You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by Maxime <on...@gmail.com> on 2011/07/27 10:32:56 UTC
CXF - SOAP Headers
Hi,
This is another thread about accessing the SOAP headers through CXF.
The purpose of my app : "Broadcast Authentificated & an Authorizated
resources from a Server to some customers".
I have done the Authentification part with SAML assertion & X509Certificate
-> it works pretty good.
But I'm stucked with the SOAP headers -> I only get the SOAP body.
I saw this issue in many threads but I haven't succeeded in resolving it.
>>> I wanna get the SOAP headers into a CXF-SE in order to do the
>>> authorization part (LDAP). <<<
Or is there any other solution ?
Apparently, SOAP headers could be obtained with :
SOAPMessage.getSOAPHeader() :
http://download.oracle.com/javase/6/docs/api/javax/xml/soap/SOAPMessage.html#getSOAPHeader()
JbiConstants.PROTOCOL_HEADERS :
http://servicemix.apache.org/common-headers.html
________________
What I'm using :
* smx 4.3.0
* cxf 2.0.7
* maven-compiler 1.5
* jbi-maven-plugin 4.3
* CXF-BC & CXF-SE interceptors
* WSDL2JAVA
Here's my code :
________________
CXF-BC.pom.xml :
----------------
<dependency>
<groupId>org.apache.servicemix</groupId>
<artifactId>servicemix-cxf-bc</artifactId>
<version>2010.01</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-bindings-soap</artifactId>
<version>${cxf-version}</version>
</dependency>
I'm not using any <map>.
CXF-BC.xbean.xml :
------------------
<cxfbc:consumer wsdl="classpath:service.wsdl"
targetService="LDataService:LabelledDataService"
targetInterface="LDataService:LabelledDataPortType">
<cxfbc:inInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
<bean class="corp.InInterceptor"/>
</cxfbc:inInterceptors>
<cxfbc:outInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
</cxfbc:outInterceptors>
</cxfbc:consumer>
I leave the CXF-BC-corp.InInterceptor.java blank if you have any suggestion.
I have tried several source codes and no one is working in my case so I'm
open to any suggestion.
=============
It's nearly the same thing for the CXF-SE side.
=============
What I get in the SMX-logs :
ID: 20
Address: /LabelledDataService/
Encoding: UTF-8
Content-Type: text/xml; charset=UTF-8
Headers: {content-type=[text/xml; charset=UTF-8], connection=[keep-alive],
Host=[localhost:8193], Content-Length=[3385], SOAPAction=[""],
User-Agent=[JAX-WS RI 2.2.3-b01-], Content-Type=[text/xml
; charset=UTF-8], Accept=[text/xml, multipart/related], Pragma=[no-cache],
Cache-Control=[no-cache]}
Payload: <?xml version="1.0" ?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<S:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
S:mustUnderstand="1">
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="..." IssueInstant="2011-07-26T15:05:25Z" Version="2.0">
<saml:Issuer>www.corp</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#...">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>...=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>...</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>...</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID>BigUser</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"></saml:SubjectConfirmation>
</saml:Subject>
</saml:Assertion>
<wsu:Timestamp wsu:Id="...">
<wsu:Created>2011-07-26T15:05:25Z</wsu:Created>
<wsu:Expires>2011-07-26T15:10:25Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="...">
<LabelledData
xmlns="http://csc/iam/esb/types"><identifier>001</identifier></LabelledData>
</S:Body>
</S:Envelope>
--------------------------------------
17:05:26,109 | INFO | ovider-thread-26 | AbstractLoggingInterceptor |
? ? | - - | Inbound Message
----------------------------
ID: 21
Content-Type: text/xml
Headers:
Payload:
<jbi:message xmlns:jbi="http://java.sun.com/xml/ns/jbi/wsdl-11-wrapper"
xmlns:msg="http://corp" type="msg:LabelledDataRequest"
name="LabelledDataRequest" version="1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<jbi:part><part:LabelledData
xmlns:part="http:/corp/types"><part:identifier>001</part:identifier></part:LabelledData></jbi:part>
</jbi:message>
--------------------------------------
17:05:26,125 | INFO | ovider-thread-26 | AbstractLoggingInterceptor |
? ? | - - | Outbound Message
---------------------------
ID: 21
Encoding: UTF-8
Content-Type: text/xml
Headers:
Payload:
<jbi:message xmlns:jbi="http://java.sun.com/xml/ns/jbi/wsdl-11-wrapper"
xmlns:msg="http://corp" type="msg:LabelledDataResponse">
<jbi:part><LabelledDataResponse
xmlns="http://corp/types"><codeResult>2</codeResult></LabelledDataResponse></jbi:part>
</jbi:message>
--------------------------------------
17:05:26,125 | INFO | qtp12819839-122 | AbstractLoggingInterceptor |
? ? | - - | Outbound Message
---------------------------
ID: 20
Encoding: UTF-8
Content-Type: text/xml
Headers: {}
Payload:
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><LabelledDataResponse
xmlns="http://corp/types"><codeResult>2</codeResult></LabelledDataResponse></soap:Body></soap:Envelope>
Thank you in advance.
Maxime.
--
View this message in context: http://servicemix.396122.n5.nabble.com/CXF-SOAP-Headers-tp4637980p4637980.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: CXF - SOAP Headers
Posted by Maxime <on...@gmail.com>.
Yep, this is exactly what I want to do.
& your answer in the other topic explains what I needed to know.
Thanks, from now on I get what I have to do ;)
--
View this message in context: http://servicemix.396122.n5.nabble.com/CXF-SOAP-Headers-tp4637980p4678041.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: CXF - SOAP Headers
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
If I understand correctly, your question is how to save and pass soap
security headers between cxf bc consumer and cxf se with NMR message?
If so, we've discussed this issue before and they may need take a
look[1]
[1]http://servicemix.396122.n5.nabble.com/How-to-access-username-principle-in-a-cxf-se-with-ws-security-td511856.html#a511872
Freeman
On 2011-7-27, at 下午4:32, Maxime wrote:
> Hi,
>
> This is another thread about accessing the SOAP headers through CXF.
>
>
> The purpose of my app : "Broadcast Authentificated & an Authorizated
> resources from a Server to some customers".
>
> I have done the Authentification part with SAML assertion &
> X509Certificate
> -> it works pretty good.
>
> But I'm stucked with the SOAP headers -> I only get the SOAP body.
> I saw this issue in many threads but I haven't succeeded in
> resolving it.
>
>
>>>> I wanna get the SOAP headers into a CXF-SE in order to do the
>>>> authorization part (LDAP). <<<
> Or is there any other solution ?
>
>
> Apparently, SOAP headers could be obtained with :
> SOAPMessage.getSOAPHeader() :
> http://download.oracle.com/javase/6/docs/api/javax/xml/soap/SOAPMessage.html#getSOAPHeader()
> JbiConstants.PROTOCOL_HEADERS :
> http://servicemix.apache.org/common-headers.html
>
>
> ________________
> What I'm using :
>
> * smx 4.3.0
> * cxf 2.0.7
> * maven-compiler 1.5
> * jbi-maven-plugin 4.3
> * CXF-BC & CXF-SE interceptors
> * WSDL2JAVA
>
>
>
> Here's my code :
> ________________
>
> CXF-BC.pom.xml :
> ----------------
> <dependency>
> <groupId>org.apache.servicemix</groupId>
> <artifactId>servicemix-cxf-bc</artifactId>
> <version>2010.01</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-bindings-soap</artifactId>
> <version>${cxf-version}</version>
> </dependency>
>
>
> I'm not using any <map>.
>
>
> CXF-BC.xbean.xml :
> ------------------
> <cxfbc:consumer wsdl="classpath:service.wsdl"
> targetService="LDataService:LabelledDataService"
> targetInterface="LDataService:LabelledDataPortType">
> <cxfbc:inInterceptors>
> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
>
> <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
>
> <bean class="corp.InInterceptor"/>
> </cxfbc:inInterceptors>
> <cxfbc:outInterceptors>
> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
> </cxfbc:outInterceptors>
> </cxfbc:consumer>
>
>
>
> I leave the CXF-BC-corp.InInterceptor.java blank if you have any
> suggestion.
> I have tried several source codes and no one is working in my case
> so I'm
> open to any suggestion.
>
>
> =============
> It's nearly the same thing for the CXF-SE side.
> =============
>
>
> What I get in the SMX-logs :
>
>
> ID: 20
> Address: /LabelledDataService/
> Encoding: UTF-8
> Content-Type: text/xml; charset=UTF-8
> Headers: {content-type=[text/xml; charset=UTF-8], connection=[keep-
> alive],
> Host=[localhost:8193], Content-Length=[3385], SOAPAction=[""],
> User-Agent=[JAX-WS RI 2.2.3-b01-], Content-Type=[text/xml
> ; charset=UTF-8], Accept=[text/xml, multipart/related], Pragma=[no-
> cache],
> Cache-Control=[no-cache]}
> Payload: <?xml version="1.0" ?>
> <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <S:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd
> "
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> S:mustUnderstand="1">
> <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
> ID="..." IssueInstant="2011-07-26T15:05:25Z" Version="2.0">
> <saml:Issuer>www.corp</saml:Issuer>
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></
> ds:CanonicalizationMethod>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></
> ds:SignatureMethod>
> <ds:Reference URI="#...">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></
> ds:Transform>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>...=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>...</ds:SignatureValue>
> <ds:KeyInfo>
> <ds:X509Data>
> <ds:X509Certificate>...</ds:X509Certificate>
> </ds:X509Data>
> </ds:KeyInfo>
> </ds:Signature>
> <saml:Subject>
> <saml:NameID>BigUser</saml:NameID>
> <saml:SubjectConfirmation
> Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"></
> saml:SubjectConfirmation>
> </saml:Subject>
> </saml:Assertion>
> <wsu:Timestamp wsu:Id="...">
> <wsu:Created>2011-07-26T15:05:25Z</wsu:Created>
> <wsu:Expires>2011-07-26T15:10:25Z</wsu:Expires>
> </wsu:Timestamp>
> </wsse:Security>
> </S:Header>
> <S:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="...">
> <LabelledData
> xmlns="http://csc/iam/esb/types"><identifier>001</identifier></
> LabelledData>
> </S:Body>
> </S:Envelope>
> --------------------------------------
> 17:05:26,109 | INFO | ovider-thread-26 |
> AbstractLoggingInterceptor |
> ? ? | - - | Inbound Message
> ----------------------------
> ID: 21
> Content-Type: text/xml
> Headers:
> Payload:
> <jbi:message xmlns:jbi="http://java.sun.com/xml/ns/jbi/wsdl-11-
> wrapper"
> xmlns:msg="http://corp" type="msg:LabelledDataRequest"
> name="LabelledDataRequest" version="1.0"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <jbi:part><part:LabelledData
> xmlns:part="http:/corp/types"><part:identifier>001</
> part:identifier></part:LabelledData></jbi:part>
> </jbi:message>
> --------------------------------------
> 17:05:26,125 | INFO | ovider-thread-26 |
> AbstractLoggingInterceptor |
> ? ? | - - | Outbound Message
> ---------------------------
> ID: 21
> Encoding: UTF-8
> Content-Type: text/xml
> Headers:
> Payload:
> <jbi:message xmlns:jbi="http://java.sun.com/xml/ns/jbi/wsdl-11-
> wrapper"
> xmlns:msg="http://corp" type="msg:LabelledDataResponse">
> <jbi:part><LabelledDataResponse
> xmlns="http://corp/types"><codeResult>2</codeResult></
> LabelledDataResponse></jbi:part>
> </jbi:message>
> --------------------------------------
> 17:05:26,125 | INFO | qtp12819839-122 |
> AbstractLoggingInterceptor |
> ? ? | - - | Outbound Message
> ---------------------------
> ID: 20
> Encoding: UTF-8
> Content-Type: text/xml
> Headers: {}
> Payload:
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/
> envelope/"><soap:Body><LabelledDataResponse
> xmlns="http://corp/types"><codeResult>2</codeResult></
> LabelledDataResponse></soap:Body></soap:Envelope>
>
>
> Thank you in advance.
>
> Maxime.
>
> --
> View this message in context: http://servicemix.396122.n5.nabble.com/CXF-SOAP-Headers-tp4637980p4637980.html
> Sent from the ServiceMix - User mailing list archive at Nabble.com.
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com