Re: CXF3 Server-side token validation issues

wangjlc Wed, 14 Jan 2015 17:53:46 -0800

*I found my configuration does not work in WS-context.XML, I will remove the
spring configuration Web.XML, which does not use a spring loaded,*



        <listener>
            
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>

  <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>WEB-INF/ws-context.xml,WEB-INF/beans.xml</param-value>
  </context-param>


 *but only to add the following code in the code, before the error was gone,
but sends a request using soapUI, server-side the following exception:*



                Server server = factory.create();
                Endpoint cxfEndpoint = server.getEndpoint();                    
        
                        
                
                Map<String, Object> props = new HashMap<String, Object>();  
                props.put("action", "UsernameToken");  
                props.put("passwordType", "PasswordText");  
                props.put("passwordCallbackClass", 
WsAuthHandler.class.getName());  
                WSS4JInInterceptor wss4JInInterceptor = new
WSS4JInInterceptor(props);  
                //factory.getInInterceptors().add(wss4JInInterceptor);
                
                cxfEndpoint.getInInterceptors().add(wss4JInInterceptor);




2015-1-14 16:04:00 org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://adapter.ws.mb.payment.dcfs.com/}IproviderconnectorService#{http://adapter.ws.mb.payment.dcfs.com/}doCommon
has thrown exception, unwinding now
Throwable occurred: org.apache.cxf.binding.soap.SoapFault: The message has
expired
        at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:809)
        at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:313)
        at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:93)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
        at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:243)
        at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:261)
        at
org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:70)
        at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1088)
        at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1024)
        at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
        at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
        at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
        at org.eclipse.jetty.server.Server.handle(Server.java:370)
        at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
        at
org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
        at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
        at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
        at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
        at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
        at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
        at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
        at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
        at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
        at java.lang.Thread.run(Thread.java:738)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: The message has
expired
        at
org.apache.wss4j.dom.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:172)
        at
org.apache.wss4j.dom.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:69)
        at
org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:427)
        at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:257)
        ... 23 more






*Are there any experts have been faced with such a problem, please advise,
thank you!*




--
View this message in context: 
http://cxf.547215.n5.nabble.com/CXF3-Server-side-token-validation-issues-tp5752544p5753050.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Re: CXF3 Server-side token validation issues

Reply via email to