Riccardo Serafin [http://community.jboss.org/people/barakka] created the discussion
"Attaching a WS-Security policy forces use of "Standard WSSecurity Endpoint" configuration" To view the discussion, visit: http://community.jboss.org/message/581032#581032 -------------------------------------------------------------- Hello, I'm trying to use WS-Security with WS-Policy and a custom endpoint configuration in one of my services, but it seems that when the policy is parsed during deployment a standard endpoint configuration is forced. This is an extract of the relevant parts of my service declaration: {code} @WebService(name = "DeviceObservationConsumer_PortType", serviceName = "DeviceObservationConsumer_Service", targetNamespace = "urn:ihe:pcd:dec:2010", portName = "DeviceObservationConsumer_Port_Soap12") @SOAPBinding(parameterStyle = SOAPBinding.ParameterStyle.BARE) @BindingType(javax.xml.ws.soap.SOAPBinding.SOAP12HTTP_BINDING) @EndpointConfig(configFile = "META-INF/cmr-basic-endpoint-config.xml", configName = "CMR-basic") @PolicyAttachment( @Policy(policyFileLocation = "META-INF/cmr-basic-security-policy.xml", scope = PolicyScopeLevel.WSDL_BINDING)) public class DOCServiceBasicImpl extends DOCServiceUnsercureImpl { {code} As you can see, I'd like to use the CMR-basic endpoint config, which I've already setup to use the WS-Security handler, like this {code:xml} CMR-basic ##SOAP12_HTTP Seam SOAP Request Handler org.jboss.seam.webservice.SOAPRequestHandler WSSecurity Handler org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer {code:xml} And I'm trying to attach the following policy: {code:xml} {code:xml} When the service is deployed, the following error is produced: {code} 18:19:23,415 INFO [org.jboss.ws.extensions.policy.metadata.PolicyMetaDataBuilder] Deploying Annotated Policy = META-INF/cmr-basic-security-policy.xml 18:19:23,590 ERROR [STDERR] org.jboss.ws.WSException: Cannot obtain config: Standard WSSecurity Endpoint 18:19:23,593 ERROR [STDERR] at org.jboss.ws.metadata.config.JBossWSConfigFactory.getConfig(JBossWSConfigFactory.java:165) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.metadata.umdm.EndpointMetaData.initEndpointConfigMetaData(EndpointMetaData.java:874) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.metadata.umdm.EndpointMetaData.createEndpointConfigMetaData(EndpointMetaData.java:841) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.metadata.umdm.EndpointMetaData.setConfigNameInternal(EndpointMetaData.java:823) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.metadata.umdm.EndpointMetaData.setConfigName(EndpointMetaData.java:801) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.extensions.policy.deployer.domainAssertion.WSSecurityAssertionDeployer.deployServerSide(WSSecurityAssertionDeployer.java:69) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.extensions.policy.deployer.PolicyDeployer.deployAssertionServerSide(PolicyDeployer.java:227) 18:19:23,593 ERROR [STDERR] at org.jboss.ws.extensions.policy.deployer.PolicyDeployer.deployAlternativeServerSide(PolicyDeployer.java:195) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.extensions.policy.deployer.PolicyDeployer.deployServerside(PolicyDeployer.java:118) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.extensions.policy.metadata.PolicyMetaDataBuilder.deployPolicyServerSide(PolicyMetaDataBuilder.java:288) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.extensions.policy.metadata.PolicyMetaDataBuilder.deployPolicy(PolicyMetaDataBuilder.java:270) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.extensions.policy.metadata.PolicyMetaDataBuilder.processPolicyAnnotations(PolicyMetaDataBuilder.java:132) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.metadata.builder.jaxws.JAXWSWebServiceMetaDataBuilder.buildWebServiceMetaData(JAXWSWebServiceMetaDataBuilder.java:161) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.metadata.builder.jaxws.JAXWSServerMetaDataBuilder.setupProviderOrWebService(JAXWSServerMetaDataBuilder.java:50) 18:19:23,594 ERROR [STDERR] at org.jboss.ws.metadata.builder.jaxws.JAXWSMetaDataBuilderEJB3.buildMetaData(JAXWSMetaDataBuilderEJB3.java:76) ... {code} which i believe is caused by the following code in WSSecurityAssertionDeployer {code} public void deployServerSide(PrimitiveAssertion assertion, ExtensibleMetaData extMetaData) throws UnsupportedAssertion { ByteArrayOutputStream stream = new ByteArrayOutputStream(); if (extMetaData instanceof EndpointMetaData) { EndpointMetaData ep = (EndpointMetaData) extMetaData; WSSecurityConfiguration securityConfiguration; try { //GET XML of security assertion PrimitiveAssertionWriter.newInstance().writePrimitiveAssertion(assertion, stream); StringReader reader = new StringReader(stream.toString()); //Set security configuration securityConfiguration = WSSecurityOMFactory.newInstance().parse(reader); WSSecurityConfigFactory.newInstance().initKeystorePath(ep.getRootFile(), securityConfiguration); ep.getServiceMetaData().setSecurityConfiguration(securityConfiguration); //set up handler chain as defined in standard file ep.setConfigName("Standard WSSecurity Endpoint"); } catch (Exception e) { e.printStackTrace(); throw new UnsupportedAssertion(); } } } {code} which, instead of checking if the proper WSSecurity handler is installed, forces the use of "Standard WSSecurity Endpoint" configuration. Is this expected? Why can't I use my own policy configuration? Btw, the obvious workaround is to rename my endpoint configuration to "Standard WSSecurity Endpoint", but that is a bit annoying, as I have several configuration that requires WS-Security in combination with other WS-* standards that I use for my services, and this forces me to separate them in several configuration files to be able to replace the "Standard WSSecurity Endpoint" with what I need. Thanks, Riccardo. -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/581032#581032] Start a new discussion in JBoss Web Services at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]
_______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
