Regressions in WS-Trust 10 interopfest demo

[Sergey Beryozkin <sb...@gmail.com>]

Hi

I'm seeing all sorts of problems when running
samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and on
2.2.x.
I did run the demo last week and it worked for me but today it is just all
failing.

In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin to 1.4
just to get the build working, but besides that I'm seeing
some strange errors like

java.lang.NoSuchMethodError:
org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Policy;)V
    at
org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterceptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:167)

even though I can see STSClient.setPolicy(Object policy) method...

In 2.2.x, the problem is that CXF version gets resolved to 2.3.0-SNAPSHOT,
setting the version to 2.2.11-SNAPSHOT results in the async binding test
failures.

Can someone please give it a try and confirm it is just not me only ? Now,
assuming there're regressions, I'd have to start investigating. Given that
I'm a bit raw so to say in this area, any help will be appreciated

thanks, Sergey

Re: Regressions in WS-Trust 10 interopfest demo

[Glen Mazza <gl...@gmail.com>]

It might be me.  For SAML references, I switched to KeyIdentifier instead of
wsse:reference because that's what a Metro web service was expecting, also
that was in harmony with the relevant specifications, as discussed here[1]. 

To be two-thirds complete, another patch in WSS4J will need to be
applied[2].  

I'm trying to get CXF's stsclient to work with a Metro STS, and also have
the subsequent security token received by the client to work with a Metro
web service (basically, swap a Metro client with a CXF one here[3]).  The
older wsse:reference (at least when used to refer to SAML tokens) is not
being accepted by Metro, and the Metro team appears to have the support of
the relevant OASIS specifications (that probably postdate considerably the
interopfest stuff we test against) that pretty much mandate KeyIdentifier in
these situations (as discussed in [1]).

Without this change, CXF's stsclient will not be able to work with a Metro
STS, nor will the subsequent SOAP call be accepted by a Metro web service
either.  Granted, though, even with this change, it still won't work, as
more work is needed as explained in [2] for WSS4J to understand the SOAP
response returned by the Metro web service.  (My changes only handle the
successful acceptance of the sts request by the CXF stsclient and the
subsequent SOAP request to the Metro web service, part three of getting
WSS4J of understanding the Metro SOAP response with a SAML token using
KeyIdentifier instead of wsse:Reference is still uncoded, as that's a bit
outside my present skillset.)

You can revert it in order to pass the tests (if that is indeed the
problem), but you'll be back to square #1 of cxf's stsclient not being able
to work with a Metro STS, greatly stunting its usefulness and harming the
growth of SOAP web services in general.  Next issue (since you work with
RedHat):  There's also a PicketLink STS -- I don't know what it is expecting
for SAML assertions -- the modern KeyIdentifier or the bring-out-the-78rpm
wsse:Reference, if the former, that would also speak against reverting the
changes I made, if the latter, maybe I can get the Metro team to work with
wsse:Reference but again the spec appears to be very much on their side.

Glen

[1] https://issues.apache.org/jira/browse/CXF-2894 
[2] https://issues.apache.org/jira/browse/WSS-238
[3] http://www.jroller.com/gmazza/entry/metro_and_wstrust


Sergey Beryozkin-5 wrote:
> 
> All of those NoSuchMethodError exceptions have been probably caused by the
> fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
> views, so after removing the cxf artifacts from the maven repo I can the
> exceptions gone.
> 
> However, it does appear we have a regression in scenarios 9 and 10 :
> 
> Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
> javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
> security for the message.
> Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
> Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
> verifying security for the message.
> 
> Has anyone worked in this area recently ? I'm going to start looking into
> it
> as well...
> 
> cheers, Sergey
> 

-- 
View this message in context: http://cxf.547215.n5.nabble.com/Regressions-in-WS-Trust-10-interopfest-demo-tp2640748p2641132.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Occur ConcurrentModificationException when creating mutiple WebService client

[Jammy Cheng Chen <Ja...@dextrys.com>]

Hi folks,

Recently I met one bug in CXF 2.2.10 which seriously blocked our current project, The cxf  application throws ConcurrentModificationException when creating mutiple WebService client in mutiple thread in the same time,  I have reported this issue to jira, please see the detail information from https://issues.apache.org/jira/browse/CXF-2954, but unfortunately there have no any reponses, Is there anyone who can help me identify this issue and fix it asap. really appreciate your help!

thanks!
Jammy   

Re: Regressions in WS-Trust 10 interopfest demo

[Sergey Beryozkin <sb...@gmail.com>]

Hi

On Sat, Aug 21, 2010 at 5:34 AM, David Valeri <dv...@apache.org> wrote:

> I was out of the office today and didn't get a chance to look at it until
> late tonight.  The offending code has been updated and a JIRA has been
> logged [1].  Let me know if things are fixed on your end.  I had to update
> the Ant plug-in version in wstrust10 to get the build working on my
> machine.
> Hopefully that change will work for everyone else as well.  If things work
> out on your end, I will merge to the 2.2.x branch as well.
>
>
I've confirmed the fix works on the trunk and the 2.2.x branch; I've merged
your fix to the 2.2.x as I've been verifying it anyway.

thanks for a quick fix
Sergey


> [1] https://issues.apache.org/jira/browse/CXF-2953
>
> David Valeri
> ---------------------------
> http://davidvaleri.wordpress.com/
> http://twitter.com/DavidValeri
>
> -----Original Message-----
> From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
> Sent: Friday, August 20, 2010 9:10 AM
> To: dev@cxf.apache.org
> Subject: Re: Regressions in WS-Trust 10 interopfest demo
>
> Hi
>
> On Thu, Aug 19, 2010 at 4:34 PM, David Valeri <dv...@apache.org> wrote:
>
> > In order to get any of them to run I had to do major surgery on the
> > modules.
> > Microsoft moved servers and changed TLS certificates.  Furthermore, the
> > version numbers don't line up correctly like you said and all sorts of
> > headaches result.  I recently made changes to WS-T related code and had
> the
> > tests working as best I could tell, but they are still really brittle and
> I
> > may have introduced a regression.  I made a note of what I had to do in
> > https://issues.apache.org/jira/browse/CXF-2909.  There needs to be some
> > effort expended in getting these updated, but I couldn't find any
> > information about the MS servers in order to accurately update
> > interopfest's
> > configuration.
> >
> >
> I've went through all the merges which have been done since CXF 2.2.9 was
> released (about 09 June)
> and after reverting all the changes one by one made to STSClient and
> AsymmetricBindingHandler,
> I was able to see the wstrust10 client demo running 'OK' again.
>
> Note that not until I reverted the following (and the last) one,
>
> with
>
> http://cxf.547215.n5.nabble.com/svn-commit-r980941-in-cxf-trunk-rt-ws-securi
>
> ty-src-main-java-org-apache-cxf-ws-security-wss4j-policy-td2260083.html#a226<http://cxf.547215.n5.nabble.com/svn-commit-r980941-in-cxf-trunk-rt-ws-securi%0Aty-src-main-java-org-apache-cxf-ws-security-wss4j-policy-td2260083.html#a226>
> 0083
>
> was I able to see the green light. I've then reverted all my local changes
> and only applied the changes made in the above commit to
> AsymmetricBindingHandler only but it did not work again so it does look
> like
> the affecting changes are spread either through multiple commits or all the
> above commit needs to be reverted.
>
> David, can you please look at this issue ? You've obviously done the
> changes
> for the good reasons but as it happens
> wstrust10 test is not working at the moment so it looks like the legacy
> servers are not liking the changes.
>
> May be we can introduce some contextual properties so that say
> AsymmetricBindingHandler (and may be STSClient) do what they used to do
> when
> working with wstrust 10 servers ?
>
> cheers, Sergey
>
>
>
> > -----Original Message-----
> > From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
> > Sent: Thursday, August 19, 2010 8:14 AM
> > To: dev@cxf.apache.org
> > Subject: Re: Regressions in WS-Trust 10 interopfest demo
> >
> > All of those NoSuchMethodError exceptions have been probably caused by
> the
> > fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
> > views, so after removing the cxf artifacts from the maven repo I can the
> > exceptions gone.
> >
> > However, it does appear we have a regression in scenarios 9 and 10 :
> >
> > Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
> > javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
> > security for the message.
> >
> >
>
> Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
> > Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
> > verifying security for the message.
> >
> > Has anyone worked in this area recently ? I'm going to start looking into
> > it
> > as well...
> >
> > cheers, Sergey
> >
> > On Thu, Aug 19, 2010 at 11:55 AM, Sergey Beryozkin
> > <sb...@gmail.com>wrote:
> >
> > > Hi
> > >
> > > I'm seeing all sorts of problems when running
> > > samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and
> on
> > > 2.2.x.
> > > I did run the demo last week and it worked for me but today it is just
> > all
> > > failing.
> > >
> > > In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin
> to
> > > 1.4 just to get the build working, but besides that I'm seeingucuch
> > > some strange errors like
> > >
> > > java.lang.NoSuchMethodError:
> > >
> >
> >
>
> org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Poli
> > cy;)V
> > >     at
> > >
> >
> >
>
> org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterc
> >
> >
>
> eptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:16
> > 7)
> > >
> > > even though I can see STSClient.setPolicy(Object policy) method...
> > >
> > > In 2.2.x, the problem is that CXF version gets resolved to
> > 2.3.0-SNAPSHOT,
> > > setting the version to 2.2.11-SNAPSHOT results in the async binding
> test
> > > failures.
> > >
> > > Can someone please give it a try and confirm it is just not me only ?
> > Now,
> > > assuming there're regressions, I'd have to start investigating. Given
> > that
> > > I'm a bit raw so to say in this area, any help will be appreciated
> > >
> > > thanks, Sergey
> > >
> > >
> >
> >
>
>

Re: Regressions in WS-Trust 10 interopfest demo

[Johan Edstrom <se...@gmail.com>]

David, ++ and thanks.


On Aug 20, 2010, at 10:34 PM, David Valeri wrote:

> I was out of the office today and didn't get a chance to look at it until
> late tonight.  The offending code has been updated and a JIRA has been
> logged [1].  Let me know if things are fixed on your end.  I had to update
> the Ant plug-in version in wstrust10 to get the build working on my machine.
> Hopefully that change will work for everyone else as well.  If things work
> out on your end, I will merge to the 2.2.x branch as well.
> 
> [1] https://issues.apache.org/jira/browse/CXF-2953
> 
> David Valeri
> ---------------------------
> http://davidvaleri.wordpress.com/
> http://twitter.com/DavidValeri
> 
> -----Original Message-----
> From: Sergey Beryozkin [mailto:sberyozkin@gmail.com] 
> Sent: Friday, August 20, 2010 9:10 AM
> To: dev@cxf.apache.org
> Subject: Re: Regressions in WS-Trust 10 interopfest demo
> 
> Hi
> 
> On Thu, Aug 19, 2010 at 4:34 PM, David Valeri <dv...@apache.org> wrote:
> 
>> In order to get any of them to run I had to do major surgery on the
>> modules.
>> Microsoft moved servers and changed TLS certificates.  Furthermore, the
>> version numbers don't line up correctly like you said and all sorts of
>> headaches result.  I recently made changes to WS-T related code and had
> the
>> tests working as best I could tell, but they are still really brittle and
> I
>> may have introduced a regression.  I made a note of what I had to do in
>> https://issues.apache.org/jira/browse/CXF-2909.  There needs to be some
>> effort expended in getting these updated, but I couldn't find any
>> information about the MS servers in order to accurately update
>> interopfest's
>> configuration.
>> 
>> 
> I've went through all the merges which have been done since CXF 2.2.9 was
> released (about 09 June)
> and after reverting all the changes one by one made to STSClient and
> AsymmetricBindingHandler,
> I was able to see the wstrust10 client demo running 'OK' again.
> 
> Note that not until I reverted the following (and the last) one,
> 
> with
> http://cxf.547215.n5.nabble.com/svn-commit-r980941-in-cxf-trunk-rt-ws-securi
> ty-src-main-java-org-apache-cxf-ws-security-wss4j-policy-td2260083.html#a226
> 0083
> 
> was I able to see the green light. I've then reverted all my local changes
> and only applied the changes made in the above commit to
> AsymmetricBindingHandler only but it did not work again so it does look like
> the affecting changes are spread either through multiple commits or all the
> above commit needs to be reverted.
> 
> David, can you please look at this issue ? You've obviously done the changes
> for the good reasons but as it happens
> wstrust10 test is not working at the moment so it looks like the legacy
> servers are not liking the changes.
> 
> May be we can introduce some contextual properties so that say
> AsymmetricBindingHandler (and may be STSClient) do what they used to do when
> working with wstrust 10 servers ?
> 
> cheers, Sergey
> 
> 
> 
>> -----Original Message-----
>> From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
>> Sent: Thursday, August 19, 2010 8:14 AM
>> To: dev@cxf.apache.org
>> Subject: Re: Regressions in WS-Trust 10 interopfest demo
>> 
>> All of those NoSuchMethodError exceptions have been probably caused by the
>> fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
>> views, so after removing the cxf artifacts from the maven repo I can the
>> exceptions gone.
>> 
>> However, it does appear we have a regression in scenarios 9 and 10 :
>> 
>> Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
>> javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
>> security for the message.
>> 
>> 
> Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
>> Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
>> verifying security for the message.
>> 
>> Has anyone worked in this area recently ? I'm going to start looking into
>> it
>> as well...
>> 
>> cheers, Sergey
>> 
>> On Thu, Aug 19, 2010 at 11:55 AM, Sergey Beryozkin
>> <sb...@gmail.com>wrote:
>> 
>>> Hi
>>> 
>>> I'm seeing all sorts of problems when running
>>> samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and on
>>> 2.2.x.
>>> I did run the demo last week and it worked for me but today it is just
>> all
>>> failing.
>>> 
>>> In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin to
>>> 1.4 just to get the build working, but besides that I'm seeingucuch
>>> some strange errors like
>>> 
>>> java.lang.NoSuchMethodError:
>>> 
>> 
>> 
> org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Poli
>> cy;)V
>>>    at
>>> 
>> 
>> 
> org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterc
>> 
>> 
> eptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:16
>> 7)
>>> 
>>> even though I can see STSClient.setPolicy(Object policy) method...
>>> 
>>> In 2.2.x, the problem is that CXF version gets resolved to
>> 2.3.0-SNAPSHOT,
>>> setting the version to 2.2.11-SNAPSHOT results in the async binding test
>>> failures.
>>> 
>>> Can someone please give it a try and confirm it is just not me only ?
>> Now,
>>> assuming there're regressions, I'd have to start investigating. Given
>> that
>>> I'm a bit raw so to say in this area, any help will be appreciated
>>> 
>>> thanks, Sergey
>>> 
>>> 
>> 
>> 
> 

Johan Edstrom

joed@opennms.org

They that can give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.

Benjamin Franklin, Historical Review of Pennsylvania, 1759

RE: Regressions in WS-Trust 10 interopfest demo

[David Valeri <dv...@apache.org>]

I was out of the office today and didn't get a chance to look at it until
late tonight.  The offending code has been updated and a JIRA has been
logged [1].  Let me know if things are fixed on your end.  I had to update
the Ant plug-in version in wstrust10 to get the build working on my machine.
Hopefully that change will work for everyone else as well.  If things work
out on your end, I will merge to the 2.2.x branch as well.

[1] https://issues.apache.org/jira/browse/CXF-2953

David Valeri
---------------------------
http://davidvaleri.wordpress.com/
http://twitter.com/DavidValeri

-----Original Message-----
From: Sergey Beryozkin [mailto:sberyozkin@gmail.com] 
Sent: Friday, August 20, 2010 9:10 AM
To: dev@cxf.apache.org
Subject: Re: Regressions in WS-Trust 10 interopfest demo

Hi

On Thu, Aug 19, 2010 at 4:34 PM, David Valeri <dv...@apache.org> wrote:

> In order to get any of them to run I had to do major surgery on the
> modules.
> Microsoft moved servers and changed TLS certificates.  Furthermore, the
> version numbers don't line up correctly like you said and all sorts of
> headaches result.  I recently made changes to WS-T related code and had
the
> tests working as best I could tell, but they are still really brittle and
I
> may have introduced a regression.  I made a note of what I had to do in
> https://issues.apache.org/jira/browse/CXF-2909.  There needs to be some
> effort expended in getting these updated, but I couldn't find any
> information about the MS servers in order to accurately update
> interopfest's
> configuration.
>
>
I've went through all the merges which have been done since CXF 2.2.9 was
released (about 09 June)
and after reverting all the changes one by one made to STSClient and
AsymmetricBindingHandler,
I was able to see the wstrust10 client demo running 'OK' again.

Note that not until I reverted the following (and the last) one,

with
http://cxf.547215.n5.nabble.com/svn-commit-r980941-in-cxf-trunk-rt-ws-securi
ty-src-main-java-org-apache-cxf-ws-security-wss4j-policy-td2260083.html#a226
0083

was I able to see the green light. I've then reverted all my local changes
and only applied the changes made in the above commit to
AsymmetricBindingHandler only but it did not work again so it does look like
the affecting changes are spread either through multiple commits or all the
above commit needs to be reverted.

David, can you please look at this issue ? You've obviously done the changes
for the good reasons but as it happens
wstrust10 test is not working at the moment so it looks like the legacy
servers are not liking the changes.

May be we can introduce some contextual properties so that say
AsymmetricBindingHandler (and may be STSClient) do what they used to do when
working with wstrust 10 servers ?

cheers, Sergey



> -----Original Message-----
> From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
> Sent: Thursday, August 19, 2010 8:14 AM
> To: dev@cxf.apache.org
> Subject: Re: Regressions in WS-Trust 10 interopfest demo
>
> All of those NoSuchMethodError exceptions have been probably caused by the
> fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
> views, so after removing the cxf artifacts from the maven repo I can the
> exceptions gone.
>
> However, it does appear we have a regression in scenarios 9 and 10 :
>
> Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
> javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
> security for the message.
>
>
Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
> Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
> verifying security for the message.
>
> Has anyone worked in this area recently ? I'm going to start looking into
> it
> as well...
>
> cheers, Sergey
>
> On Thu, Aug 19, 2010 at 11:55 AM, Sergey Beryozkin
> <sb...@gmail.com>wrote:
>
> > Hi
> >
> > I'm seeing all sorts of problems when running
> > samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and on
> > 2.2.x.
> > I did run the demo last week and it worked for me but today it is just
> all
> > failing.
> >
> > In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin to
> > 1.4 just to get the build working, but besides that I'm seeingucuch
> > some strange errors like
> >
> > java.lang.NoSuchMethodError:
> >
>
>
org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Poli
> cy;)V
> >     at
> >
>
>
org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterc
>
>
eptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:16
> 7)
> >
> > even though I can see STSClient.setPolicy(Object policy) method...
> >
> > In 2.2.x, the problem is that CXF version gets resolved to
> 2.3.0-SNAPSHOT,
> > setting the version to 2.2.11-SNAPSHOT results in the async binding test
> > failures.
> >
> > Can someone please give it a try and confirm it is just not me only ?
> Now,
> > assuming there're regressions, I'd have to start investigating. Given
> that
> > I'm a bit raw so to say in this area, any help will be appreciated
> >
> > thanks, Sergey
> >
> >
>
>

Re: Regressions in WS-Trust 10 interopfest demo

[Sergey Beryozkin <sb...@gmail.com>]

Hi

On Thu, Aug 19, 2010 at 4:34 PM, David Valeri <dv...@apache.org> wrote:

> In order to get any of them to run I had to do major surgery on the
> modules.
> Microsoft moved servers and changed TLS certificates.  Furthermore, the
> version numbers don't line up correctly like you said and all sorts of
> headaches result.  I recently made changes to WS-T related code and had the
> tests working as best I could tell, but they are still really brittle and I
> may have introduced a regression.  I made a note of what I had to do in
> https://issues.apache.org/jira/browse/CXF-2909.  There needs to be some
> effort expended in getting these updated, but I couldn't find any
> information about the MS servers in order to accurately update
> interopfest's
> configuration.
>
>
I've went through all the merges which have been done since CXF 2.2.9 was
released (about 09 June)
and after reverting all the changes one by one made to STSClient and
AsymmetricBindingHandler,
I was able to see the wstrust10 client demo running 'OK' again.

Note that not until I reverted the following (and the last) one,

with
http://cxf.547215.n5.nabble.com/svn-commit-r980941-in-cxf-trunk-rt-ws-security-src-main-java-org-apache-cxf-ws-security-wss4j-policy-td2260083.html#a2260083

was I able to see the green light. I've then reverted all my local changes
and only applied the changes made in the above commit to
AsymmetricBindingHandler only but it did not work again so it does look like
the affecting changes are spread either through multiple commits or all the
above commit needs to be reverted.

David, can you please look at this issue ? You've obviously done the changes
for the good reasons but as it happens
wstrust10 test is not working at the moment so it looks like the legacy
servers are not liking the changes.

May be we can introduce some contextual properties so that say
AsymmetricBindingHandler (and may be STSClient) do what they used to do when
working with wstrust 10 servers ?

cheers, Sergey



> -----Original Message-----
> From: Sergey Beryozkin [mailto:sberyozkin@gmail.com]
> Sent: Thursday, August 19, 2010 8:14 AM
> To: dev@cxf.apache.org
> Subject: Re: Regressions in WS-Trust 10 interopfest demo
>
> All of those NoSuchMethodError exceptions have been probably caused by the
> fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
> views, so after removing the cxf artifacts from the maven repo I can the
> exceptions gone.
>
> However, it does appear we have a regression in scenarios 9 and 10 :
>
> Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
> javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
> security for the message.
>
> Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
> Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
> verifying security for the message.
>
> Has anyone worked in this area recently ? I'm going to start looking into
> it
> as well...
>
> cheers, Sergey
>
> On Thu, Aug 19, 2010 at 11:55 AM, Sergey Beryozkin
> <sb...@gmail.com>wrote:
>
> > Hi
> >
> > I'm seeing all sorts of problems when running
> > samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and on
> > 2.2.x.
> > I did run the demo last week and it worked for me but today it is just
> all
> > failing.
> >
> > In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin to
> > 1.4 just to get the build working, but besides that I'm seeingucuch
> > some strange errors like
> >
> > java.lang.NoSuchMethodError:
> >
>
> org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Poli
> cy;)V
> >     at
> >
>
> org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterc
>
> eptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:16
> 7)
> >
> > even though I can see STSClient.setPolicy(Object policy) method...
> >
> > In 2.2.x, the problem is that CXF version gets resolved to
> 2.3.0-SNAPSHOT,
> > setting the version to 2.2.11-SNAPSHOT results in the async binding test
> > failures.
> >
> > Can someone please give it a try and confirm it is just not me only ?
> Now,
> > assuming there're regressions, I'd have to start investigating. Given
> that
> > I'm a bit raw so to say in this area, any help will be appreciated
> >
> > thanks, Sergey
> >
> >
>
>

RE: Regressions in WS-Trust 10 interopfest demo

[David Valeri <dv...@apache.org>]

In order to get any of them to run I had to do major surgery on the modules.
Microsoft moved servers and changed TLS certificates.  Furthermore, the
version numbers don't line up correctly like you said and all sorts of
headaches result.  I recently made changes to WS-T related code and had the
tests working as best I could tell, but they are still really brittle and I
may have introduced a regression.  I made a note of what I had to do in
https://issues.apache.org/jira/browse/CXF-2909.  There needs to be some
effort expended in getting these updated, but I couldn't find any
information about the MS servers in order to accurately update interopfest's
configuration.

-----Original Message-----
From: Sergey Beryozkin [mailto:sberyozkin@gmail.com] 
Sent: Thursday, August 19, 2010 8:14 AM
To: dev@cxf.apache.org
Subject: Re: Regressions in WS-Trust 10 interopfest demo

All of those NoSuchMethodError exceptions have been probably caused by the
fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
views, so after removing the cxf artifacts from the maven repo I can the
exceptions gone.

However, it does appear we have a regression in scenarios 9 and 10 :

Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
security for the message.
Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
verifying security for the message.

Has anyone worked in this area recently ? I'm going to start looking into it
as well...

cheers, Sergey

On Thu, Aug 19, 2010 at 11:55 AM, Sergey Beryozkin
<sb...@gmail.com>wrote:

> Hi
>
> I'm seeing all sorts of problems when running
> samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and on
> 2.2.x.
> I did run the demo last week and it worked for me but today it is just all
> failing.
>
> In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin to
> 1.4 just to get the build working, but besides that I'm seeingucuch
> some strange errors like
>
> java.lang.NoSuchMethodError:
>
org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Poli
cy;)V
>     at
>
org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterc
eptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:16
7)
>
> even though I can see STSClient.setPolicy(Object policy) method...
>
> In 2.2.x, the problem is that CXF version gets resolved to 2.3.0-SNAPSHOT,
> setting the version to 2.2.11-SNAPSHOT results in the async binding test
> failures.
>
> Can someone please give it a try and confirm it is just not me only ? Now,
> assuming there're regressions, I'd have to start investigating. Given that
> I'm a bit raw so to say in this area, any help will be appreciated
>
> thanks, Sergey
>
>

Re: Regressions in WS-Trust 10 interopfest demo

[Sergey Beryozkin <sb...@gmail.com>]

All of those NoSuchMethodError exceptions have been probably caused by the
fact I was building sandbox projects depending on outdated 2.3-SNAPSHOT
views, so after removing the cxf artifacts from the maven repo I can the
exceptions gone.

However, it does appear we have a regression in scenarios 9 and 10 :

Scenario_9_IssuedTokenForCertificate_MutualCertificate11: Exception:
javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
security for the message.
Scenario_10_IssuedTokenForCertificateSecureConversation_MutualCertificate11:
Exception: javax.xml.ws.soap.SOAPFaultException: An error occurred when
verifying security for the message.

Has anyone worked in this area recently ? I'm going to start looking into it
as well...

cheers, Sergey

On Thu, Aug 19, 2010 at 11:55 AM, Sergey Beryozkin <sb...@gmail.com>wrote:

> Hi
>
> I'm seeing all sorts of problems when running
> samples/ws_security/interopfest/wstrust10, both in 2.3.0-SNAPSHOT and on
> 2.2.x.
> I did run the demo last week and it worked for me but today it is just all
> failing.
>
> In 2.3.0-SNAPSHOT I had to update the version of maven-ant-run plugin to
> 1.4 just to get the build working, but besides that I'm seeingucuch
> some strange errors like
>
> java.lang.NoSuchMethodError:
> org.apache.cxf.ws.security.trust.STSClient.setPolicy(Lorg/apache/neethi/Policy;)V
>     at
> org.apache.cxf.ws.security.policy.interceptors.SecureConversationTokenInterceptorProvider.setupClient(SecureConversationTokenInterceptorProvider.java:167)
>
> even though I can see STSClient.setPolicy(Object policy) method...
>
> In 2.2.x, the problem is that CXF version gets resolved to 2.3.0-SNAPSHOT,
> setting the version to 2.2.11-SNAPSHOT results in the async binding test
> failures.
>
> Can someone please give it a try and confirm it is just not me only ? Now,
> assuming there're regressions, I'd have to start investigating. Given that
> I'm a bit raw so to say in this area, any help will be appreciated
>
> thanks, Sergey
>
>