Re: [WS-Security] JAXWS webservice client without using cxf specific apis

Fri, 29 May 2009 01:50:16 -0700 

Hi  Rahul,

rahul.soa wrote:

Is there any way if I can develop the jaxws client with ws-security support
without using cxf specific apis like org.apache.cxf.endpoint.Client and
org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
ws-security jars in CXF)
You could try defining a custom bus in an xml descriptor and specifying the security configuration there (using jaxws:client). Then you load your bus in the code. Never tried setting the client for ws-security with username token this way personally, but I believe it works. 


Otherwise you might switch the server on using WS-Security Policy, so 
that the configuration on client side is driven by the policies and you 
don't have to manually install interceptors using the API: 
http://cwiki.apache.org/CXF20DOC/ws-securitypolicy.html



Is there any sample code available for the same?

  

The bus specified can be loaded doing something like:

SpringBusFactory busFactory = new SpringBusFactory();

URL cxfConfig = getResourceURL("jaxws/cxf/interop/wstrust10/META-INF/" + 
scenario + "-client-config.xml");

bus = busFactory.createBus(cxfConfig);
BusFactory.setDefaultBus(bus);



Speaking of WS-Security Policy, instead, I've done that on top of JBoss, 
but it should basically work independently, it's a standard client after 
all: 
http://anonsvn.jboss.org/repos/jbossws/stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssePolicy/UsernameTestCase.java



I am trying the following code but it gives me a SOAPFaultException,


//quote

public static void main(String args[]) throws Exception
{
Service service=Service.create(new URL("
http://localhost:8095/orderapp/OrderProcess?wsdl";), new QName("
http://order.demo/";, "OrderProcessImplService"));
OrderProcess hw = service.getPort(OrderProcess.class);

Map outProps = new HashMap();

outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);

((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"ws-client");
((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"password");
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_TEXT);

Order order = new Order();
System.out.println(hw.processOrder(order));

}

//unquote

Exception:

Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: An error
was discovered processing the <wsse:Security> header
    at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
    at $Proxy34.processOrder(Unknown Source)
    at demo.order.client.CL.main(CL.java:74)
Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
processing the <wsse:Security> header
    a

I think you get this simply because the security interceptors are not 
installed.

Cheers
Alessio

--
Alessio Soldano
Web Service Lead
JBoss, a division of Red Hat























					Reply via email to