You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Nidhi Sharma <jo...@gmail.com> on 2013/04/25 20:21:22 UTC
Problem with UsernameToken
Hi,
I am trying to apply UsernameToken Security to my cxf webservice using
WSS4jInIterceptor.Here is my endpoint declaration:
<jaxws:endpoint id="ibis-webservice"
mplementor="org.ets.skm.oasys.webservice.event.EventNotificationBean"
address="/eventNotification">
<jaxws:inInterceptors>
<bean id="saajIn"
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
<bean id="wss4jIn"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText"/>
<entry key="passwordCallbackRef">
<ref bean="myPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
<bean id="saajOut"
class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
</jaxws:inInterceptors>
<jaxws:properties>
<entry key="ws-security.enable.nonce.cache" value="false" />
<entry key="ws-security.enable.timestamp.cache" value="false" />
<entry key="ws-security.is-bsp-compliant"
value="false"/>
</jaxws:properties>
</jaxws:endpoint>
I am invoking this webservice fron java client:
EventNotificationService ss = new EventNotificationService(wsdlURL,
SERVICE_NAME);
HeaderHandlerResolver handlerResolver = new HeaderHandlerResolver();
**ss.setHandlerResolver(handlerResolver);*ss.setHandlerResolver(handlerResolver);*
EventNotificationEndPoint port =
ss.getEventNotificationEndPointPort();
final Client proxy = ClientProxy.getClient(port);
final HTTPConduit conduit = (HTTPConduit) proxy.getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(1800000);
httpClientPolicy.setReceiveTimeout(1800000);
TLSClientParameters param = new TLSClientParameters();
param.setDisableCNCheck(true);
conduit.setTlsClientParameters(param);
conduit.setClient(httpClientPolicy);
org.ets.skm.oasys.webservice.event.Status _sendNotification__return
= port.sendNotification(info);
Using handlerResolver to create my SOAP message:
private static final String AUTH_NS =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
private static final String AUTH_PREFIX="wsse";
SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope();
SOAPHeader header = envelope.getHeader();
QName security = new QName(AUTH_NS, "Security", AUTH_PREFIX);
SOAPHeaderElement securitynHeader = header.addHeaderElement(security);
securitynHeader.setMustUnderstand(true);
SOAPFactory soapFactory = SOAPFactory.newInstance();
SOAPElement userNameTokenElm = soapFactory.createElement("UsernameToken",
AUTH_PREFIX,
AUTH_NS);
SOAPElement userNameElm = soapFactory.createElement("Username",
AUTH_PREFIX,
AUTH_NS);
userNameElm.addTextNode("TestUser");
SOAPElement passwdElm = soapFactory.createElement("Password",
AUTH_PREFIX,
AUTH_NS);
passwdElm.addTextNode("TestPassword");
userNameTokenElm.addChildElement(passwdElm);
userNameTokenElm.addChildElement(userNameElm);
securitynHeader.addChildElement(userNameTokenElm);
BUT my call come to WSS4jInInterceptor at server side and internally when it
is calling WSSecurityEngine.processSecurityHeader() it didn't find any
UsernameToken and related nodes so while calling Node node =
securityHeader.getFirstChild(); in this method it is returning null.
As I am adding UsernameToken in my request why at server side it cannot find
it and its throwing ActionMismatch WebService Exception.
Please help me as I am not able to understand the problem.
Nidhi
--
View this message in context: http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788.html
Sent from the cxf-user mailing list archive at Nabble.com.
RE: Problem with UsernameToken
Posted by Andrei Shakirin <as...@talend.com>.
Could you catch your request using TCP monitor / wire shark and post here?
> -----Original Message-----
> From: Nidhi Sharma [mailto:jobs.nidhi@gmail.com]
> Sent: Freitag, 26. April 2013 16:28
> To: users@cxf.apache.org
> Subject: RE: Problem with UsernameToken
>
> I tried with WSS4JOutInterceptor also but its giving me same problem .So its
> doesn't matter weather I create request using OutInterceptor or I am
> creating it manually. I think problem is with ReplayCache Configuration .
> I am not sure how its works , I read somewhere when request come to
> InInterceptor it only hold SecurityHeader and later at the time of binding it
> pick UsernameToken from cache.
> Its so confusing...
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Problem-
> with-UsernameToken-tp5726788p5726828.html
> Sent from the cxf-user mailing list archive at Nabble.com.
RE: Problem with UsernameToken
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
I would suggest to ask this on jboss mailing list.
META-INF/cxf/cxf.xml resource is inside cxf-rt-core-xxx.jar and normally should be on the classpath.
Regards,
Andrei.
> -----Original Message-----
> From: Nidhi Sharma [mailto:jobs.nidhi@gmail.com]
> Sent: Mittwoch, 8. Mai 2013 16:47
> To: users@cxf.apache.org
> Subject: Re: Problem with UsernameToken
>
> Hi,
>
> To make it work I installed jboss-ep-ws-cxf-5.1.0 installer and downgrade the
> cxf version to 2.2.12-patch02.
> Now as per our undersatnding we need not to include cxf related jars in EAR
> deployment So I removed these jars from my EAR and deployed to jboss but
> on deployment its giving error as its not able to find imported class path
> resource [META-INF/cxf/cxf.xml] specified in cxf.xml...
>
> Any idea on this...will be great help.
>
> Nidhi
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Problem-
> with-UsernameToken-tp5726788p5727437.html
> Sent from the cxf-user mailing list archive at Nabble.com.
Re: Problem with UsernameToken
Posted by Nidhi Sharma <jo...@gmail.com>.
Hi,
To make it work I installed jboss-ep-ws-cxf-5.1.0 installer and downgrade
the cxf version to 2.2.12-patch02.
Now as per our undersatnding we need not to include cxf related jars in EAR
deployment So I removed these jars from my EAR and deployed to jboss but on
deployment its giving error as its not able to find imported class path
resource [META-INF/cxf/cxf.xml] specified in cxf.xml...
Any idea on this...will be great help.
Nidhi
--
View this message in context: http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788p5727437.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Problem with UsernameToken
Posted by Nidhi Sharma <jo...@gmail.com>.
Got the thing I guess...JBossWs is the problem with CXF . when we removed the
jbossws.sar and jbossws.deployer, this security configuration is working
fine.
Can we do something to remove this conflict.
Nidhi
--
View this message in context: http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788p5727177.html
Sent from the cxf-user mailing list archive at Nabble.com.
RE: Problem with UsernameToken
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
Small correction to my answer: UsernameToken is defined as complex type with sequence containing first element Username (in oasis-200401-wss-wssecurity-secext-1.0.xsd).
Therefore order of Username and Password elements is important. Correct sample will be:
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-2">
<wsse:Username>alice</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">clarinet</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
Regards,
Andrei.
> -----Original Message-----
> From: Andrei Shakirin [mailto:ashakirin@talend.com]
> Sent: Dienstag, 30. April 2013 13:11
> To: users@cxf.apache.org
> Cc: jobs.nidhi@gmail.com
> Subject: RE: Problem with UsernameToken
>
> Hi,
>
> As far as I can see password type is missing in your request
> (Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> username-token-profile-1.0#PasswordText")
> The correct variant will look like:
>
> <wsse:Security xmlns:SOAP-
> ENV="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-wssecurity-secext-1.0.xsd"
> SOAP-ENV:mustUnderstand="1">
> <wsse:UsernameToken>
> <wsse:Password
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-
> 200401-wss-wssecurity-secext-1.0.xsd" Type="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
> 1.0#PasswordText">TestPassword</wsse:Password>
> <wsse:Username
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-
> 200401-wss-wssecurity-secext-1.0.xsd" >TestUser</wsse:Username>
> </wsse:UsernameToken>
> </wsse:Security>
>
> I would anyway recommend you to use WSS4JOutInterceptor or WS-Policy
> on the client side to create Security Token instead doing it manually in
> SOAPMessage.
>
> Regards,
> Andrei.
>
> > -----Original Message-----
> > From: Nidhi Sharma [mailto:jobs.nidhi@gmail.com]
> > Sent: Montag, 29. April 2013 19:54
> > To: users@cxf.apache.org
> > Subject: Re: Problem with UsernameToken
> >
> > Hi Daniel,
> >
> > Sorry for late reply....
> >
> > POST /eskm/services/eventNotification HTTP/1.1
> > Content-Type: text/xml; charset=UTF-8
> > Accept: */*
> > SOAPAction: ""
> > User-Agent: Apache CXF 2.6.5
> > Cache-Control: no-cache
> > Pragma: no-cache
> > Host: localhost:8081
> > Connection: keep-alive
> > Content-Length: 1544
> >
> > I looged this request while creating service throught java client.
> >
> > <soap:Envelope
> >
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header>
> > <wsse:Security
> > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> > wssecurity-secext-1.0.xsd"
> > SOAP-
> ENV:mustUnderstand="1"><wsse:UsernameToken><wsse:Password
> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> > wssecurity-secext-
> > 1.0.xsd">TestPassword</wsse:Password><wsse:Username
> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> > wssecurity-secext-
> >
> 1.0.xsd">TestUser</wsse:Username></wsse:UsernameToken></wsse:Secu
> > rity></soap:Header><soap:Body><ns1:sendNotification
> > xmlns:ns1="http://webservice.oasys.ets.org"><EventNotificationInfo_1
> >
> xmlns:ns2="http://webservice.oasys.ets.org/types"><sourceName>IBIS</s
> > ourceName><sourceType>ITEM
> >
> BANK</sourceType><eventType>ADMIN_FINALIZED</eventType><xmlDat
> > a><questestinterop><qticomment>Event
> > Notification XML</qticomment> <context> <generic_identifier>
> > <type_label>TestProgramCode</type_label>
> > <identifier_string>GRI</identifier_string> </generic_identifier>
> > <generic_identifier> <type_label>TestSubjectCode</type_label>
> > <identifier_string>GEN</identifier_string>
> > </generic_identifier><generic_identifier>
> > <type_label>TestAdminCode</type_label>
> > <identifier_string>20100917A</identifier_string>
> > </generic_identifier></context></questestinterop></xmlData></
> > Ev
> >
> entNotificationInfo_1></ns1:sendNotification></soap:Body></soap:Envelo
> > p
> > e>
> >
> > This is the request created by java client while calling the webservice.
> >
> > And below is the response M getting from server..
> > HTTP/1.1 500 Internal Server Error
> > Server: Apache-Coyote/1.1
> > X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
> > Content-Type: text/xml;charset=UTF-8
> > Content-Length: 361
> > Date: Mon, 29 Apr 2013 17:44:30 GMT
> > Connection: close
> >
> > <soap:Envelope
> >
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><s
> > oap:Fault><faultcode
> > xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> > wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode><faultstring
> > >An error was discovered processing the <wsse:Security>
> > header</faultstring></soap:Fault></soap:Body></soap:Envelope>
> >
> >
> > Will appreciate your help...on server side in its not able to find
> > UsernameToken.
> >
> > Nidhi
> >
> >
> >
> >
> >
> >
> > --
> > View this message in context: http://cxf.547215.n5.nabble.com/Problem-
> > with-UsernameToken-tp5726788p5726913.html
> > Sent from the cxf-user mailing list archive at Nabble.com.
RE: Problem with UsernameToken
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
As far as I can see password type is missing in your request (Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText")
The correct variant will look like:
<wsse:Security xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Password
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">TestPassword</wsse:Password>
<wsse:Username
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >TestUser</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
I would anyway recommend you to use WSS4JOutInterceptor or WS-Policy on the client side to create Security Token instead doing it manually in SOAPMessage.
Regards,
Andrei.
> -----Original Message-----
> From: Nidhi Sharma [mailto:jobs.nidhi@gmail.com]
> Sent: Montag, 29. April 2013 19:54
> To: users@cxf.apache.org
> Subject: Re: Problem with UsernameToken
>
> Hi Daniel,
>
> Sorry for late reply....
>
> POST /eskm/services/eventNotification HTTP/1.1
> Content-Type: text/xml; charset=UTF-8
> Accept: */*
> SOAPAction: ""
> User-Agent: Apache CXF 2.6.5
> Cache-Control: no-cache
> Pragma: no-cache
> Host: localhost:8081
> Connection: keep-alive
> Content-Length: 1544
>
> I looged this request while creating service throught java client.
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header>
> <wsse:Security
> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> wssecurity-secext-1.0.xsd"
> SOAP-ENV:mustUnderstand="1"><wsse:UsernameToken><wsse:Password
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> wssecurity-secext-
> 1.0.xsd">TestPassword</wsse:Password><wsse:Username
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> wssecurity-secext-
> 1.0.xsd">TestUser</wsse:Username></wsse:UsernameToken></wsse:Secu
> rity></soap:Header><soap:Body><ns1:sendNotification
> xmlns:ns1="http://webservice.oasys.ets.org"><EventNotificationInfo_1
> xmlns:ns2="http://webservice.oasys.ets.org/types"><sourceName>IBIS</s
> ourceName><sourceType>ITEM
> BANK</sourceType><eventType>ADMIN_FINALIZED</eventType><xmlDat
> a><questestinterop><qticomment>Event
> Notification XML</qticomment> <context> <generic_identifier>
> <type_label>TestProgramCode</type_label>
> <identifier_string>GRI</identifier_string> </generic_identifier>
> <generic_identifier> <type_label>TestSubjectCode</type_label>
> <identifier_string>GEN</identifier_string>
> </generic_identifier><generic_identifier>
> <type_label>TestAdminCode</type_label>
> <identifier_string>20100917A</identifier_string>
> </generic_identifier></context></questestinterop></xmlData></Ev
> entNotificationInfo_1></ns1:sendNotification></soap:Body></soap:Envelop
> e>
>
> This is the request created by java client while calling the webservice.
>
> And below is the response M getting from server..
> HTTP/1.1 500 Internal Server Error
> Server: Apache-Coyote/1.1
> X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
> Content-Type: text/xml;charset=UTF-8
> Content-Length: 361
> Date: Mon, 29 Apr 2013 17:44:30 GMT
> Connection: close
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><s
> oap:Fault><faultcode
> xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An
> error was discovered processing the <wsse:Security>
> header</faultstring></soap:Fault></soap:Body></soap:Envelope>
>
>
> Will appreciate your help...on server side in its not able to find
> UsernameToken.
>
> Nidhi
>
>
>
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Problem-
> with-UsernameToken-tp5726788p5726913.html
> Sent from the cxf-user mailing list archive at Nabble.com.
Re: Problem with UsernameToken
Posted by Nidhi Sharma <jo...@gmail.com>.
Hi Daniel,
Sorry for late reply....
POST /eskm/services/eventNotification HTTP/1.1
Content-Type: text/xml; charset=UTF-8
Accept: */*
SOAPAction: ""
User-Agent: Apache CXF 2.6.5
Cache-Control: no-cache
Pragma: no-cache
Host: localhost:8081
Connection: keep-alive
Content-Length: 1544
I looged this request while creating service throught java client.
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><wsse:Security
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
SOAP-ENV:mustUnderstand="1"><wsse:UsernameToken><wsse:Password
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">TestPassword</wsse:Password><wsse:Username
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">TestUser</wsse:Username></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body><ns1:sendNotification
xmlns:ns1="http://webservice.oasys.ets.org"><EventNotificationInfo_1
xmlns:ns2="http://webservice.oasys.ets.org/types"><sourceName>IBIS</sourceName><sourceType>ITEM
BANK</sourceType><eventType>ADMIN_FINALIZED</eventType><xmlData><questestinterop><qticomment>Event
Notification XML</qticomment> <context> <generic_identifier>
<type_label>TestProgramCode</type_label>
<identifier_string>GRI</identifier_string> </generic_identifier>
<generic_identifier> <type_label>TestSubjectCode</type_label>
<identifier_string>GEN</identifier_string>
</generic_identifier><generic_identifier>
<type_label>TestAdminCode</type_label>
<identifier_string>20100917A</identifier_string>
</generic_identifier></context></questestinterop></xmlData></EventNotificationInfo_1></ns1:sendNotification></soap:Body></soap:Envelope>
This is the request created by java client while calling the webservice.
And below is the response M getting from server..
HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
Content-Type: text/xml;charset=UTF-8
Content-Length: 361
Date: Mon, 29 Apr 2013 17:44:30 GMT
Connection: close
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode
xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An
error was discovered processing the <wsse:Security>
header</faultstring></soap:Fault></soap:Body></soap:Envelope>
Will appreciate your help...on server side in its not able to find
UsernameToken.
Nidhi
--
View this message in context: http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788p5726913.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Problem with UsernameToken
Posted by Daniel Kulp <dk...@apache.org>.
Can you use wireshark or similar to see what the raw message is coming into CXF? LIkely even enabling the logging interceptors could show that. That would at least help figure out if the issue is on the client or server side.
Dan
On Apr 26, 2013, at 10:28 AM, Nidhi Sharma <jo...@gmail.com> wrote:
> I tried with WSS4JOutInterceptor also but its giving me same problem .So its
> doesn't matter weather I create request using OutInterceptor or I am
> creating it manually. I think problem is with ReplayCache Configuration .
> I am not sure how its works , I read somewhere when request come to
> InInterceptor it only hold SecurityHeader and later at the time of binding
> it pick UsernameToken from cache.
> Its so confusing...
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788p5726828.html
> Sent from the cxf-user mailing list archive at Nabble.com.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
RE: Problem with UsernameToken
Posted by Nidhi Sharma <jo...@gmail.com>.
I tried with WSS4JOutInterceptor also but its giving me same problem .So its
doesn't matter weather I create request using OutInterceptor or I am
creating it manually. I think problem is with ReplayCache Configuration .
I am not sure how its works , I read somewhere when request come to
InInterceptor it only hold SecurityHeader and later at the time of binding
it pick UsernameToken from cache.
Its so confusing...
--
View this message in context: http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788p5726828.html
Sent from the cxf-user mailing list archive at Nabble.com.
RE: Problem with UsernameToken
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
What is the reason to compose UsernameToken SOAP header request manually instead using WSS4JOutInterceptor or WS-Policy on the client side?
You can find details in ws_security/ut sample of CXF distribution or in Glen Mazza's blog: http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile.
Regards,
Andrei.
> -----Original Message-----
> From: Nidhi Sharma [mailto:jobs.nidhi@gmail.com]
> Sent: Donnerstag, 25. April 2013 20:21
> To: users@cxf.apache.org
> Subject: Problem with UsernameToken
>
> Hi,
>
> I am trying to apply UsernameToken Security to my cxf webservice using
> WSS4jInIterceptor.Here is my endpoint declaration:
> <jaxws:endpoint id="ibis-webservice"
> mplementor="org.ets.skm.oasys.webservice.event.EventNotificationBean"
>
> address="/eventNotification">
> <jaxws:inInterceptors>
> <bean id="saajIn"
> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
> <bean id="wss4jIn"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> <constructor-arg>
> <map>
> <entry key="action"
> value="UsernameToken"/>
> <entry
> key="passwordType" value="PasswordText"/>
> <entry
> key="passwordCallbackRef">
> <ref
> bean="myPasswordCallback" />
> </entry>
> </map>
> </constructor-arg>
> </bean>
> <bean id="saajOut"
> class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
> </jaxws:inInterceptors>
> <jaxws:properties>
> <entry key="ws-
> security.enable.nonce.cache" value="false" />
> <entry key="ws-
> security.enable.timestamp.cache" value="false" />
> <entry key="ws-security.is-bsp-compliant"
> value="false"/>
> </jaxws:properties>
> </jaxws:endpoint>
>
> I am invoking this webservice fron java client:
> EventNotificationService ss = new EventNotificationService(wsdlURL,
> SERVICE_NAME);
> HeaderHandlerResolver handlerResolver = new
> HeaderHandlerResolver();
>
> **ss.setHandlerResolver(handlerResolver);*ss.setHandlerResolver(handlerR
> esolver);*
> EventNotificationEndPoint port =
> ss.getEventNotificationEndPointPort();
>
> final Client proxy = ClientProxy.getClient(port);
> final HTTPConduit conduit = (HTTPConduit)
> proxy.getConduit();
> HTTPClientPolicy httpClientPolicy = new
> HTTPClientPolicy();
> httpClientPolicy.setConnectionTimeout(1800000);
> httpClientPolicy.setReceiveTimeout(1800000);
> TLSClientParameters param = new
> TLSClientParameters();
> param.setDisableCNCheck(true);
> conduit.setTlsClientParameters(param);
> conduit.setClient(httpClientPolicy);
> org.ets.skm.oasys.webservice.event.Status _sendNotification__return =
> port.sendNotification(info);
>
> Using handlerResolver to create my SOAP message:
> private static final String AUTH_NS =
> "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
> secext-1.0.xsd";
>
> private static final String AUTH_PREFIX="wsse";
>
> SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope();
> SOAPHeader header = envelope.getHeader(); QName security =
> new QName(AUTH_NS, "Security", AUTH_PREFIX);
> SOAPHeaderElement securitynHeader =
> header.addHeaderElement(security);
> securitynHeader.setMustUnderstand(true);
> SOAPFactory soapFactory =
> SOAPFactory.newInstance(); SOAPElement userNameTokenElm =
> soapFactory.createElement("UsernameToken",
> AUTH_PREFIX,
> AUTH_NS);
> SOAPElement userNameElm =
> soapFactory.createElement("Username",
> AUTH_PREFIX,
> AUTH_NS);
> userNameElm.addTextNode("TestUser");
> SOAPElement passwdElm =
> soapFactory.createElement("Password",
> AUTH_PREFIX,
> AUTH_NS);
> passwdElm.addTextNode("TestPassword");
>
> userNameTokenElm.addChildElement(passwdElm);
>
> userNameTokenElm.addChildElement(userNameElm);
>
> securitynHeader.addChildElement(userNameTokenElm);
>
>
> BUT my call come to WSS4jInInterceptor at server side and internally when it
> is calling WSSecurityEngine.processSecurityHeader() it didn't find any
> UsernameToken and related nodes so while calling Node node =
> securityHeader.getFirstChild(); in this method it is returning null.
>
> As I am adding UsernameToken in my request why at server side it cannot
> find it and its throwing ActionMismatch WebService Exception.
>
> Please help me as I am not able to understand the problem.
>
> Nidhi
>
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/Problem-
> with-UsernameToken-tp5726788.html
> Sent from the cxf-user mailing list archive at Nabble.com.