You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by "rahul.soa" <ra...@googlemail.com> on 2009/06/28 18:21:24 UTC
Need Help: WS-Security Support for CXF in Geronimo (UsernameToken
property setting)
Hello Devs,
First of all, I apologize if the below questions are trivial.
I need some help in setting basic usernameToken Property for Geronimo (for
CXF). I did add the username token property elements in the schema and
generated the required classes by mvn install. And Geronimo is able to
accept this "usertoken" element which users define in the geronimo-web.xml.
(but I think I have not well configured this in Geronimo)
<service-ref>
<service-ref-name>services/HelloWorld</service-ref-name>
<port>
<port-name>HelloWorldImplPort</port-name>
<protocol>http</protocol>
<host>localhost</host>
<port>8080</port>
<uri>/ServiceG/HelloWorld</uri>
* <usertoken>
<username>ws-client</username>
<password>password</password>
</usertoken>*
</port>
</service-ref>
* I am testing it with a servlet client which is trying to access the
secured service (with username and password) running on tomcat server.
Here is the servlet client code:
public class HelloServlet extends HttpServlet {
public void doGet (HttpServletRequest req,
HttpServletResponse res)
throws ServletException, IOException
{
PrintWriter out = res.getWriter();
try {
InitialContext ic=new InitialContext();
Service service;
service = (Service)ic.lookup("java:comp/env/services/HelloWorld");
QName svcQname=new QName("http://service.web/
","HelloWorldImplPort");
HelloWorld hw=service.getPort(HelloWorld.class);
String greeting=hw.sayHi("Rahul");
out.println(greeting);
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
out.close();
}
}
Now, I am coding to configure this above ws-security userToken propery with
CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
configure this. I am trying to write a CXF specific PortMethodInterceptor
class extended from (jaxws's PortMethodInterceptor) but not sure what CXF
apis I can use to configure the usertoken.
I start with the received error (pasted from geronimo.log) with some debug
statements:
....
...
2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
application context [org.apache.cxf.bus.spring.BusApplicationContext@1ccad1e]:
org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory] Pre-instantiating
singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95:
defining beans
[cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanPostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apache.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFactoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.http.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo.cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceContextResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.apache.cxf.transport.http.policy.HTTPClientAssertionBuilder,org.apache.cxf.transport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOnlyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.apache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.customEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory,org.apache.cxf.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressing.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.policy.UsingAddressingAssertionBuilder];
root of factory hierarchy
*2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
getPortMethodInterceptor, called from CXFServiceReference:
2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null false
ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
ws-client password]
2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing service
with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl {
http://service.web/}HelloWorldImplService
2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in intercept
method of CXFPortMethodInterceptor!
2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address property:
http://localhost:8080/ServiceG/HelloWorld
*2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
property: ws-client
2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username property:
password*
2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing right!
2009-06-28 16:41:21,010 INFO [SAAJFactoryFinder] Default SAAJ universe not
set
2009-06-28 16:41:22,947 ERROR [log] /invoke/hello
javax.xml.ws.soap.SOAPFaultException: An error was discovered processing the
<wsse:Security> header
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
at $Proxy66.sayHi(Unknown Source)
at HelloServlet.doGet(HelloServlet.java:58)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:521)
at
org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyServletHolder.java:60)
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:435)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:118)
at
org.eclipse.jetty.server.session.SessionHandler.handle(SessionHandler.java:179)
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:928)
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:370)
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:862)
at
org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebAppContext.java:114)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:116)
at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:243)
at
org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:126)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:115)
at org.eclipse.jetty.server.Server.handle(Server.java:330)
at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:557)
at
org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:933)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:530)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:203)
at
org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:413)
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:438)
at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214)
at
org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:344)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
processing the <wsse:Security> header
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:96)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2102)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1980)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1905)
at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:600)
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
... 29 more
2009-06-28 17:11:14,685 INFO [XSRFHandler] Removed destroyed
sessionId=jm4124n35l4g
2009-06-28 17:11:14,687 INFO [XSRFHandler] Removed destroyed
sessionId=jm4124n35l4g
Here is the send/receive messages (caught by tcpmonitor tool) - expected
with ws-security usertoken header
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:sayHi
xmlns:ns2="http://service.web/
"><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode
xmlns:ns1="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An
error was discovered processing the <wsse:Security>
header</faultstring></soap:Fault></soap:Body></soap:Envelope>
- >I have set the usernameToken property in
org.apache.geronimo.jaxws.client.EndpointInfo and
org.apache.geronimo.jaxws.builder.EndpointBuilder.
-> I have put some usertoken specific code in the PortMethodInterceptor
class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the
username and password.
org.apache.geronimo.jaxws.client.PortMethodInterceptor.java
...
....
String username = info.getUserName();
if (username != null) {
proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
username);
LOG.debug("Set username property: " + username);
}
String password = info.getPassword();
if (password != null) {
proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
password);
LOG.debug("Set username property: " + password);
}
...
and here is my cxf specific CXFPortMethodInterceptor, I am not sure its well
written. I need help in this, about how to use the cxf specific apis to set
the properties.
org.apache.geronimo.cxf.CXFPortMethodInterceptor
public class CXFPortMethodInterceptor extends PortMethodInterceptor {
private static final Logger LOG =
LoggerFactory.getLogger(CXFPortMethodInterceptor.class);
public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap) {
super(seiInfoMap);
LOG.debug("View the seiInfoMap.values() !" + seiInfoMap.values());
}
public Object intercept(Object target, Method method, Object[]
arguments, MethodProxy methodProxy) throws Throwable {
LOG.debug("I am in intercept method of CXFPortMethodInterceptor!");
Object proxy = super.intercept(target, method, arguments,
methodProxy);
BindingProvider cxfProxy = (BindingProvider) proxy;
//To cast a client proxy to a CXF client:
org.apache.cxf.endpoint.Client client =
org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy);
// testiing : used due to "No security action was defined." error
org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor
soapInterceptor =
new
org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor();
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
cxfEndpoint.getOutInterceptors().add(soapInterceptor);
cxfEndpoint.getOutInterceptors().add(new
org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor());
LOG.debug("Am I doing right!");
return proxy;
}
}
I am 100% sure, I am making some (or lot of) mistakes in the above code and
I need help to get it fix.
Can you please guide me in this? I apologize if its a trivial problem.
I am stuck here. I think if i get thru with this then i wil have good idea
about usage of cxf specific apis and can easily set other properties (like
X.509 etc)
Many Thanks in advance for your help.
PS: sorry for long email.
Best Regards,
Rahul
Re: Need Help: WS-Security Support for CXF in Geronimo (UsernameToken
property setting)
Posted by "rahul.soa" <ra...@googlemail.com>.
Hello Daniel,
Thank you for your quick response. Indeed you are right. I have fixed the
program and tested with the hard-coded values and it runs :) Now, I can work
on it and make it proper.
Thanks again.
Best Regards,
Rahul
On Mon, Jun 29, 2009 at 6:42 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> It LOOKS like the WSS4JOutInterceptor isn't being added to the client side
> as
> there isn't a security header in the message going out. From the code,
> you
> are adding the SAAJOut stuff, but not the WSS4JOut. Is that as intended?
>
> Dan
>
> On Sun June 28 2009 12:21:24 pm rahul.soa wrote:
> > Hello Devs,
> >
> > First of all, I apologize if the below questions are trivial.
> >
> > I need some help in setting basic usernameToken Property for Geronimo
> (for
> > CXF). I did add the username token property elements in the schema and
> > generated the required classes by mvn install. And Geronimo is able to
> > accept this "usertoken" element which users define in the
> geronimo-web.xml.
> > (but I think I have not well configured this in Geronimo)
> >
> > <service-ref>
> > <service-ref-name>services/HelloWorld</service-ref-name>
> > <port>
> > <port-name>HelloWorldImplPort</port-name>
> > <protocol>http</protocol>
> > <host>localhost</host>
> > <port>8080</port>
> > <uri>/ServiceG/HelloWorld</uri>
> > * <usertoken>
> > <username>ws-client</username>
> > <password>password</password>
> > </usertoken>*
> > </port>
> > </service-ref>
> >
> > * I am testing it with a servlet client which is trying to access the
> > secured service (with username and password) running on tomcat server.
> >
> > Here is the servlet client code:
> >
> >
> > public class HelloServlet extends HttpServlet {
> > public void doGet (HttpServletRequest req,
> > HttpServletResponse res)
> > throws ServletException, IOException
> > {
> > PrintWriter out = res.getWriter();
> > try {
> > InitialContext ic=new InitialContext();
> > Service service;
> > service =
> (Service)ic.lookup("java:comp/env/services/HelloWorld");
> > QName svcQname=new QName("http://service.web/
> > ","HelloWorldImplPort");
> >
> > HelloWorld hw=service.getPort(HelloWorld.class);
> > String greeting=hw.sayHi("Rahul");
> > out.println(greeting);
> > } catch (NamingException e) {
> > // TODO Auto-generated catch block
> > e.printStackTrace();
> > }
> >
> > out.close();
> > }
> > }
> >
> > Now, I am coding to configure this above ws-security userToken propery
> with
> > CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
> > configure this. I am trying to write a CXF specific PortMethodInterceptor
> > class extended from (jaxws's PortMethodInterceptor) but not sure what
> CXF
> > apis I can use to configure the usertoken.
> >
> > I start with the received error (pasted from geronimo.log) with some
> debug
> > statements:
> >
> > ....
> > ...
> >
> > 2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
> > application context
> > [org.apache.cxf.bus.spring.BusApplicationContext@1ccad1e]:
> >
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
> > 2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory]
> > Pre-instantiating singletons in
> >
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
> >: defining beans
> >
> [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp
>
> >ring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanP
>
> >ostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.
>
> >cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apa
>
> >che.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFa
>
> >ctoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf
>
> >.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue
>
> >.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache
>
> >.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,
>
> >org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.htt
>
> >p.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.
>
> >apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,
>
> >org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo.
>
> >cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceCont
>
> >extResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.a
> >pache.cxf.transport.http.policy.HTTPClientAssertionBuilder,
> org.apache.cxf.tr
>
> >ansport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http
>
> >.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOn
>
> >lyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.ap
>
> >ache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.custo
> >mEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory,
> org.apache.cx
>
> >f.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressi
>
> >ng.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.p
> >olicy.UsingAddressingAssertionBuilder]; root of factory hierarchy
> >
> > *2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
> > getPortMethodInterceptor, called from CXFServiceReference:
> > 2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
> > seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null
> false
> > ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
> > ws-client password]
> > 2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing
> service
> > with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl
> {
> > http://service.web/}HelloWorldImplService<http://service.web/%7DHelloWorldImplService>
> > 2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in
> intercept
> > method of CXFPortMethodInterceptor!
> > 2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
> > passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
> > 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address
> property:
> > http://localhost:8080/ServiceG/HelloWorld
> > *2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> > property: ws-client
> > 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> > property: password*
> > 2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing
> right!
> > 2009-06-28 16:41:21,010 INFO [SAAJFactoryFinder] Default SAAJ universe
> not
> > set
> > 2009-06-28 16:41:22,947 ERROR [log] /invoke/hello
> > javax.xml.ws.soap.SOAPFaultException: An error was discovered processing
> > the <wsse:Security> header
> > at
> > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
> > at $Proxy66.sayHi(Unknown Source)
> > at HelloServlet.doGet(HelloServlet.java:58)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
> > at
> > org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:521)
> > at
> >
> org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyS
> >ervletHolder.java:60) at
> >
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:435)
> > at
> >
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
> >8) at
> >
> org.eclipse.jetty.server.session.SessionHandler.handle(SessionHandler.java:
> >179) at
> >
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.jav
> >a:928) at
> > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:370)
> > at
> >
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java
> >:862) at
> >
> org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebApp
> >Context.java:114) at
> >
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
> >6) at
> >
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHan
> >dlerCollection.java:243) at
> >
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection
> >.java:126) at
> >
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:
> >115) at org.eclipse.jetty.server.Server.handle(Server.java:330)
> > at
> >
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:5
> >57) at
> >
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpC
> >onnection.java:933) at
> > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:530) at
> > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:203) at
> > org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:413)
> > at
> >
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.ja
> >va:438) at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214)
> at
> >
> org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPo
> >ol.java:344) at
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.j
> >ava:886) at
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:
> >908) at java.lang.Thread.run(Thread.java:619)
> > Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> > processing the <wsse:Security> header
> > at
> >
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
> >ault(Soap11FaultInInterceptor.java:75) at
> >
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
> >age(Soap11FaultInInterceptor.java:46) at
> >
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
> >age(Soap11FaultInInterceptor.java:35) at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> >n.java:226) at
> >
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab
> >stractFaultChainInitiatorObserver.java:96) at
> >
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
> >(CheckFaultInterceptor.java:69) at
> >
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
> >(CheckFaultInterceptor.java:34) at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> >n.java:226) at
> > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641) at
> >
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
> >eInternal(HTTPConduit.java:2102) at
> >
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
> >e(HTTPConduit.java:1980) at
> >
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
> >duit.java:1905) at
> > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> > at
> > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:600) at
> >
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
> >rceptor.handleMessage(MessageSenderInterceptor.java:62) at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> >n.java:226) at
> > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at
> > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at
> > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at
> > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at
> > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> > ... 29 more
> > 2009-06-28 17:11:14,685 INFO [XSRFHandler] Removed destroyed
> > sessionId=jm4124n35l4g
> > 2009-06-28 17:11:14,687 INFO [XSRFHandler] Removed destroyed
> > sessionId=jm4124n35l4g
> >
> >
> > Here is the send/receive messages (caught by tcpmonitor tool) - expected
> > with ws-security usertoken header
> >
> > <soap:Envelope
> > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
> "><soap:Body><ns2:sayH
> >i xmlns:ns2="http://service.web/
> > "><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope>
> >
> >
> > <soap:Envelope
> > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
> "><soap:Body><soap:Fau
> >lt><faultcode xmlns:ns1="
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
> >.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An error was
> discovered
> > processing the <wsse:Security>
> > header</faultstring></soap:Fault></soap:Body></soap:Envelope>
> >
> >
> > - >I have set the usernameToken property in
> > org.apache.geronimo.jaxws.client.EndpointInfo and
> > org.apache.geronimo.jaxws.builder.EndpointBuilder.
> >
> > -> I have put some usertoken specific code in the PortMethodInterceptor
> > class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the
> > username and password.
> >
> > org.apache.geronimo.jaxws.client.PortMethodInterceptor.java
> > ...
> > ....
> > String username = info.getUserName();
> > if (username != null) {
> >
> > proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
> username);
> > LOG.debug("Set username property: " + username);
> > }
> >
> > String password = info.getPassword();
> > if (password != null) {
> >
> > proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
> password);
> > LOG.debug("Set username property: " + password);
> > }
> > ...
> >
> >
> > and here is my cxf specific CXFPortMethodInterceptor, I am not sure its
> > well written. I need help in this, about how to use the cxf specific apis
> > to set the properties.
> >
> >
> > org.apache.geronimo.cxf.CXFPortMethodInterceptor
> >
> > public class CXFPortMethodInterceptor extends PortMethodInterceptor {
> > private static final Logger LOG =
> > LoggerFactory.getLogger(CXFPortMethodInterceptor.class);
> >
> > public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap)
> {
> > super(seiInfoMap);
> > LOG.debug("View the seiInfoMap.values() !" +
> seiInfoMap.values());
> > }
> >
> > public Object intercept(Object target, Method method, Object[]
> > arguments, MethodProxy methodProxy) throws Throwable {
> > LOG.debug("I am in intercept method of
> CXFPortMethodInterceptor!");
> > Object proxy = super.intercept(target, method, arguments,
> > methodProxy);
> >
> > BindingProvider cxfProxy = (BindingProvider) proxy;
> >
> > //To cast a client proxy to a CXF client:
> > org.apache.cxf.endpoint.Client client =
> > org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy);
> > // testiing : used due to "No security action was defined." error
> >
> > org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor
> > soapInterceptor =
> > new
> > org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor();
> >
> > org.apache.cxf.endpoint.Endpoint cxfEndpoint =
> > client.getEndpoint();
> > cxfEndpoint.getOutInterceptors().add(soapInterceptor);
> >
> > cxfEndpoint.getOutInterceptors().add(new
> > org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor());
> >
> > LOG.debug("Am I doing right!");
> > return proxy;
> > }
> > }
> >
> > I am 100% sure, I am making some (or lot of) mistakes in the above code
> and
> > I need help to get it fix.
> >
> >
> > Can you please guide me in this? I apologize if its a trivial problem.
> >
> > I am stuck here. I think if i get thru with this then i wil have good
> idea
> > about usage of cxf specific apis and can easily set other properties
> (like
> > X.509 etc)
> >
> >
> > Many Thanks in advance for your help.
> >
> > PS: sorry for long email.
> >
> > Best Regards,
> > Rahul
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>
Re: Need Help: WS-Security Support for CXF in Geronimo (UsernameToken
property setting)
Posted by "rahul.soa" <ra...@googlemail.com>.
Hello Daniel,
Thank you for your quick response. Indeed you are right. I have fixed the
program and tested with the hard-coded values and it runs :) Now, I can work
on it and make it proper.
Thanks again.
Best Regards,
Rahul
On Mon, Jun 29, 2009 at 6:42 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> It LOOKS like the WSS4JOutInterceptor isn't being added to the client side
> as
> there isn't a security header in the message going out. From the code,
> you
> are adding the SAAJOut stuff, but not the WSS4JOut. Is that as intended?
>
> Dan
>
> On Sun June 28 2009 12:21:24 pm rahul.soa wrote:
> > Hello Devs,
> >
> > First of all, I apologize if the below questions are trivial.
> >
> > I need some help in setting basic usernameToken Property for Geronimo
> (for
> > CXF). I did add the username token property elements in the schema and
> > generated the required classes by mvn install. And Geronimo is able to
> > accept this "usertoken" element which users define in the
> geronimo-web.xml.
> > (but I think I have not well configured this in Geronimo)
> >
> > <service-ref>
> > <service-ref-name>services/HelloWorld</service-ref-name>
> > <port>
> > <port-name>HelloWorldImplPort</port-name>
> > <protocol>http</protocol>
> > <host>localhost</host>
> > <port>8080</port>
> > <uri>/ServiceG/HelloWorld</uri>
> > * <usertoken>
> > <username>ws-client</username>
> > <password>password</password>
> > </usertoken>*
> > </port>
> > </service-ref>
> >
> > * I am testing it with a servlet client which is trying to access the
> > secured service (with username and password) running on tomcat server.
> >
> > Here is the servlet client code:
> >
> >
> > public class HelloServlet extends HttpServlet {
> > public void doGet (HttpServletRequest req,
> > HttpServletResponse res)
> > throws ServletException, IOException
> > {
> > PrintWriter out = res.getWriter();
> > try {
> > InitialContext ic=new InitialContext();
> > Service service;
> > service =
> (Service)ic.lookup("java:comp/env/services/HelloWorld");
> > QName svcQname=new QName("http://service.web/
> > ","HelloWorldImplPort");
> >
> > HelloWorld hw=service.getPort(HelloWorld.class);
> > String greeting=hw.sayHi("Rahul");
> > out.println(greeting);
> > } catch (NamingException e) {
> > // TODO Auto-generated catch block
> > e.printStackTrace();
> > }
> >
> > out.close();
> > }
> > }
> >
> > Now, I am coding to configure this above ws-security userToken propery
> with
> > CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
> > configure this. I am trying to write a CXF specific PortMethodInterceptor
> > class extended from (jaxws's PortMethodInterceptor) but not sure what
> CXF
> > apis I can use to configure the usertoken.
> >
> > I start with the received error (pasted from geronimo.log) with some
> debug
> > statements:
> >
> > ....
> > ...
> >
> > 2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
> > application context
> > [org.apache.cxf.bus.spring.BusApplicationContext@1ccad1e]:
> >
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
> > 2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory]
> > Pre-instantiating singletons in
> >
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
> >: defining beans
> >
> [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp
>
> >ring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanP
>
> >ostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.
>
> >cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apa
>
> >che.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFa
>
> >ctoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf
>
> >.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue
>
> >.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache
>
> >.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,
>
> >org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.htt
>
> >p.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.
>
> >apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,
>
> >org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo.
>
> >cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceCont
>
> >extResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.a
> >pache.cxf.transport.http.policy.HTTPClientAssertionBuilder,
> org.apache.cxf.tr
>
> >ansport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http
>
> >.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOn
>
> >lyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.ap
>
> >ache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.custo
> >mEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory,
> org.apache.cx
>
> >f.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressi
>
> >ng.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.p
> >olicy.UsingAddressingAssertionBuilder]; root of factory hierarchy
> >
> > *2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
> > getPortMethodInterceptor, called from CXFServiceReference:
> > 2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
> > seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null
> false
> > ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
> > ws-client password]
> > 2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing
> service
> > with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl
> {
> > http://service.web/}HelloWorldImplService<http://service.web/%7DHelloWorldImplService>
> > 2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in
> intercept
> > method of CXFPortMethodInterceptor!
> > 2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
> > passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
> > 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address
> property:
> > http://localhost:8080/ServiceG/HelloWorld
> > *2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> > property: ws-client
> > 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> > property: password*
> > 2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing
> right!
> > 2009-06-28 16:41:21,010 INFO [SAAJFactoryFinder] Default SAAJ universe
> not
> > set
> > 2009-06-28 16:41:22,947 ERROR [log] /invoke/hello
> > javax.xml.ws.soap.SOAPFaultException: An error was discovered processing
> > the <wsse:Security> header
> > at
> > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
> > at $Proxy66.sayHi(Unknown Source)
> > at HelloServlet.doGet(HelloServlet.java:58)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
> > at
> > org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:521)
> > at
> >
> org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyS
> >ervletHolder.java:60) at
> >
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:435)
> > at
> >
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
> >8) at
> >
> org.eclipse.jetty.server.session.SessionHandler.handle(SessionHandler.java:
> >179) at
> >
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.jav
> >a:928) at
> > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:370)
> > at
> >
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java
> >:862) at
> >
> org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebApp
> >Context.java:114) at
> >
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
> >6) at
> >
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHan
> >dlerCollection.java:243) at
> >
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection
> >.java:126) at
> >
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:
> >115) at org.eclipse.jetty.server.Server.handle(Server.java:330)
> > at
> >
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:5
> >57) at
> >
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpC
> >onnection.java:933) at
> > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:530) at
> > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:203) at
> > org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:413)
> > at
> >
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.ja
> >va:438) at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214)
> at
> >
> org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPo
> >ol.java:344) at
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.j
> >ava:886) at
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:
> >908) at java.lang.Thread.run(Thread.java:619)
> > Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> > processing the <wsse:Security> header
> > at
> >
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
> >ault(Soap11FaultInInterceptor.java:75) at
> >
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
> >age(Soap11FaultInInterceptor.java:46) at
> >
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
> >age(Soap11FaultInInterceptor.java:35) at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> >n.java:226) at
> >
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab
> >stractFaultChainInitiatorObserver.java:96) at
> >
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
> >(CheckFaultInterceptor.java:69) at
> >
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
> >(CheckFaultInterceptor.java:34) at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> >n.java:226) at
> > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641) at
> >
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
> >eInternal(HTTPConduit.java:2102) at
> >
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
> >e(HTTPConduit.java:1980) at
> >
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
> >duit.java:1905) at
> > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> > at
> > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:600) at
> >
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
> >rceptor.handleMessage(MessageSenderInterceptor.java:62) at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> >n.java:226) at
> > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at
> > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at
> > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at
> > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at
> > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> > ... 29 more
> > 2009-06-28 17:11:14,685 INFO [XSRFHandler] Removed destroyed
> > sessionId=jm4124n35l4g
> > 2009-06-28 17:11:14,687 INFO [XSRFHandler] Removed destroyed
> > sessionId=jm4124n35l4g
> >
> >
> > Here is the send/receive messages (caught by tcpmonitor tool) - expected
> > with ws-security usertoken header
> >
> > <soap:Envelope
> > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
> "><soap:Body><ns2:sayH
> >i xmlns:ns2="http://service.web/
> > "><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope>
> >
> >
> > <soap:Envelope
> > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
> "><soap:Body><soap:Fau
> >lt><faultcode xmlns:ns1="
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
> >.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An error was
> discovered
> > processing the <wsse:Security>
> > header</faultstring></soap:Fault></soap:Body></soap:Envelope>
> >
> >
> > - >I have set the usernameToken property in
> > org.apache.geronimo.jaxws.client.EndpointInfo and
> > org.apache.geronimo.jaxws.builder.EndpointBuilder.
> >
> > -> I have put some usertoken specific code in the PortMethodInterceptor
> > class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the
> > username and password.
> >
> > org.apache.geronimo.jaxws.client.PortMethodInterceptor.java
> > ...
> > ....
> > String username = info.getUserName();
> > if (username != null) {
> >
> > proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
> username);
> > LOG.debug("Set username property: " + username);
> > }
> >
> > String password = info.getPassword();
> > if (password != null) {
> >
> > proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
> password);
> > LOG.debug("Set username property: " + password);
> > }
> > ...
> >
> >
> > and here is my cxf specific CXFPortMethodInterceptor, I am not sure its
> > well written. I need help in this, about how to use the cxf specific apis
> > to set the properties.
> >
> >
> > org.apache.geronimo.cxf.CXFPortMethodInterceptor
> >
> > public class CXFPortMethodInterceptor extends PortMethodInterceptor {
> > private static final Logger LOG =
> > LoggerFactory.getLogger(CXFPortMethodInterceptor.class);
> >
> > public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap)
> {
> > super(seiInfoMap);
> > LOG.debug("View the seiInfoMap.values() !" +
> seiInfoMap.values());
> > }
> >
> > public Object intercept(Object target, Method method, Object[]
> > arguments, MethodProxy methodProxy) throws Throwable {
> > LOG.debug("I am in intercept method of
> CXFPortMethodInterceptor!");
> > Object proxy = super.intercept(target, method, arguments,
> > methodProxy);
> >
> > BindingProvider cxfProxy = (BindingProvider) proxy;
> >
> > //To cast a client proxy to a CXF client:
> > org.apache.cxf.endpoint.Client client =
> > org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy);
> > // testiing : used due to "No security action was defined." error
> >
> > org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor
> > soapInterceptor =
> > new
> > org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor();
> >
> > org.apache.cxf.endpoint.Endpoint cxfEndpoint =
> > client.getEndpoint();
> > cxfEndpoint.getOutInterceptors().add(soapInterceptor);
> >
> > cxfEndpoint.getOutInterceptors().add(new
> > org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor());
> >
> > LOG.debug("Am I doing right!");
> > return proxy;
> > }
> > }
> >
> > I am 100% sure, I am making some (or lot of) mistakes in the above code
> and
> > I need help to get it fix.
> >
> >
> > Can you please guide me in this? I apologize if its a trivial problem.
> >
> > I am stuck here. I think if i get thru with this then i wil have good
> idea
> > about usage of cxf specific apis and can easily set other properties
> (like
> > X.509 etc)
> >
> >
> > Many Thanks in advance for your help.
> >
> > PS: sorry for long email.
> >
> > Best Regards,
> > Rahul
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>
Re: Need Help: WS-Security Support for CXF in Geronimo (UsernameToken property setting)
Posted by Daniel Kulp <dk...@apache.org>.
It LOOKS like the WSS4JOutInterceptor isn't being added to the client side as
there isn't a security header in the message going out. From the code, you
are adding the SAAJOut stuff, but not the WSS4JOut. Is that as intended?
Dan
On Sun June 28 2009 12:21:24 pm rahul.soa wrote:
> Hello Devs,
>
> First of all, I apologize if the below questions are trivial.
>
> I need some help in setting basic usernameToken Property for Geronimo (for
> CXF). I did add the username token property elements in the schema and
> generated the required classes by mvn install. And Geronimo is able to
> accept this "usertoken" element which users define in the geronimo-web.xml.
> (but I think I have not well configured this in Geronimo)
>
> <service-ref>
> <service-ref-name>services/HelloWorld</service-ref-name>
> <port>
> <port-name>HelloWorldImplPort</port-name>
> <protocol>http</protocol>
> <host>localhost</host>
> <port>8080</port>
> <uri>/ServiceG/HelloWorld</uri>
> * <usertoken>
> <username>ws-client</username>
> <password>password</password>
> </usertoken>*
> </port>
> </service-ref>
>
> * I am testing it with a servlet client which is trying to access the
> secured service (with username and password) running on tomcat server.
>
> Here is the servlet client code:
>
>
> public class HelloServlet extends HttpServlet {
> public void doGet (HttpServletRequest req,
> HttpServletResponse res)
> throws ServletException, IOException
> {
> PrintWriter out = res.getWriter();
> try {
> InitialContext ic=new InitialContext();
> Service service;
> service = (Service)ic.lookup("java:comp/env/services/HelloWorld");
> QName svcQname=new QName("http://service.web/
> ","HelloWorldImplPort");
>
> HelloWorld hw=service.getPort(HelloWorld.class);
> String greeting=hw.sayHi("Rahul");
> out.println(greeting);
> } catch (NamingException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> }
>
> out.close();
> }
> }
>
> Now, I am coding to configure this above ws-security userToken propery with
> CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
> configure this. I am trying to write a CXF specific PortMethodInterceptor
> class extended from (jaxws's PortMethodInterceptor) but not sure what CXF
> apis I can use to configure the usertoken.
>
> I start with the received error (pasted from geronimo.log) with some debug
> statements:
>
> ....
> ...
>
> 2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
> application context
> [org.apache.cxf.bus.spring.BusApplicationContext@1ccad1e]:
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
> 2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory]
> Pre-instantiating singletons in
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
>: defining beans
> [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp
>ring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanP
>ostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.
>cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apa
>che.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFa
>ctoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf
>.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue
>.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache
>.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,
>org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.htt
>p.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.
>apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,
>org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo.
>cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceCont
>extResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.a
>pache.cxf.transport.http.policy.HTTPClientAssertionBuilder,org.apache.cxf.tr
>ansport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http
>.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOn
>lyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.ap
>ache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.custo
>mEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory,org.apache.cx
>f.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressi
>ng.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.p
>olicy.UsingAddressingAssertionBuilder]; root of factory hierarchy
>
> *2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
> getPortMethodInterceptor, called from CXFServiceReference:
> 2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
> seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null false
> ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
> ws-client password]
> 2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing service
> with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl {
> http://service.web/}HelloWorldImplService
> 2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in intercept
> method of CXFPortMethodInterceptor!
> 2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
> passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
> 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address property:
> http://localhost:8080/ServiceG/HelloWorld
> *2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> property: ws-client
> 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> property: password*
> 2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing right!
> 2009-06-28 16:41:21,010 INFO [SAAJFactoryFinder] Default SAAJ universe not
> set
> 2009-06-28 16:41:22,947 ERROR [log] /invoke/hello
> javax.xml.ws.soap.SOAPFaultException: An error was discovered processing
> the <wsse:Security> header
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
> at $Proxy66.sayHi(Unknown Source)
> at HelloServlet.doGet(HelloServlet.java:58)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
> at
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:521)
> at
> org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyS
>ervletHolder.java:60) at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:435)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
>8) at
> org.eclipse.jetty.server.session.SessionHandler.handle(SessionHandler.java:
>179) at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.jav
>a:928) at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:370)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java
>:862) at
> org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebApp
>Context.java:114) at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
>6) at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHan
>dlerCollection.java:243) at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection
>.java:126) at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:
>115) at org.eclipse.jetty.server.Server.handle(Server.java:330)
> at
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:5
>57) at
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpC
>onnection.java:933) at
> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:530) at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:203) at
> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:413)
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.ja
>va:438) at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214) at
> org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPo
>ol.java:344) at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.j
>ava:886) at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:
>908) at java.lang.Thread.run(Thread.java:619)
> Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> processing the <wsse:Security> header
> at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
>ault(Soap11FaultInInterceptor.java:75) at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
>age(Soap11FaultInInterceptor.java:46) at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
>age(Soap11FaultInInterceptor.java:35) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:226) at
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab
>stractFaultChainInitiatorObserver.java:96) at
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
>(CheckFaultInterceptor.java:69) at
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
>(CheckFaultInterceptor.java:34) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:226) at
> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641) at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>eInternal(HTTPConduit.java:2102) at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>e(HTTPConduit.java:1980) at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
>duit.java:1905) at
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> at
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:600) at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
>rceptor.handleMessage(MessageSenderInterceptor.java:62) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:226) at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> ... 29 more
> 2009-06-28 17:11:14,685 INFO [XSRFHandler] Removed destroyed
> sessionId=jm4124n35l4g
> 2009-06-28 17:11:14,687 INFO [XSRFHandler] Removed destroyed
> sessionId=jm4124n35l4g
>
>
> Here is the send/receive messages (caught by tcpmonitor tool) - expected
> with ws-security usertoken header
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:sayH
>i xmlns:ns2="http://service.web/
> "><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope>
>
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fau
>lt><faultcode xmlns:ns1="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An error was discovered
> processing the <wsse:Security>
> header</faultstring></soap:Fault></soap:Body></soap:Envelope>
>
>
> - >I have set the usernameToken property in
> org.apache.geronimo.jaxws.client.EndpointInfo and
> org.apache.geronimo.jaxws.builder.EndpointBuilder.
>
> -> I have put some usertoken specific code in the PortMethodInterceptor
> class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the
> username and password.
>
> org.apache.geronimo.jaxws.client.PortMethodInterceptor.java
> ...
> ....
> String username = info.getUserName();
> if (username != null) {
>
> proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
> LOG.debug("Set username property: " + username);
> }
>
> String password = info.getPassword();
> if (password != null) {
>
> proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
> LOG.debug("Set username property: " + password);
> }
> ...
>
>
> and here is my cxf specific CXFPortMethodInterceptor, I am not sure its
> well written. I need help in this, about how to use the cxf specific apis
> to set the properties.
>
>
> org.apache.geronimo.cxf.CXFPortMethodInterceptor
>
> public class CXFPortMethodInterceptor extends PortMethodInterceptor {
> private static final Logger LOG =
> LoggerFactory.getLogger(CXFPortMethodInterceptor.class);
>
> public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap) {
> super(seiInfoMap);
> LOG.debug("View the seiInfoMap.values() !" + seiInfoMap.values());
> }
>
> public Object intercept(Object target, Method method, Object[]
> arguments, MethodProxy methodProxy) throws Throwable {
> LOG.debug("I am in intercept method of CXFPortMethodInterceptor!");
> Object proxy = super.intercept(target, method, arguments,
> methodProxy);
>
> BindingProvider cxfProxy = (BindingProvider) proxy;
>
> //To cast a client proxy to a CXF client:
> org.apache.cxf.endpoint.Client client =
> org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy);
> // testiing : used due to "No security action was defined." error
>
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor
> soapInterceptor =
> new
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor();
>
> org.apache.cxf.endpoint.Endpoint cxfEndpoint =
> client.getEndpoint();
> cxfEndpoint.getOutInterceptors().add(soapInterceptor);
>
> cxfEndpoint.getOutInterceptors().add(new
> org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor());
>
> LOG.debug("Am I doing right!");
> return proxy;
> }
> }
>
> I am 100% sure, I am making some (or lot of) mistakes in the above code and
> I need help to get it fix.
>
>
> Can you please guide me in this? I apologize if its a trivial problem.
>
> I am stuck here. I think if i get thru with this then i wil have good idea
> about usage of cxf specific apis and can easily set other properties (like
> X.509 etc)
>
>
> Many Thanks in advance for your help.
>
> PS: sorry for long email.
>
> Best Regards,
> Rahul
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: Need Help: WS-Security Support for CXF in Geronimo (UsernameToken property setting)
Posted by Daniel Kulp <dk...@apache.org>.
It LOOKS like the WSS4JOutInterceptor isn't being added to the client side as
there isn't a security header in the message going out. From the code, you
are adding the SAAJOut stuff, but not the WSS4JOut. Is that as intended?
Dan
On Sun June 28 2009 12:21:24 pm rahul.soa wrote:
> Hello Devs,
>
> First of all, I apologize if the below questions are trivial.
>
> I need some help in setting basic usernameToken Property for Geronimo (for
> CXF). I did add the username token property elements in the schema and
> generated the required classes by mvn install. And Geronimo is able to
> accept this "usertoken" element which users define in the geronimo-web.xml.
> (but I think I have not well configured this in Geronimo)
>
> <service-ref>
> <service-ref-name>services/HelloWorld</service-ref-name>
> <port>
> <port-name>HelloWorldImplPort</port-name>
> <protocol>http</protocol>
> <host>localhost</host>
> <port>8080</port>
> <uri>/ServiceG/HelloWorld</uri>
> * <usertoken>
> <username>ws-client</username>
> <password>password</password>
> </usertoken>*
> </port>
> </service-ref>
>
> * I am testing it with a servlet client which is trying to access the
> secured service (with username and password) running on tomcat server.
>
> Here is the servlet client code:
>
>
> public class HelloServlet extends HttpServlet {
> public void doGet (HttpServletRequest req,
> HttpServletResponse res)
> throws ServletException, IOException
> {
> PrintWriter out = res.getWriter();
> try {
> InitialContext ic=new InitialContext();
> Service service;
> service = (Service)ic.lookup("java:comp/env/services/HelloWorld");
> QName svcQname=new QName("http://service.web/
> ","HelloWorldImplPort");
>
> HelloWorld hw=service.getPort(HelloWorld.class);
> String greeting=hw.sayHi("Rahul");
> out.println(greeting);
> } catch (NamingException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> }
>
> out.close();
> }
> }
>
> Now, I am coding to configure this above ws-security userToken propery with
> CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
> configure this. I am trying to write a CXF specific PortMethodInterceptor
> class extended from (jaxws's PortMethodInterceptor) but not sure what CXF
> apis I can use to configure the usertoken.
>
> I start with the received error (pasted from geronimo.log) with some debug
> statements:
>
> ....
> ...
>
> 2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
> application context
> [org.apache.cxf.bus.spring.BusApplicationContext@1ccad1e]:
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
> 2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory]
> Pre-instantiating singletons in
> org.springframework.beans.factory.support.DefaultListableBeanFactory@d6ae95
>: defining beans
> [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp
>ring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanP
>ostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.
>cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apa
>che.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFa
>ctoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf
>.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue
>.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache
>.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,
>org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.htt
>p.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.
>apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,
>org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo.
>cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceCont
>extResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.a
>pache.cxf.transport.http.policy.HTTPClientAssertionBuilder,org.apache.cxf.tr
>ansport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http
>.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOn
>lyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.ap
>ache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.custo
>mEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory,org.apache.cx
>f.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressi
>ng.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.p
>olicy.UsingAddressingAssertionBuilder]; root of factory hierarchy
>
> *2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
> getPortMethodInterceptor, called from CXFServiceReference:
> 2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
> seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null false
> ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
> ws-client password]
> 2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing service
> with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl {
> http://service.web/}HelloWorldImplService
> 2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in intercept
> method of CXFPortMethodInterceptor!
> 2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
> passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
> 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address property:
> http://localhost:8080/ServiceG/HelloWorld
> *2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> property: ws-client
> 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> property: password*
> 2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing right!
> 2009-06-28 16:41:21,010 INFO [SAAJFactoryFinder] Default SAAJ universe not
> set
> 2009-06-28 16:41:22,947 ERROR [log] /invoke/hello
> javax.xml.ws.soap.SOAPFaultException: An error was discovered processing
> the <wsse:Security> header
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
> at $Proxy66.sayHi(Unknown Source)
> at HelloServlet.doGet(HelloServlet.java:58)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
> at
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:521)
> at
> org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyS
>ervletHolder.java:60) at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:435)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
>8) at
> org.eclipse.jetty.server.session.SessionHandler.handle(SessionHandler.java:
>179) at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.jav
>a:928) at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:370)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java
>:862) at
> org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebApp
>Context.java:114) at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11
>6) at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHan
>dlerCollection.java:243) at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection
>.java:126) at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:
>115) at org.eclipse.jetty.server.Server.handle(Server.java:330)
> at
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:5
>57) at
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpC
>onnection.java:933) at
> org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:530) at
> org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:203) at
> org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:413)
> at
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.ja
>va:438) at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214) at
> org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPo
>ol.java:344) at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.j
>ava:886) at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:
>908) at java.lang.Thread.run(Thread.java:619)
> Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> processing the <wsse:Security> header
> at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
>ault(Soap11FaultInInterceptor.java:75) at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
>age(Soap11FaultInInterceptor.java:46) at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
>age(Soap11FaultInInterceptor.java:35) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:226) at
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab
>stractFaultChainInitiatorObserver.java:96) at
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
>(CheckFaultInterceptor.java:69) at
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
>(CheckFaultInterceptor.java:34) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:226) at
> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641) at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>eInternal(HTTPConduit.java:2102) at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>e(HTTPConduit.java:1980) at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
>duit.java:1905) at
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> at
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:600) at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
>rceptor.handleMessage(MessageSenderInterceptor.java:62) at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:226) at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> ... 29 more
> 2009-06-28 17:11:14,685 INFO [XSRFHandler] Removed destroyed
> sessionId=jm4124n35l4g
> 2009-06-28 17:11:14,687 INFO [XSRFHandler] Removed destroyed
> sessionId=jm4124n35l4g
>
>
> Here is the send/receive messages (caught by tcpmonitor tool) - expected
> with ws-security usertoken header
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:sayH
>i xmlns:ns2="http://service.web/
> "><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope>
>
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fau
>lt><faultcode xmlns:ns1="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An error was discovered
> processing the <wsse:Security>
> header</faultstring></soap:Fault></soap:Body></soap:Envelope>
>
>
> - >I have set the usernameToken property in
> org.apache.geronimo.jaxws.client.EndpointInfo and
> org.apache.geronimo.jaxws.builder.EndpointBuilder.
>
> -> I have put some usertoken specific code in the PortMethodInterceptor
> class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the
> username and password.
>
> org.apache.geronimo.jaxws.client.PortMethodInterceptor.java
> ...
> ....
> String username = info.getUserName();
> if (username != null) {
>
> proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
> LOG.debug("Set username property: " + username);
> }
>
> String password = info.getPassword();
> if (password != null) {
>
> proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
> LOG.debug("Set username property: " + password);
> }
> ...
>
>
> and here is my cxf specific CXFPortMethodInterceptor, I am not sure its
> well written. I need help in this, about how to use the cxf specific apis
> to set the properties.
>
>
> org.apache.geronimo.cxf.CXFPortMethodInterceptor
>
> public class CXFPortMethodInterceptor extends PortMethodInterceptor {
> private static final Logger LOG =
> LoggerFactory.getLogger(CXFPortMethodInterceptor.class);
>
> public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap) {
> super(seiInfoMap);
> LOG.debug("View the seiInfoMap.values() !" + seiInfoMap.values());
> }
>
> public Object intercept(Object target, Method method, Object[]
> arguments, MethodProxy methodProxy) throws Throwable {
> LOG.debug("I am in intercept method of CXFPortMethodInterceptor!");
> Object proxy = super.intercept(target, method, arguments,
> methodProxy);
>
> BindingProvider cxfProxy = (BindingProvider) proxy;
>
> //To cast a client proxy to a CXF client:
> org.apache.cxf.endpoint.Client client =
> org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy);
> // testiing : used due to "No security action was defined." error
>
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor
> soapInterceptor =
> new
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor();
>
> org.apache.cxf.endpoint.Endpoint cxfEndpoint =
> client.getEndpoint();
> cxfEndpoint.getOutInterceptors().add(soapInterceptor);
>
> cxfEndpoint.getOutInterceptors().add(new
> org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor());
>
> LOG.debug("Am I doing right!");
> return proxy;
> }
> }
>
> I am 100% sure, I am making some (or lot of) mistakes in the above code and
> I need help to get it fix.
>
>
> Can you please guide me in this? I apologize if its a trivial problem.
>
> I am stuck here. I think if i get thru with this then i wil have good idea
> about usage of cxf specific apis and can easily set other properties (like
> X.509 etc)
>
>
> Many Thanks in advance for your help.
>
> PS: sorry for long email.
>
> Best Regards,
> Rahul
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog