Hi Amir, Yes, CXF supports server-side WS-SecureConversation. You could take a look at the following system test to see how it works. The tests is here:
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/secconv/SecureConversationTest.java?view=markup The server WSDL with policy is here: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/secconv/DoubleItSecConv.wsdl?view=markup The server configuration is here: http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/secconv/server/server.xml?view=markup Colm. On Wed, Jan 4, 2012 at 3:43 PM, Amir Bahramian <[email protected]> wrote: > Could I ask a question. Does cxf support server side ws-secureconversation > (+ ws-trust)? > Does it interoperate with WCF? I found something in source repository but > not in binary. Is there > any document explaining how I can use it on server side? > > Thanks in advance. > > On Wed, Jan 4, 2012 at 10:24 AM, Daniel Kulp <[email protected]> wrote: > >> On Tuesday, January 03, 2012 1:17:15 PM danlee100 wrote: >> > After I upgraded CXF to 2.5.1, I am getting another error. It seems that >> > RequestSecurityToken is not recognized. >> >> This looks like a SecureConversation request. Does the wsdl define a ws- >> secureconverstation policy? >> >> Also, what cxf "jars" do you have on the classpath. You likely need the >> ws-policy, ws-security, ws-addressing jars. With 2.5, we did reduce >> some of >> the dependencies so you may need to add some of them back on if they are >> needed. >> >> Dan >> >> >> >> > >> > 2012-01-03 12:19:13,700 [MIND] WARN [http-192.168.168.51-80-1] >> > org.apache.cxf.phase.PhaseInterceptorChain.doLog(384) | Interceptor for >> > {http://schema.bli.org/}AssessmentDataService has thrown exception, >> > unwinding now >> > org.apache.cxf.interceptor.Fault: Message part >> > {http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityTokenwas >> > not recognized. (Does it exist in service WSDL?) >> > at >> > >> org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralI >> > nInterceptor.java:197) at >> > >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain >> > .java:263) at >> > >> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationOb >> > server.java:123) at >> > >> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDes >> > tination.java:207) at >> > >> org.apache.cxf.transport.servlet.ServletController.invokeDestination(Servlet >> > Controller.java:213) at >> > >> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController. >> > java:193) at >> > >> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServ >> > let.java:126) at >> > >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractH >> > TTPServlet.java:185) at >> > >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServ >> > let.java:108) at >> > javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at >> > >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPSer >> > vlet.java:164) >> > >> > >> > -- >> > View this message in context: >> > >> http://cxf.547215.n5.nabble.com/Re-General-security-error-Provided-SAML-tok >> > en-does-not-contain-a-suitable-key-tp4990489p5117995.html Sent from the >> > cxf-dev mailing list archive at Nabble.com. >> -- >> Daniel Kulp >> [email protected] - http://dankulp.com/blog >> Talend Community Coder - http://coders.talend.com >> -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
