You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by sonusmile01 <so...@gmail.com> on 2014/10/27 16:40:28 UTC
Issue with adding wsse:security header in Apache Camel Route
I am using
camel: 2.12.1
spring: 4.0.5.RELEASE
CXF : 2.7.13
My goal is to deliver a soap message with wsse:security header(as mentioned
below) in Payload mode from my camel router to some endpoint.
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken
wsu:Id="UsernameToken-D5896C4D7E4684BCF8141101393698197">
<wsse:Username><xsl:value-of select="User" /></wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"><xsl:value-of
select="password" /></wsse:Password>
<wsu:Created><xsl:value-of select="$START_TIME" /></wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
To achieve this, I have created a config file which has the below entry
<jaxws:client name="{http://com.abc/CallingService}CallingService"
createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.username" value= "User" />
<entry key="ws-security.password" value="password" />
</jaxws:properties>
</jaxws:client>
But not sure how can I use this file or call this somewhere in route or some
other spring config file , so that I can have a soap header in my out going
message.
I am currently getting the exception
org.apache.cxf.ws.policy.PolicyException: No username available
at
org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.policyNotAsserted(AbstractTokenInterceptor.java:229)
~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:361)
~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addToken(UsernameTokenInterceptor.java:307)
~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at
org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:95)
~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at
org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61)
~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
My wsdl's policy is as below:
<wsp:Policy wsu:Id="EndpointSecurityPolicy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy>
<sp:RequireClientCertificate/>
</wsp:Policy>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken>
<wsp:Policy>
<sp:NoPassword/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken>
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
--
View this message in context: http://camel.465427.n5.nabble.com/Issue-with-adding-wsse-security-header-in-Apache-Camel-Route-tp5758106.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Issue with adding wsse:security header in Apache Camel Route
Posted by sonusmile01 <so...@gmail.com>.
Hi Charles,
Thanks for your reply.
I already have tried using usernametoken in camel spring xml as mentioned in
the first link you shared. Also, i can see what is being done in the
testUsernameToken unit test as per second link.
However, I'm really confused how do i specify the cxf endpoint in Camel
after i have done the changes as per step 1.
For example, the way i do it in my camel Route class is something like this:
.toF("cxf://http://<service-endpoint>/?wsdlUrl=wsdl/myservice.wsdl&dataFormat=PAYLOAD")
So should this route still look like above or do i need to refer in some way
to the endpoint configured in the camel spring xml?
Regards
--
View this message in context: http://camel.465427.n5.nabble.com/Issue-with-adding-wsse-security-header-in-Apache-Camel-Route-tp5758106p5758211.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: Issue with adding wsse:security header in Apache Camel Route
Posted by Charles Moulliard <ch...@gmail.com>.
Hi,
I suggest to have a look to this Apache Camel Unit test to see how Camel +
CXF & Security should be used together :
https://github.com/apache/camel/blob/master/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java
https://github.com/apache/camel/blob/master/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml
CXF doc could be also very helful :
http://cxf.apache.org/docs/ws-security.html
Regards,
On Mon, Oct 27, 2014 at 4:40 PM, sonusmile01 <so...@gmail.com> wrote:
> I am using
> camel: 2.12.1
> spring: 4.0.5.RELEASE
> CXF : 2.7.13
>
> My goal is to deliver a soap message with wsse:security header(as mentioned
> below) in Payload mode from my camel router to some endpoint.
>
> <wsse:Security soapenv:mustUnderstand="1"
>
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
>
> <wsse:UsernameToken
> wsu:Id="UsernameToken-D5896C4D7E4684BCF8141101393698197">
> <wsse:Username><xsl:value-of select="User"
> /></wsse:Username>
> <wsse:Password
>
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> "><xsl:value-of
> select="password" /></wsse:Password>
> <wsu:Created><xsl:value-of select="$START_TIME"
> /></wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
>
> To achieve this, I have created a config file which has the below entry
>
> <jaxws:client name="{http://com.abc/CallingService}CallingService"
> createdFromAPI="true">
> <jaxws:properties>
> <entry key="ws-security.username" value= "User" />
> <entry key="ws-security.password" value="password" />
> </jaxws:properties>
> </jaxws:client>
>
> But not sure how can I use this file or call this somewhere in route or
> some
> other spring config file , so that I can have a soap header in my out going
> message.
>
> I am currently getting the exception
>
> org.apache.cxf.ws.policy.PolicyException: No username available
> at
>
> org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.policyNotAsserted(AbstractTokenInterceptor.java:229)
> ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
> at
>
> org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:361)
> ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
> at
>
> org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addToken(UsernameTokenInterceptor.java:307)
> ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
> at
>
> org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:95)
> ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
> at
>
> org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61)
> ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
>
> My wsdl's policy is as below:
>
> <wsp:Policy wsu:Id="EndpointSecurityPolicy"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:TransportBinding>
> <wsp:Policy>
> <sp:TransportToken>
> <wsp:Policy>
> <sp:HttpsToken>
> <wsp:Policy>
> <sp:RequireClientCertificate/>
> </wsp:Policy>
> </sp:HttpsToken>
> </wsp:Policy>
> </sp:TransportToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:IncludeTimestamp/>
> </wsp:Policy>
> </sp:TransportBinding>
> <sp:SupportingTokens>
> <wsp:Policy>
> <sp:UsernameToken>
> <wsp:Policy>
> <sp:NoPassword/>
> </wsp:Policy>
> </sp:UsernameToken>
> </wsp:Policy>
> </sp:SupportingTokens>
> </wsp:All>
> <wsp:All>
> <sp:TransportBinding>
> <wsp:Policy>
> <sp:TransportToken>
> <wsp:Policy>
> <sp:HttpsToken>
> <wsp:Policy/>
> </sp:HttpsToken>
> </wsp:Policy>
> </sp:TransportToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:IncludeTimestamp/>
> </wsp:Policy>
> </sp:TransportBinding>
> <sp:SupportingTokens>
> <wsp:Policy>
> <sp:UsernameToken>
> <wsp:Policy>
> <sp:WssUsernameToken11/>
> </wsp:Policy>
> </sp:UsernameToken>
> </wsp:Policy>
> </sp:SupportingTokens>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/Issue-with-adding-wsse-security-header-in-Apache-Camel-Route-tp5758106.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
--
Charles Moulliard
Apache Committer / Architect @RedHat
Twitter : @cmoulliard | Blog : http://cmoulliard.github.io