You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Vassilis Virvilis <v....@biovista.com> on 2013/11/05 14:59:32 UTC
Re: 2 possible validators/interceptors
Hi everybody,
Sorry for resurrecting an old thread but I didn't have a workaround so
far and I was bitten again by this issue.
The problem is that looks impossible to configure that limit through the
spring configuration. The documentation in
http://cxf.apache.org/docs/security.html#Security-XML is not working for
me because I am using the simple backend and not the jaxws. I have tried
many things and although I could get away from that exception I was
beaten by the same exception later on in reader.next() in
StaxUtils.java:1309
I have asked the same question in
http://mail-archives.apache.org/mod_mbox/cxf-users/201304.mbox/%3C515E9978.4010805@biovista.com%3E
and although it was possible to configure the client programmatically it
was impossible to configure the server via spring.
Finally we resolved to the following trick in our server-beans.xml
<bean
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass" value="java.lang.System" />
<property name="targetMethod" value="setProperty" />
<property name="arguments">
<list>
<value>org.apache.cxf.stax.maxChildElements</value>
<value>1000000</value>
</list>
</property>
</bean>
because setting the property it is the only thing that it works reliably.
On 07/23/2013 12:23 AM, unicyco wrote:
> I'm trying to change the org.apache.cxf.stax.maxChildElements value without
> luck. How can I override the default value of 50,000? I've tried injecting
> it as a jaxws:property on the endpoint and as a constructor property map
> entry on the interceptor. Where should I be injecting it?
>
> Here's my code:
>
> <jaxws:endpoint
> id="timeEndpoint"
> implementor="#timeService"
> address="/TimeService">
> <jaxws:properties>
> <entry
> key="org.apache.cxf.stax.maxChildElements"
> value="-1" />
> </jaxws:properties>
> <jaxws:inInterceptors>
> <bean
> id="securityInterceptor"
> class="com.mycompany.WSS4JSecurityInterceptor">
> <constructor-arg>
> <map>
> <entry
> key="org.apache.cxf.stax.maxChildElements"
> value="-1" />
> </map>
> </constructor-arg>
> <property
> name="usernameInterceptor"
> ref="usernameInterceptor" />
> <property
> name="certificateInterceptor"
> ref="certificateInterceptor" />
> </bean>
> </jaxws:inInterceptors>
> </jaxws:endpoint>
>
> <bean
> id="usernameInterceptor"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> <constructor-arg>
> <map>
> <entry
> key="action"
> value="UsernameToken" />
> <entry
> key="passwordType"
> value="PasswordText" />
> </map>
> </constructor-arg>
> </bean>
>
> <bean
> id="certificateInterceptor"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> <constructor-arg>
> <map>
> <entry
> key="action"
> value="Signature" />
> <entry
> key="signaturePropFile"
> value="server_sign.properties" />
> </map>
> </constructor-arg>
> </bean>
>
>
>
> public class WSS4JSecurityInterceptor extends WSS4JInInterceptor implements
> InitializingBean {
>
> private static final Logger logger =
> LoggerFactory.getLogger(WSS4JSecurityInterceptor.class);
>
> private WSS4JInInterceptor certificateInterceptor = null;
> private WSS4JInInterceptor usernameInterceptor = null;
>
> public void setCertificateInterceptor(WSS4JInInterceptor
> certificateInterceptor) {
> this.certificateInterceptor = certificateInterceptor;
> }
>
> public void setUsernameInterceptor(WSS4JInInterceptor usernameInterceptor)
> {
> this.usernameInterceptor = usernameInterceptor;
> }
>
> public WSS4JSecurityInterceptor() {
> super();
> }
>
> public WSS4JSecurityInterceptor(Map<String, Object> properties) {
> super(properties);
> }
>
> @Override
> public void afterPropertiesSet() throws Exception {
>
> }
>
> @Override
> public void handleMessage(SoapMessage message) throws Fault {
>
> SoapMessage messageClone = (SoapMessage) message.clone();
> boolean authenticated = true;
> try {
> usernameInterceptor.handleMessage(messageClone);
> } catch (Exception e) {
> authenticated = false;
> logger.debug("Username/password authentication failed");
> }
>
> if (authenticated) {
> logger.info("Successfully authenticated using username/password");
> return;
> }
>
> authenticated = true;
> try {
> certificateInterceptor.handleMessage(message);
> } catch (Exception e) {
> authenticated = false;
> logger.debug("Certificate authentication failed", e);
> }
>
> if (!authenticated) {
> logger.error("Unable to authenticate!");
> throw new AuthenticationException("Unable to authenticate");
> }
> logger.info("Successfully authenticated using certificate");
>
> }
> }
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/2-possible-validators-interceptors-tp5731252p5731284.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>
--
__________________________________
Vassilis Virvilis Ph.D.
Head of IT
Biovista Inc.
US Offices
2421 Ivy Road
Charlottesville, VA 22903
USA
T: +1.434.971.1141
F: +1.434.971.1144
European Offices
34 Rodopoleos Street
Ellinikon, Athens 16777
GREECE
T: +30.210.9629848
F: +30.210.9647606
www.biovista.com
Biovista is a privately held biotechnology company that finds novel uses
for existing drugs, and profiles their side effects using their
mechanism of action. Biovista develops its own pipeline of drugs in CNS,
oncology, auto-immune and rare diseases. Biovista is collaborating with
biopharmaceutical companies on indication expansion and de-risking of
their portfolios and with the FDA on adverse event prediction.