Thanks a lot! All wssec11 client tests now runs fine in my environment! I will look into the details later.
Please feel free to let me know when other parts are ready for external "bleeding edge" testing ;-) Regards, Magnus. On Mon, Feb 9, 2009 at 10:48 PM, Daniel Kulp <[email protected]> wrote: > > > Any suggestions on how to proceed? > > I probably messed something up in wssec11 while working on the > trust/sec-conv > stuff. I committed more changes this morning. I just ran the wssec11 UX > test and it completed fine. Thus, if you could give it another try, that > would be great. > > Thanks! > Dan > > > On Fri February 6 2009 11:59:02 am Magnus Larsson wrote: > > Hello again! > > > > I gave the wssec11 - client a try but got into trouble that you might be > > able to help me sort out: > > > > I checkedout CXF from trunk and built it with: > > mvn -Pfastinstall source:jar clean install > > > > Then I checked out the interopfest folder and built it with: > > mvn install > > > > Finally I downloaded JCE for JDK6 and replaced the files in lib/security > > > > But when I run the client under JDK 6 I get the following errors: > > mvn -Pclient -Dtest.method=UX > > . > > . > > . > > INFO: Creating Service > > {http://InteropBaseAddress/interop}PingService11<http://InteropBaseAddress/interop%7DPingService11> > > from WSDL: > > > file:/Users/magnuslarsson/Documents/projects/cxf/svn/interopfest/wssec11/ta > >rget/wsdl2/WsSecurity11.wsdl 2009-feb-06 17:45:31 > > org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl build > > VARNING: No assertion builder for type { > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequireThumbprintRefer<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DRequireThumbprintRefer> > >enceregistered. 2009-feb-06 17:45:31 > > org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl build > > VARNING: No assertion builder for type { > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}WssX509V3Token10regist<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DWssX509V3Token10regist> > >ered. 2009-feb-06 17:45:31 > > org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl build > > VARNING: No assertion builder for type { > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}IncludeTimestampregist<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DIncludeTimestampregist> > >ered. 2009-feb-06 17:45:31 > > org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl build > > VARNING: No assertion builder for type { > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}OnlySignEntireHeadersA<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DOnlySignEntireHeadersA> > >ndBodyregistered. 2009-feb-06 17:45:31 > > com.sun.xml.messaging.saaj.soap.ver1_2.Fault1_2Impl > > checkIfStandardFaultCode > > ALLVARLIG: SAAJ0435: > > {http://cxf.apache.org/faultcode}HandlerFault<http://cxf.apache.org/faultcode%7DHandlerFault>is > > not a > > standard Code value > > UX: Exception: javax.xml.ws.soap.SOAPFaultException: None of the policy > > alternatives can be satisfied. > > > > Any suggestions on how to proceed? > > > > Regards, > > Magnus. > > > > On Tue, Feb 3, 2009 at 7:04 PM, Daniel Kulp <[email protected]> wrote: > > > On Tue February 3 2009 12:45:09 pm Magnus Larsson wrote: > > > > Hello Daniel and many thanks! > > > > > > > > Whatever you have ready for us we will take and try out! > > > > > > > > I'll start on your CXF v2.2 examples tomorrow! > > > > (I just downloaded the 2.2-SNAPSHOT to start with :-) > > > > > > > > It sems like you have WS-Trust samples ready as well on > > > > http://svn.apache.org/repos/asf/cxf/sandbox/interopfest/? > > > > WS-Trust will also be required further on but if we can demonstrate > > > > > > working > > > > > > > interop with WS-Trust already now that's great! > > > > > > The WS-Trust stuff is also a "work in progress". :-) Right now, it > > > requires a bit more configuration and manual intervention to get it to > > > work. > > > Much of what the sample there is doing should be automatic. The first > > > priority is "get it working". The second priority is "get it working > > > automatically". I'm about to start on the second part so it will be > > > changing > > > a bit. > > > > > > Basically, the runtime should be able to see that there is an > IssuedToken > > > token in the policy and setup the STS client automatically from that. > > > (likewise for the SecureConversationToken). There should just be a > few > > > properties needed to fill in the gaps, not a whole STSClient config > bean > > > in the config. > > > > > > Dan > > > > > > > If you need an early "external" tester for your server side parts > later > > > > > > on > > > > > > > let me know! > > > > > > > > Regards, > > > > Magnus. > > > > > > > > On Tue, Feb 3, 2009 at 5:52 PM, Daniel Kulp <[email protected]> > wrote: > > > > > On Tue February 3 2009 3:09:30 am Magnus Larsson wrote: > > > > > > We have been struggling for a while trying to get CXF and WCF to > > > > > > interop using encryption and digital signing according to > > > > > > WS-Security but without any success. Depending on various > settings > > > > > > (...) in CXF > > > > > > and > > > > > > > > > WCF we can > > > > > > > > > > get > > > > > > > > > > > various pieces working but we have never succeded to get it > working > > > > > > 100%. > > > > > > > > > > > > Does anyone have an example of successfull setup of CXF and WCF > for > > > > > > this scenrio? > > > > > > It would be most welcome to have as a starting point... > > > > > > > > > > Is WCF the server or the client? Aka: is this a cxf client > hitting > > > > > a secure > > > > > WCF server or the other way around? > > > > > > > > > > If it's a CXF client and you are willing to play around with the > 2.2 > > > > > snapshots, I have great examples for you. :-) > > > > > http://svn.apache.org/repos/asf/cxf/sandbox/interopfest/ > > > > > With 2.2, we'll support the WS-SecurityPolicy policy descriptions > > > > > that WCF can > > > > > put in the wsdl. All that will be required is a few properties on > > > > > the client > > > > > (like the usernames, password, keystores, etc...) to fill in the > > > > > > details. > > > > > > > > The server side parts aren't fully there yet. We're beginning to > > > > > work > > > > > > on > > > > > > > > that > > > > > a bit now. However, it should be fairly similar to setup. Just > > > > > properties > > > > > on the endpoints. > > > > > > > > > > -- > > > > > Daniel Kulp > > > > > [email protected] > > > > > http://www.dankulp.com/blog > > > > > > -- > > > Daniel Kulp > > > [email protected] > > > http://www.dankulp.com/blog > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog >
