Bapat" <su...@gmail.com> wrote:
> I built in the project root. I am using Oracle Java version 1.6.0_31
> using Maven 3.0.4.
> I am not on a VM, but behind a proxy server. Wondering if that could
> be causing the issues. I will try outside the proxy server and see if
> it is any better.
>
> Thanks
> Sunil.
>
>
> On Wed, Oct 10, 2012 at 3:21 AM, <ja...@gmail.com> wrote:
> > Speak of the devil while trying to build at work systests/ws-rm fails as
> > soon as I on train connected to internet via my phones wifi hotspot no
> > problems!
> >
> > Sent from my Galaxy S2
> > On Oct 10, 2012 5:27 PM, "Jason Pell" <ja...@pellcorp.com> wrote:
> >
> >> The trunk build should build successfully. A few things that might
> >> cause issues:
> >>
> >> You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
> >> least that's my experience)
> >> If you are behind a corporate proxy server you may have problems - my
> >> experience again
> >> If you are building inside of a VMWARE image you may also have
> problems.
> >>
> >> See the problems I had, and the solution was to run outside of vmware
> >>
> >> http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
> >>
> >>
> >> On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com>
> >> wrote:
> >> > Hi,
> >> >
> >> > A quick question, did you build from the project root or just a
> module?
> >> >
> >> > -------------
> >> > Freeman Fang
> >> >
> >> > Red Hat, Inc.
> >> > FuseSource is now part of Red Hat
> >> > Web: http://fusesource.com | http://www.redhat.com/
> >> > Twitter: freemanfang
> >> > Blog: http://freemanfang.blogspot.com
> >> > http://blog.sina.com.cn/u/1473905042
> >> > weibo: http://weibo.com/u/1473905042
> >> >
> >> > On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
> >> >
> >> >> Sure. I can try submitting the bug and a patch.
> >> >>
> >> >> I downloaded the trunk code, and tried to build without making any
> >> >> changes. I am getting test failures. Are they
> >> >>
> >> >> expected? Is there any other setup required other than what is
> >> >> described at http://cxf.apache.org/building.html?
> >> >>
> >> >> Maybe I am missing something.
> >> >>
> >> >> The test failures are:
> >> >>
> >> >> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
> >> >> creating bean with name 'greeter-service-endpoint': Cannot create
> >> >> inner bean '(inner bean)' of type
> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
> >> >> property 'serviceBean'; nested exception is
> >> >> org.springframework.beans.factory.BeanCreationException: Error
> >> >> creating bean with name '(inner bean)' defined in class path resource
> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
> >> >> exception is java.lang.ExceptionInInitializerError
> >> >>
> >> >> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
> >> >> Error creating bean with name 'greeter-service-endpoint': Cannot
> >> >> create inner bean '(inner bean)' of type
> >> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
> >> >> property 'serviceBean'; nested exception is
> >> >> org.springframework.beans.factory.BeanCreationException: Error
> >> >> creating bean with name '(inner bean)' defined in class path resource
> >> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
> >> >> exception is java.lang.NoClassDefFoundError: Could not initialize
> >> >> class org.apache.cxf.javascript.hwdemo.GreeterImpl
> >> >>
> >> >>
> >> >> ...
> >> >>
> >> >> Inner exception is:
> >> >>
> >> >> Caused by: java.lang.RuntimeException: Uncompilable source code -
> >> >> cannot find symbol
> >> >> symbol: class Greeter
> >> >> at
> >>
> org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
> >> >> ... 53 more
> >> >>
> >> >>
> >> >> ...
> >> >>
> >> >> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
> >> >>
> >> >> The missing Greeter class is in testutils.
> >> >>
> >> >> Thanks
> >> >> Sunil.
> >> >>
> >> >>
> >> >> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org>
> wrote:
> >> >>>
> >> >>> Definitely looks like a bug to me. Any chance you can log it?
> Since
> >> you've already dug into there, any chance you can create a patch?
> >> >>>
> >> >>> Dan
> >> >>>
> >> >>>
> >> >>>
> >> >>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
> >> >>>
> >> >>>> I am working on writing a client to a web service using CXF 2.6.2.
> The
> >> >>>> service has a security policy which uses TransportBinding with SAML
> >> >>>> EndorsingSupportingTokens. The policy also requires Signature
> >> Confirmation
> >> >>>> (<sp:RequireSignatureConfirmation/>).
> >> >>>>
> >> >>>> What is happening is that the client calls the service correctly
> with
> >> the
> >> >>>> required security elements. The response from the server contains a
> >> >>>> Signature Confirmation element, and the response fails with the
> error:
> >> >>>> Received a SignatureConfirmation element, but there are no stored
> >> signature
> >> >>>> values
> >> >>>>
> >> >>>> Debugging through the CXF code, here's what is happening:
> >> >>>>
> >> >>>> - After configuring the client, the WSS11Builder calls
> >> >>>> setRequireSignatureConfirmation(true) based on the policy.
> >> >>>>
> >> >>>> - In the constructor of AbstractBindingBuilder, it initializes the
> >> >>>> signatures array property with an empty array, and puts it in the
> >> message
> >> >>>> as follows:
> >> >>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
> >> >>>>
> >> >>>> - In the TransportBindingHandler.handleEndorsingToken (line 300),
> it
> >> calls
> >> >>>> addSig, which eventually calls the doSignature. However, the
> >> signature is
> >> >>>> never added to the signatures array. (SymmetricBindingHandler and
> >> >>>> AsymmetricBindingHandler do a signatures.add)
> >> >>>>
> >> >>>> - As a result when the service response comes to the
> >> WSS4JInInterceptor, it
> >> >>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
> >> >>>> savedSignatures using
> >> >>>> List<byte[]> savedSignatures =
> >> >>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
> >> >>>> WSHandlerConstants.SEND_SIGV);
> >> >>>>
> >> >>>> - This array is empty, since the signature was never added by
> >> >>>> TransportBindingHandler. Therefore it throws the above exception.
> >> >>>>
> >> >>>> The question is - is this a bug, or is it by design that the
> >> >>>> SignatureConfirmation does not work with TransportBinding, and that
> >> they
> >> >>>> are not allowed together?
> >> >>>>
> >> >>>> Thanks
> >> >>>> Sunil.
> >> >>>
> >> >>> --
> >> >>> Daniel Kulp
> >> >>> dkulp@apache.org - http://dankulp.com/blog
> >> >>> Talend Community Coder - http://coders.talend.com
> >> >>>
> >> >
> >>
>
Re: TransportBinding and SignatureConfirmation
Posted by Sunil Bapat <su...@gmail.com>.
I built in the project root. I am using Oracle Java version 1.6.0_31
using Maven 3.0.4.
I am not on a VM, but behind a proxy server. Wondering if that could
be causing the issues. I will try outside the proxy server and see if
it is any better.
Thanks
Sunil.
On Wed, Oct 10, 2012 at 3:21 AM, <ja...@gmail.com> wrote:
> Speak of the devil while trying to build at work systests/ws-rm fails as
> soon as I on train connected to internet via my phones wifi hotspot no
> problems!
>
> Sent from my Galaxy S2
> On Oct 10, 2012 5:27 PM, "Jason Pell" <ja...@pellcorp.com> wrote:
>
>> The trunk build should build successfully. A few things that might
>> cause issues:
>>
>> You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
>> least that's my experience)
>> If you are behind a corporate proxy server you may have problems - my
>> experience again
>> If you are building inside of a VMWARE image you may also have problems.
>>
>> See the problems I had, and the solution was to run outside of vmware
>>
>> http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
>>
>>
>> On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com>
>> wrote:
>> > Hi,
>> >
>> > A quick question, did you build from the project root or just a module?
>> >
>> > -------------
>> > Freeman Fang
>> >
>> > Red Hat, Inc.
>> > FuseSource is now part of Red Hat
>> > Web: http://fusesource.com | http://www.redhat.com/
>> > Twitter: freemanfang
>> > Blog: http://freemanfang.blogspot.com
>> > http://blog.sina.com.cn/u/1473905042
>> > weibo: http://weibo.com/u/1473905042
>> >
>> > On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
>> >
>> >> Sure. I can try submitting the bug and a patch.
>> >>
>> >> I downloaded the trunk code, and tried to build without making any
>> >> changes. I am getting test failures. Are they
>> >>
>> >> expected? Is there any other setup required other than what is
>> >> described at http://cxf.apache.org/building.html?
>> >>
>> >> Maybe I am missing something.
>> >>
>> >> The test failures are:
>> >>
>> >> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
>> >> creating bean with name 'greeter-service-endpoint': Cannot create
>> >> inner bean '(inner bean)' of type
>> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>> >> property 'serviceBean'; nested exception is
>> >> org.springframework.beans.factory.BeanCreationException: Error
>> >> creating bean with name '(inner bean)' defined in class path resource
>> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>> >> exception is java.lang.ExceptionInInitializerError
>> >>
>> >> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
>> >> Error creating bean with name 'greeter-service-endpoint': Cannot
>> >> create inner bean '(inner bean)' of type
>> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>> >> property 'serviceBean'; nested exception is
>> >> org.springframework.beans.factory.BeanCreationException: Error
>> >> creating bean with name '(inner bean)' defined in class path resource
>> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>> >> exception is java.lang.NoClassDefFoundError: Could not initialize
>> >> class org.apache.cxf.javascript.hwdemo.GreeterImpl
>> >>
>> >>
>> >> ...
>> >>
>> >> Inner exception is:
>> >>
>> >> Caused by: java.lang.RuntimeException: Uncompilable source code -
>> >> cannot find symbol
>> >> symbol: class Greeter
>> >> at
>> org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
>> >> ... 53 more
>> >>
>> >>
>> >> ...
>> >>
>> >> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
>> >>
>> >> The missing Greeter class is in testutils.
>> >>
>> >> Thanks
>> >> Sunil.
>> >>
>> >>
>> >> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org> wrote:
>> >>>
>> >>> Definitely looks like a bug to me. Any chance you can log it? Since
>> you've already dug into there, any chance you can create a patch?
>> >>>
>> >>> Dan
>> >>>
>> >>>
>> >>>
>> >>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>> >>>
>> >>>> I am working on writing a client to a web service using CXF 2.6.2. The
>> >>>> service has a security policy which uses TransportBinding with SAML
>> >>>> EndorsingSupportingTokens. The policy also requires Signature
>> Confirmation
>> >>>> (<sp:RequireSignatureConfirmation/>).
>> >>>>
>> >>>> What is happening is that the client calls the service correctly with
>> the
>> >>>> required security elements. The response from the server contains a
>> >>>> Signature Confirmation element, and the response fails with the error:
>> >>>> Received a SignatureConfirmation element, but there are no stored
>> signature
>> >>>> values
>> >>>>
>> >>>> Debugging through the CXF code, here's what is happening:
>> >>>>
>> >>>> - After configuring the client, the WSS11Builder calls
>> >>>> setRequireSignatureConfirmation(true) based on the policy.
>> >>>>
>> >>>> - In the constructor of AbstractBindingBuilder, it initializes the
>> >>>> signatures array property with an empty array, and puts it in the
>> message
>> >>>> as follows:
>> >>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>> >>>>
>> >>>> - In the TransportBindingHandler.handleEndorsingToken (line 300), it
>> calls
>> >>>> addSig, which eventually calls the doSignature. However, the
>> signature is
>> >>>> never added to the signatures array. (SymmetricBindingHandler and
>> >>>> AsymmetricBindingHandler do a signatures.add)
>> >>>>
>> >>>> - As a result when the service response comes to the
>> WSS4JInInterceptor, it
>> >>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>> >>>> savedSignatures using
>> >>>> List<byte[]> savedSignatures =
>> >>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>> >>>> WSHandlerConstants.SEND_SIGV);
>> >>>>
>> >>>> - This array is empty, since the signature was never added by
>> >>>> TransportBindingHandler. Therefore it throws the above exception.
>> >>>>
>> >>>> The question is - is this a bug, or is it by design that the
>> >>>> SignatureConfirmation does not work with TransportBinding, and that
>> they
>> >>>> are not allowed together?
>> >>>>
>> >>>> Thanks
>> >>>> Sunil.
>> >>>
>> >>> --
>> >>> Daniel Kulp
>> >>> dkulp@apache.org - http://dankulp.com/blog
>> >>> Talend Community Coder - http://coders.talend.com
>> >>>
>> >
>>
Re: TransportBinding and SignatureConfirmation
Posted by ja...@gmail.com.
Speak of the devil while trying to build at work systests/ws-rm fails as
soon as I on train connected to internet via my phones wifi hotspot no
problems!
Sent from my Galaxy S2
On Oct 10, 2012 5:27 PM, "Jason Pell" <ja...@pellcorp.com> wrote:
> The trunk build should build successfully. A few things that might
> cause issues:
>
> You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
> least that's my experience)
> If you are behind a corporate proxy server you may have problems - my
> experience again
> If you are building inside of a VMWARE image you may also have problems.
>
> See the problems I had, and the solution was to run outside of vmware
>
> http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
>
>
> On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com>
> wrote:
> > Hi,
> >
> > A quick question, did you build from the project root or just a module?
> >
> > -------------
> > Freeman Fang
> >
> > Red Hat, Inc.
> > FuseSource is now part of Red Hat
> > Web: http://fusesource.com | http://www.redhat.com/
> > Twitter: freemanfang
> > Blog: http://freemanfang.blogspot.com
> > http://blog.sina.com.cn/u/1473905042
> > weibo: http://weibo.com/u/1473905042
> >
> > On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
> >
> >> Sure. I can try submitting the bug and a patch.
> >>
> >> I downloaded the trunk code, and tried to build without making any
> >> changes. I am getting test failures. Are they
> >>
> >> expected? Is there any other setup required other than what is
> >> described at http://cxf.apache.org/building.html?
> >>
> >> Maybe I am missing something.
> >>
> >> The test failures are:
> >>
> >> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
> >> creating bean with name 'greeter-service-endpoint': Cannot create
> >> inner bean '(inner bean)' of type
> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
> >> property 'serviceBean'; nested exception is
> >> org.springframework.beans.factory.BeanCreationException: Error
> >> creating bean with name '(inner bean)' defined in class path resource
> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
> >> exception is java.lang.ExceptionInInitializerError
> >>
> >> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
> >> Error creating bean with name 'greeter-service-endpoint': Cannot
> >> create inner bean '(inner bean)' of type
> >> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
> >> property 'serviceBean'; nested exception is
> >> org.springframework.beans.factory.BeanCreationException: Error
> >> creating bean with name '(inner bean)' defined in class path resource
> >> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
> >> exception is java.lang.NoClassDefFoundError: Could not initialize
> >> class org.apache.cxf.javascript.hwdemo.GreeterImpl
> >>
> >>
> >> ...
> >>
> >> Inner exception is:
> >>
> >> Caused by: java.lang.RuntimeException: Uncompilable source code -
> >> cannot find symbol
> >> symbol: class Greeter
> >> at
> org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
> >> ... 53 more
> >>
> >>
> >> ...
> >>
> >> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
> >>
> >> The missing Greeter class is in testutils.
> >>
> >> Thanks
> >> Sunil.
> >>
> >>
> >> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org> wrote:
> >>>
> >>> Definitely looks like a bug to me. Any chance you can log it? Since
> you've already dug into there, any chance you can create a patch?
> >>>
> >>> Dan
> >>>
> >>>
> >>>
> >>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
> >>>
> >>>> I am working on writing a client to a web service using CXF 2.6.2. The
> >>>> service has a security policy which uses TransportBinding with SAML
> >>>> EndorsingSupportingTokens. The policy also requires Signature
> Confirmation
> >>>> (<sp:RequireSignatureConfirmation/>).
> >>>>
> >>>> What is happening is that the client calls the service correctly with
> the
> >>>> required security elements. The response from the server contains a
> >>>> Signature Confirmation element, and the response fails with the error:
> >>>> Received a SignatureConfirmation element, but there are no stored
> signature
> >>>> values
> >>>>
> >>>> Debugging through the CXF code, here's what is happening:
> >>>>
> >>>> - After configuring the client, the WSS11Builder calls
> >>>> setRequireSignatureConfirmation(true) based on the policy.
> >>>>
> >>>> - In the constructor of AbstractBindingBuilder, it initializes the
> >>>> signatures array property with an empty array, and puts it in the
> message
> >>>> as follows:
> >>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
> >>>>
> >>>> - In the TransportBindingHandler.handleEndorsingToken (line 300), it
> calls
> >>>> addSig, which eventually calls the doSignature. However, the
> signature is
> >>>> never added to the signatures array. (SymmetricBindingHandler and
> >>>> AsymmetricBindingHandler do a signatures.add)
> >>>>
> >>>> - As a result when the service response comes to the
> WSS4JInInterceptor, it
> >>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
> >>>> savedSignatures using
> >>>> List<byte[]> savedSignatures =
> >>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
> >>>> WSHandlerConstants.SEND_SIGV);
> >>>>
> >>>> - This array is empty, since the signature was never added by
> >>>> TransportBindingHandler. Therefore it throws the above exception.
> >>>>
> >>>> The question is - is this a bug, or is it by design that the
> >>>> SignatureConfirmation does not work with TransportBinding, and that
> they
> >>>> are not allowed together?
> >>>>
> >>>> Thanks
> >>>> Sunil.
> >>>
> >>> --
> >>> Daniel Kulp
> >>> dkulp@apache.org - http://dankulp.com/blog
> >>> Talend Community Coder - http://coders.talend.com
> >>>
> >
>
Re: TransportBinding and SignatureConfirmation
Posted by Jason Pell <ja...@pellcorp.com>.
The trunk build should build successfully. A few things that might
cause issues:
You need to use java 6 - use the sun / oracle jdk NOT OpenJDK (at
least that's my experience)
If you are behind a corporate proxy server you may have problems - my
experience again
If you are building inside of a VMWARE image you may also have problems.
See the problems I had, and the solution was to run outside of vmware
http://cxf.547215.n5.nabble.com/building-cxf-2-6-x-fixes-td5715151.html
On Wed, Oct 10, 2012 at 5:15 PM, Freeman Fang <fr...@gmail.com> wrote:
> Hi,
>
> A quick question, did you build from the project root or just a module?
>
> -------------
> Freeman Fang
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Web: http://fusesource.com | http://www.redhat.com/
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
> http://blog.sina.com.cn/u/1473905042
> weibo: http://weibo.com/u/1473905042
>
> On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
>
>> Sure. I can try submitting the bug and a patch.
>>
>> I downloaded the trunk code, and tried to build without making any
>> changes. I am getting test failures. Are they
>>
>> expected? Is there any other setup required other than what is
>> described at http://cxf.apache.org/building.html?
>>
>> Maybe I am missing something.
>>
>> The test failures are:
>>
>> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
>> creating bean with name 'greeter-service-endpoint': Cannot create
>> inner bean '(inner bean)' of type
>> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>> property 'serviceBean'; nested exception is
>> org.springframework.beans.factory.BeanCreationException: Error
>> creating bean with name '(inner bean)' defined in class path resource
>> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>> exception is java.lang.ExceptionInInitializerError
>>
>> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
>> Error creating bean with name 'greeter-service-endpoint': Cannot
>> create inner bean '(inner bean)' of type
>> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
>> property 'serviceBean'; nested exception is
>> org.springframework.beans.factory.BeanCreationException: Error
>> creating bean with name '(inner bean)' defined in class path resource
>> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
>> exception is java.lang.NoClassDefFoundError: Could not initialize
>> class org.apache.cxf.javascript.hwdemo.GreeterImpl
>>
>>
>> ...
>>
>> Inner exception is:
>>
>> Caused by: java.lang.RuntimeException: Uncompilable source code -
>> cannot find symbol
>> symbol: class Greeter
>> at org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
>> ... 53 more
>>
>>
>> ...
>>
>> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
>>
>> The missing Greeter class is in testutils.
>>
>> Thanks
>> Sunil.
>>
>>
>> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org> wrote:
>>>
>>> Definitely looks like a bug to me. Any chance you can log it? Since you've already dug into there, any chance you can create a patch?
>>>
>>> Dan
>>>
>>>
>>>
>>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>>>
>>>> I am working on writing a client to a web service using CXF 2.6.2. The
>>>> service has a security policy which uses TransportBinding with SAML
>>>> EndorsingSupportingTokens. The policy also requires Signature Confirmation
>>>> (<sp:RequireSignatureConfirmation/>).
>>>>
>>>> What is happening is that the client calls the service correctly with the
>>>> required security elements. The response from the server contains a
>>>> Signature Confirmation element, and the response fails with the error:
>>>> Received a SignatureConfirmation element, but there are no stored signature
>>>> values
>>>>
>>>> Debugging through the CXF code, here's what is happening:
>>>>
>>>> - After configuring the client, the WSS11Builder calls
>>>> setRequireSignatureConfirmation(true) based on the policy.
>>>>
>>>> - In the constructor of AbstractBindingBuilder, it initializes the
>>>> signatures array property with an empty array, and puts it in the message
>>>> as follows:
>>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>>>>
>>>> - In the TransportBindingHandler.handleEndorsingToken (line 300), it calls
>>>> addSig, which eventually calls the doSignature. However, the signature is
>>>> never added to the signatures array. (SymmetricBindingHandler and
>>>> AsymmetricBindingHandler do a signatures.add)
>>>>
>>>> - As a result when the service response comes to the WSS4JInInterceptor, it
>>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>>>> savedSignatures using
>>>> List<byte[]> savedSignatures =
>>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>>>> WSHandlerConstants.SEND_SIGV);
>>>>
>>>> - This array is empty, since the signature was never added by
>>>> TransportBindingHandler. Therefore it throws the above exception.
>>>>
>>>> The question is - is this a bug, or is it by design that the
>>>> SignatureConfirmation does not work with TransportBinding, and that they
>>>> are not allowed together?
>>>>
>>>> Thanks
>>>> Sunil.
>>>
>>> --
>>> Daniel Kulp
>>> dkulp@apache.org - http://dankulp.com/blog
>>> Talend Community Coder - http://coders.talend.com
>>>
>
Re: TransportBinding and SignatureConfirmation
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
A quick question, did you build from the project root or just a module?
-------------
Freeman Fang
Red Hat, Inc.
FuseSource is now part of Red Hat
Web: http://fusesource.com | http://www.redhat.com/
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: http://weibo.com/u/1473905042
On 2012-10-10, at 上午3:32, Sunil Bapat wrote:
> Sure. I can try submitting the bug and a patch.
>
> I downloaded the trunk code, and tried to build without making any
> changes. I am getting test failures. Are they
>
> expected? Is there any other setup required other than what is
> described at http://cxf.apache.org/building.html?
>
> Maybe I am missing something.
>
> The test failures are:
>
> testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
> creating bean with name 'greeter-service-endpoint': Cannot create
> inner bean '(inner bean)' of type
> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
> property 'serviceBean'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name '(inner bean)' defined in class path resource
> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
> exception is java.lang.ExceptionInInitializerError
>
> testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
> Error creating bean with name 'greeter-service-endpoint': Cannot
> create inner bean '(inner bean)' of type
> [org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
> property 'serviceBean'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name '(inner bean)' defined in class path resource
> [GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
> exception is java.lang.NoClassDefFoundError: Could not initialize
> class org.apache.cxf.javascript.hwdemo.GreeterImpl
>
>
> ...
>
> Inner exception is:
>
> Caused by: java.lang.RuntimeException: Uncompilable source code -
> cannot find symbol
> symbol: class Greeter
> at org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
> ... 53 more
>
>
> ...
>
> [INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
>
> The missing Greeter class is in testutils.
>
> Thanks
> Sunil.
>
>
> On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org> wrote:
>>
>> Definitely looks like a bug to me. Any chance you can log it? Since you've already dug into there, any chance you can create a patch?
>>
>> Dan
>>
>>
>>
>> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>>
>>> I am working on writing a client to a web service using CXF 2.6.2. The
>>> service has a security policy which uses TransportBinding with SAML
>>> EndorsingSupportingTokens. The policy also requires Signature Confirmation
>>> (<sp:RequireSignatureConfirmation/>).
>>>
>>> What is happening is that the client calls the service correctly with the
>>> required security elements. The response from the server contains a
>>> Signature Confirmation element, and the response fails with the error:
>>> Received a SignatureConfirmation element, but there are no stored signature
>>> values
>>>
>>> Debugging through the CXF code, here's what is happening:
>>>
>>> - After configuring the client, the WSS11Builder calls
>>> setRequireSignatureConfirmation(true) based on the policy.
>>>
>>> - In the constructor of AbstractBindingBuilder, it initializes the
>>> signatures array property with an empty array, and puts it in the message
>>> as follows:
>>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>>>
>>> - In the TransportBindingHandler.handleEndorsingToken (line 300), it calls
>>> addSig, which eventually calls the doSignature. However, the signature is
>>> never added to the signatures array. (SymmetricBindingHandler and
>>> AsymmetricBindingHandler do a signatures.add)
>>>
>>> - As a result when the service response comes to the WSS4JInInterceptor, it
>>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>>> savedSignatures using
>>> List<byte[]> savedSignatures =
>>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>>> WSHandlerConstants.SEND_SIGV);
>>>
>>> - This array is empty, since the signature was never added by
>>> TransportBindingHandler. Therefore it throws the above exception.
>>>
>>> The question is - is this a bug, or is it by design that the
>>> SignatureConfirmation does not work with TransportBinding, and that they
>>> are not allowed together?
>>>
>>> Thanks
>>> Sunil.
>>
>> --
>> Daniel Kulp
>> dkulp@apache.org - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
>>
Re: TransportBinding and SignatureConfirmation
Posted by Sunil Bapat <su...@gmail.com>.
Sure. I can try submitting the bug and a patch.
I downloaded the trunk code, and tried to build without making any
changes. I am getting test failures. Are they
expected? Is there any other setup required other than what is
described at http://cxf.apache.org/building.html?
Maybe I am missing something.
The test failures are:
testCallSayHi(org.apache.cxf.javascript.GreeterClientTest): Error
creating bean with name 'greeter-service-endpoint': Cannot create
inner bean '(inner bean)' of type
[org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
property 'serviceBean'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error
creating bean with name '(inner bean)' defined in class path resource
[GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
exception is java.lang.ExceptionInInitializerError
testRequestClosure(org.apache.cxf.javascript.GreeterClientTest):
Error creating bean with name 'greeter-service-endpoint': Cannot
create inner bean '(inner bean)' of type
[org.apache.cxf.javascript.hwdemo.GreeterImpl] while setting bean
property 'serviceBean'; nested exception is
org.springframework.beans.factory.BeanCreationException: Error
creating bean with name '(inner bean)' defined in class path resource
[GreeterClientTestBeans.xml]: Instantiation of bean failed; nested
exception is java.lang.NoClassDefFoundError: Could not initialize
class org.apache.cxf.javascript.hwdemo.GreeterImpl
...
Inner exception is:
Caused by: java.lang.RuntimeException: Uncompilable source code -
cannot find symbol
symbol: class Greeter
at org.apache.cxf.javascript.hwdemo.GreeterImpl.<clinit>(GreeterImpl.java:34)
... 53 more
...
[INFO] Apache CXF Runtime JavaScript Client Generator Tests FAILURE
The missing Greeter class is in testutils.
Thanks
Sunil.
On Thu, Oct 4, 2012 at 2:54 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> Definitely looks like a bug to me. Any chance you can log it? Since you've already dug into there, any chance you can create a patch?
>
> Dan
>
>
>
> On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
>
>> I am working on writing a client to a web service using CXF 2.6.2. The
>> service has a security policy which uses TransportBinding with SAML
>> EndorsingSupportingTokens. The policy also requires Signature Confirmation
>> (<sp:RequireSignatureConfirmation/>).
>>
>> What is happening is that the client calls the service correctly with the
>> required security elements. The response from the server contains a
>> Signature Confirmation element, and the response fails with the error:
>> Received a SignatureConfirmation element, but there are no stored signature
>> values
>>
>> Debugging through the CXF code, here's what is happening:
>>
>> - After configuring the client, the WSS11Builder calls
>> setRequireSignatureConfirmation(true) based on the policy.
>>
>> - In the constructor of AbstractBindingBuilder, it initializes the
>> signatures array property with an empty array, and puts it in the message
>> as follows:
>> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>>
>> - In the TransportBindingHandler.handleEndorsingToken (line 300), it calls
>> addSig, which eventually calls the doSignature. However, the signature is
>> never added to the signatures array. (SymmetricBindingHandler and
>> AsymmetricBindingHandler do a signatures.add)
>>
>> - As a result when the service response comes to the WSS4JInInterceptor, it
>> calls checkSignatureConfirmation in WSHandler, which retrieves the
>> savedSignatures using
>> List<byte[]> savedSignatures =
>> (List<byte[]>) getProperty(reqData.getMsgContext(),
>> WSHandlerConstants.SEND_SIGV);
>>
>> - This array is empty, since the signature was never added by
>> TransportBindingHandler. Therefore it throws the above exception.
>>
>> The question is - is this a bug, or is it by design that the
>> SignatureConfirmation does not work with TransportBinding, and that they
>> are not allowed together?
>>
>> Thanks
>> Sunil.
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
Re: TransportBinding and SignatureConfirmation
Posted by Daniel Kulp <dk...@apache.org>.
Definitely looks like a bug to me. Any chance you can log it? Since you've already dug into there, any chance you can create a patch?
Dan
On Oct 4, 2012, at 1:30 PM, Sunil Bapat <su...@gmail.com> wrote:
> I am working on writing a client to a web service using CXF 2.6.2. The
> service has a security policy which uses TransportBinding with SAML
> EndorsingSupportingTokens. The policy also requires Signature Confirmation
> (<sp:RequireSignatureConfirmation/>).
>
> What is happening is that the client calls the service correctly with the
> required security elements. The response from the server contains a
> Signature Confirmation element, and the response fails with the error:
> Received a SignatureConfirmation element, but there are no stored signature
> values
>
> Debugging through the CXF code, here's what is happening:
>
> - After configuring the client, the WSS11Builder calls
> setRequireSignatureConfirmation(true) based on the policy.
>
> - In the constructor of AbstractBindingBuilder, it initializes the
> signatures array property with an empty array, and puts it in the message
> as follows:
> message.getExchange().put(WSHandlerConstants.SEND_SIGV, signatures)
>
> - In the TransportBindingHandler.handleEndorsingToken (line 300), it calls
> addSig, which eventually calls the doSignature. However, the signature is
> never added to the signatures array. (SymmetricBindingHandler and
> AsymmetricBindingHandler do a signatures.add)
>
> - As a result when the service response comes to the WSS4JInInterceptor, it
> calls checkSignatureConfirmation in WSHandler, which retrieves the
> savedSignatures using
> List<byte[]> savedSignatures =
> (List<byte[]>) getProperty(reqData.getMsgContext(),
> WSHandlerConstants.SEND_SIGV);
>
> - This array is empty, since the signature was never added by
> TransportBindingHandler. Therefore it throws the above exception.
>
> The question is - is this a bug, or is it by design that the
> SignatureConfirmation does not work with TransportBinding, and that they
> are not allowed together?
>
> Thanks
> Sunil.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com