You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by nicky123 <va...@gmail.com> on 2013/06/20 07:28:09 UTC

Annotation based WS-SecurityPolicy throwing exception

Hello,

I am working on annotation base ws-securityPolicy and have the following
annotation on the service bean.
Note: using cxf version of 2.7.5

@WebService(endpointInterface = "com.apachecxf.services.HelloWorldService")
@Policy(uri = "policies/TestImplPolicy.xml")
@EndpointProperty(key="ws-security.ut.validator",
value="com.apachecxf.services.CustomUserTokenValidator")
public class HelloWorldServiceBean implements HelloWorldService {

	public String sayHello() {
		System.out.println("Hello World!!!");
		return "Hello my service is working";
	}

}

The bean configuration file have just the bean definition of the above bean.
Rest all required data is in place.

When I run this i get following exception
java.lang.ClassCastException: java.lang.String cannot be cast to
org.apache.ws.security.validate.Validator
from UsernameTokenProcessor at line

Validator validator = data.getValidator(WSSecurityEngine.USERNAME_TOKEN);

which gets the validator from UsernameTokenInterceptor.getPrincipal() method

On debugging, it seems that the CustomUserTokenValidator is not loaded via
annotation.

If the same example i did with bean configuration it works fine. Bean
configuration as follows
<bean id="helloWorldService"
class="com.apachecxf.services.HelloWorldServiceBean" />

 	<jaxws:endpoint id="helloWorld" 
 				 implementor="#helloWorldService" 
 				 address="/HelloWorld">	
		
 	<jaxws:properties>
    <entry key="ws-security.ut.validator" 
    	   value-ref="customUserTokenValidator" />
    </jaxws:properties>
    
    <jaxws:inInterceptors>
    	<ref bean="loggingInInterceptor" />	
	</jaxws:inInterceptors>
	<jaxws:outInterceptors>		
		<ref bean="logOutInterceptor" />
	</jaxws:outInterceptors> 
	                       	
 </jaxws:endpoint> 

Please advise for any missing step.



--
View this message in context: http://cxf.547215.n5.nabble.com/Annotation-based-WS-SecurityPolicy-throwing-exception-tp5729540.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Annotation based WS-SecurityPolicy throwing exception

Posted by Daniel Kulp <dk...@apache.org>.

At this point, the @EndpointProperty annotation can only be used to specify string properties, not classes or objects.  I just committed some updates to trunk/2.7.x that would allow it to ref a configured bean or create a bean if given a class and the bean has an appropriate constructor.  Might be worth giving it a try to see if that would work. 



On Jun 20, 2013, at 1:28 AM, nicky123 <va...@gmail.com> wrote:

> Hello,
> 
> I am working on annotation base ws-securityPolicy and have the following
> annotation on the service bean.
> Note: using cxf version of 2.7.5
> 
> @WebService(endpointInterface = "com.apachecxf.services.HelloWorldService")
> @Policy(uri = "policies/TestImplPolicy.xml")
> @EndpointProperty(key="ws-security.ut.validator",
> value="com.apachecxf.services.CustomUserTokenValidator")
> public class HelloWorldServiceBean implements HelloWorldService {
> 
> 	public String sayHello() {
> 		System.out.println("Hello World!!!");
> 		return "Hello my service is working";
> 	}
> 
> }
> 
> The bean configuration file have just the bean definition of the above bean.
> Rest all required data is in place.
> 
> When I run this i get following exception
> java.lang.ClassCastException: java.lang.String cannot be cast to
> org.apache.ws.security.validate.Validator
> from UsernameTokenProcessor at line
> 
> Validator validator = data.getValidator(WSSecurityEngine.USERNAME_TOKEN);
> 
> which gets the validator from UsernameTokenInterceptor.getPrincipal() method
> 
> On debugging, it seems that the CustomUserTokenValidator is not loaded via
> annotation.
> 
> If the same example i did with bean configuration it works fine. Bean
> configuration as follows
> <bean id="helloWorldService"
> class="com.apachecxf.services.HelloWorldServiceBean" />
> 
> 	<jaxws:endpoint id="helloWorld" 
> 				 implementor="#helloWorldService" 
> 				 address="/HelloWorld">	
> 		
> 	<jaxws:properties>
>    <entry key="ws-security.ut.validator" 
>    	   value-ref="customUserTokenValidator" />
>    </jaxws:properties>
> 
>    <jaxws:inInterceptors>
>    	<ref bean="loggingInInterceptor" />	
> 	</jaxws:inInterceptors>
> 	<jaxws:outInterceptors>		
> 		<ref bean="logOutInterceptor" />
> 	</jaxws:outInterceptors> 
> 	                       	
> </jaxws:endpoint> 
> 
> Please advise for any missing step.
> 
> 
> 
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Annotation-based-WS-SecurityPolicy-throwing-exception-tp5729540.html
> Sent from the cxf-user mailing list archive at Nabble.com.

-- 
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com