Hello Daniel, Thank you for your quick response. Indeed you are right. I have fixed the program and tested with the hard-coded values and it runs :) Now, I can work on it and make it proper.
Thanks again. Best Regards, Rahul On Mon, Jun 29, 2009 at 6:42 PM, Daniel Kulp <[email protected]> wrote: > > It LOOKS like the WSS4JOutInterceptor isn't being added to the client side > as > there isn't a security header in the message going out. From the code, > you > are adding the SAAJOut stuff, but not the WSS4JOut. Is that as intended? > > Dan > > On Sun June 28 2009 12:21:24 pm rahul.soa wrote: > > Hello Devs, > > > > First of all, I apologize if the below questions are trivial. > > > > I need some help in setting basic usernameToken Property for Geronimo > (for > > CXF). I did add the username token property elements in the schema and > > generated the required classes by mvn install. And Geronimo is able to > > accept this "usertoken" element which users define in the > geronimo-web.xml. > > (but I think I have not well configured this in Geronimo) > > > > <service-ref> > > <service-ref-name>services/HelloWorld</service-ref-name> > > <port> > > <port-name>HelloWorldImplPort</port-name> > > <protocol>http</protocol> > > <host>localhost</host> > > <port>8080</port> > > <uri>/ServiceG/HelloWorld</uri> > > * <usertoken> > > <username>ws-client</username> > > <password>password</password> > > </usertoken>* > > </port> > > </service-ref> > > > > * I am testing it with a servlet client which is trying to access the > > secured service (with username and password) running on tomcat server. > > > > Here is the servlet client code: > > > > > > public class HelloServlet extends HttpServlet { > > public void doGet (HttpServletRequest req, > > HttpServletResponse res) > > throws ServletException, IOException > > { > > PrintWriter out = res.getWriter(); > > try { > > InitialContext ic=new InitialContext(); > > Service service; > > service = > (Service)ic.lookup("java:comp/env/services/HelloWorld"); > > QName svcQname=new QName("http://service.web/ > > ","HelloWorldImplPort"); > > > > HelloWorld hw=service.getPort(HelloWorld.class); > > String greeting=hw.sayHi("Rahul"); > > out.println(greeting); > > } catch (NamingException e) { > > // TODO Auto-generated catch block > > e.printStackTrace(); > > } > > > > out.close(); > > } > > } > > > > Now, I am coding to configure this above ws-security userToken propery > with > > CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to > > configure this. I am trying to write a CXF specific PortMethodInterceptor > > class extended from (jaxws's PortMethodInterceptor) but not sure what > CXF > > apis I can use to configure the usertoken. > > > > I start with the received error (pasted from geronimo.log) with some > debug > > statements: > > > > .... > > ... > > > > 2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for > > application context > > [org.apache.cxf.bus.spring.busapplicationcont...@1ccad1e]: > > > org.springframework.beans.factory.support.defaultlistablebeanfact...@d6ae95 > > 2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory] > > Pre-instantiating singletons in > > > org.springframework.beans.factory.support.defaultlistablebeanfact...@d6ae95 > >: defining beans > > > [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp > > >ring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanP > > >ostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache. > > >cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apa > > >che.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFa > > >ctoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf > > >.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue > > >.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache > > >.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager, > > >org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.htt > > >p.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org. > > >apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager, > > >org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo. > > >cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceCont > > >extResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.a > >pache.cxf.transport.http.policy.HTTPClientAssertionBuilder, > org.apache.cxf.tr > > >ansport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http > > >.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOn > > >lyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.ap > > >ache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.custo > >mEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory, > org.apache.cx > > >f.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressi > > >ng.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.p > >olicy.UsingAddressingAssertionBuilder]; root of factory hierarchy > > > > *2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in > > getPortMethodInterceptor, called from CXFServiceReference: > > 2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the > > seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null > false > > ws-client password, http://localhost:8080/ServiceG/HelloWorld null false > > ws-client password] > > 2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing > service > > with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl > { > > http://service.web/}HelloWorldImplService<http://service.web/%7DHelloWorldImplService> > > 2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in > intercept > > method of CXFPortMethodInterceptor! > > 2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is: > > passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld > > 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address > property: > > http://localhost:8080/ServiceG/HelloWorld > > *2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username > > property: ws-client > > 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username > > property: password* > > 2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing > right! > > 2009-06-28 16:41:21,010 INFO [SAAJFactoryFinder] Default SAAJ universe > not > > set > > 2009-06-28 16:41:22,947 ERROR [log] /invoke/hello > > javax.xml.ws.soap.SOAPFaultException: An error was discovered processing > > the <wsse:Security> header > > at > > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145) > > at $Proxy66.sayHi(Unknown Source) > > at HelloServlet.doGet(HelloServlet.java:58) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:693) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) > > at > > org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:521) > > at > > > org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyS > >ervletHolder.java:60) at > > > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:435) > > at > > > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11 > >8) at > > > org.eclipse.jetty.server.session.SessionHandler.handle(SessionHandler.java: > >179) at > > > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.jav > >a:928) at > > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:370) > > at > > > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java > >:862) at > > > org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebApp > >Context.java:114) at > > > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:11 > >6) at > > > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHan > >dlerCollection.java:243) at > > > org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection > >.java:126) at > > > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java: > >115) at org.eclipse.jetty.server.Server.handle(Server.java:330) > > at > > > org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:5 > >57) at > > > org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpC > >onnection.java:933) at > > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:530) at > > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:203) at > > org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:413) > > at > > > org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.ja > >va:438) at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214) > at > > > org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPo > >ol.java:344) at > > > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.j > >ava:886) at > > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java: > >908) at java.lang.Thread.run(Thread.java:619) > > Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered > > processing the <wsse:Security> header > > at > > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF > >ault(Soap11FaultInInterceptor.java:75) at > > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess > >age(Soap11FaultInInterceptor.java:46) at > > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess > >age(Soap11FaultInInterceptor.java:35) at > > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai > >n.java:226) at > > > org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab > >stractFaultChainInitiatorObserver.java:96) at > > > org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage > >(CheckFaultInterceptor.java:69) at > > > org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage > >(CheckFaultInterceptor.java:34) at > > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai > >n.java:226) at > > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641) at > > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons > >eInternal(HTTPConduit.java:2102) at > > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons > >e(HTTPConduit.java:1980) at > > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon > >duit.java:1905) at > > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) > > at > > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:600) at > > > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte > >rceptor.handleMessage(MessageSenderInterceptor.java:62) at > > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai > >n.java:226) at > > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469) at > > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) at > > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) at > > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at > > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > > ... 29 more > > 2009-06-28 17:11:14,685 INFO [XSRFHandler] Removed destroyed > > sessionId=jm4124n35l4g > > 2009-06-28 17:11:14,687 INFO [XSRFHandler] Removed destroyed > > sessionId=jm4124n35l4g > > > > > > Here is the send/receive messages (caught by tcpmonitor tool) - expected > > with ws-security usertoken header > > > > <soap:Envelope > > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/ > "><soap:Body><ns2:sayH > >i xmlns:ns2="http://service.web/ > > "><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope> > > > > > > <soap:Envelope > > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/ > "><soap:Body><soap:Fau > >lt><faultcode xmlns:ns1=" > > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1 > >.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An error was > discovered > > processing the <wsse:Security> > > header</faultstring></soap:Fault></soap:Body></soap:Envelope> > > > > > > - >I have set the usernameToken property in > > org.apache.geronimo.jaxws.client.EndpointInfo and > > org.apache.geronimo.jaxws.builder.EndpointBuilder. > > > > -> I have put some usertoken specific code in the PortMethodInterceptor > > class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the > > username and password. > > > > org.apache.geronimo.jaxws.client.PortMethodInterceptor.java > > ... > > .... > > String username = info.getUserName(); > > if (username != null) { > > > > proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, > username); > > LOG.debug("Set username property: " + username); > > } > > > > String password = info.getPassword(); > > if (password != null) { > > > > proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, > password); > > LOG.debug("Set username property: " + password); > > } > > ... > > > > > > and here is my cxf specific CXFPortMethodInterceptor, I am not sure its > > well written. I need help in this, about how to use the cxf specific apis > > to set the properties. > > > > > > org.apache.geronimo.cxf.CXFPortMethodInterceptor > > > > public class CXFPortMethodInterceptor extends PortMethodInterceptor { > > private static final Logger LOG = > > LoggerFactory.getLogger(CXFPortMethodInterceptor.class); > > > > public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap) > { > > super(seiInfoMap); > > LOG.debug("View the seiInfoMap.values() !" + > seiInfoMap.values()); > > } > > > > public Object intercept(Object target, Method method, Object[] > > arguments, MethodProxy methodProxy) throws Throwable { > > LOG.debug("I am in intercept method of > CXFPortMethodInterceptor!"); > > Object proxy = super.intercept(target, method, arguments, > > methodProxy); > > > > BindingProvider cxfProxy = (BindingProvider) proxy; > > > > //To cast a client proxy to a CXF client: > > org.apache.cxf.endpoint.Client client = > > org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy); > > // testiing : used due to "No security action was defined." error > > > > org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor > > soapInterceptor = > > new > > org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor(); > > > > org.apache.cxf.endpoint.Endpoint cxfEndpoint = > > client.getEndpoint(); > > cxfEndpoint.getOutInterceptors().add(soapInterceptor); > > > > cxfEndpoint.getOutInterceptors().add(new > > org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor()); > > > > LOG.debug("Am I doing right!"); > > return proxy; > > } > > } > > > > I am 100% sure, I am making some (or lot of) mistakes in the above code > and > > I need help to get it fix. > > > > > > Can you please guide me in this? I apologize if its a trivial problem. > > > > I am stuck here. I think if i get thru with this then i wil have good > idea > > about usage of cxf specific apis and can easily set other properties > (like > > X.509 etc) > > > > > > Many Thanks in advance for your help. > > > > PS: sorry for long email. > > > > Best Regards, > > Rahul > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog >
