Re: Copy all these properties to RMClient's message ?

Thu, 24 Apr 2014 04:29:24 -0700 

Hi Jim,
Which version of the code are you using? I've been working on combining WS-RM and WS-Security in the 3.0 code. There are still some pieces that need to be put in place (especially persisting the security properties so messages can be retransmitted), but the basic security+rm operation has been working for me in my tests. 

Regards,

  - Dennis

Dennis M. Sosnoski
Java Web Services Consulting <http://www.sosnoski.com/consult.html>

CXF and Web Services Security Training 
<http://www.sosnoski.com/training.html>

Web Services Jump-Start <http://www.sosnoski.com/jumpstart.html>

On 04/24/2014 06:40 PM, Jim Ma wrote:

Hi All,
When I tried to put all the security configuration properties in the
requestContext and call a service with both RM and security policy
enabled(like the service in WSRMWithWSSecurityPolicyTest) :
bp.getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new
KeystorePasswordCallback());
bp.getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,,
getResource("/META-INF/security-client.properties"));
....
This doesn't work as expected and there is exception thrown:
Failed to send RM protocol message {
http://schemas.xmlsoap.org/ws/2005/02/rm}CreateSequence.:
org.apache.cxf.interceptor.Fault: Security configuration could not be
detected. Potential cause: Make sure jaxws:client element with name
attribute value matching endpoint port is defined as well as a
ws-security.signature.properties element within it.

After I investigated the code, I saw all these ws-scurity configuration
properties are not copied into the new created message by RMClient which
initialized by RM interceptor.
That's the root cause for this failure.
I went back to look at jaxws spec about BindingProvider's requestContext
and it's scope. There isn't clue and detail to say if these properties
should be copied into the new created message like RM message from the
message which send out the real payload with user's setting though
requestContext.
Do you think we should copy them ? or What can do to support this easily?
Thanks in advance.

Jim

























					Reply via email to