You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Glen Mazza (JIRA)" <ji...@apache.org> on 2012/06/16 20:16:42 UTC
[jira] [Commented] (CXF-4054) Unclear error messages given if
client policy configuration can't be found.
[ https://issues.apache.org/jira/browse/CXF-4054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393359#comment-13393359 ]
Glen Mazza commented on CXF-4054:
---------------------------------
The patch I just attached better separates, for this type of config file: https://github.com/gmazza/blog-samples/blob/master/cxf_x509_profile_secpol/client/src/main/resources/cxf.xml, the case where (1) the jaxws:client element was missing or otherwise not tied to the endpoint properly via its name attribute vs. (2) just a missing ws-security.signature.username or org.apache.ws.security.crypto.merlin.keystore.alias value. Main concern I have is the message for (1):
+ policyNotAsserted(token, "Security configuration could not be detected. "
+ + "Potential cause: Make sure jaxws:client element with name "
+ + "attribute value matching endpoint port is defined as well as a "
+ + SecurityConstants.SIGNATURE_PROPERTIES + " element within it.");
+ return null;
I'm not sure how many other configuration elements besides jaxws:client this part of the error handling would be relavant for. If it's just jaxws:client, the patch is probably good-to-go, else I may need to make the message more generic.
> Unclear error messages given if client policy configuration can't be found.
> ---------------------------------------------------------------------------
>
> Key: CXF-4054
> URL: https://issues.apache.org/jira/browse/CXF-4054
> Project: CXF
> Issue Type: Bug
> Reporter: Glen Mazza
> Assignee: Glen Mazza
> Priority: Minor
> Attachments: CXF4054.patch
>
>
> Dennis has noted: http://cxf.547215.n5.nabble.com/Invalid-property-bus-of-bean-class-error-Spring-problem-tp5163771p5165056.html
> With this tutorial: http://www.jroller.com/gmazza/entry/cxf_x509_profile_secpol, in particular, the WSC config file within it:
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:jaxws="http://cxf.apache.org/jaxws"
> xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
> http://cxf.apache.org/jaxws
> http://cxf.apache.org/schemas/jaxws.xsd">
> <jaxws:client name="{http://www.example.org/contract/DoubleIt}DoubleItPort" createdFromAPI="true">
> <jaxws:properties>
> <entry key="ws-security.callback-handler" value="client.ClientKeystorePasswordCallback"/>
> <entry key="ws-security.encryption.properties" value="clientKeystore.properties"/>
> <entry key="ws-security.signature.properties" value="clientKeystore.properties"/>
> <entry key="ws-security.encryption.username" value="myservicekey"/>
> </jaxws:properties>
> </jaxws:client>
> </beans>
> Usage of an incorrect port name in the "name" attribute of the jaxws:client element gives unhelpful/confusing error messages.
> If the port name doesn't exist at all (e.g., "{http://www.example.org/contract/DoubleIt}DoubleItXYZ"), the reader gets this error:
> WARNING: Interceptor for {http://www.example.org/contract/DoubleIt}DoubleItService#{http://www.example.org/contract/DoubleIt}DoubleIt has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: No signature username found.
> at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:172)
> at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:96)
> at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:164)
> at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:88)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:519)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:449)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:352)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:304)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
> at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
> at $Proxy24.doubleIt(Unknown Source)
> at client.WSClient.doubleIt(WSClient.java:28)
> at client.WSClient.main(WSClient.java:21)
> I'm not sure what should be done in this case -- because a non-matching port name like the above should indeed be ignored (as it could refer to another port in another WSDL), but perhaps a clearer error given that no configuration was provided for the client endpoint for the port being used.
> If the service name was erroneously used instead of the port name, this error is given:
> Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name '{http://www.example.org/contract/DoubleIt}DoubleItService': Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'bus' of bean class [org.apache.cxf.service.ServiceImpl]: Bean property 'bus' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1361)
> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1086)
> Here, an error message given that the port, and not the service name, should be referred to.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira