signing the Binary Security Token (BST)
Hi,
I'm using CXF and WSS4J to develop consumers and providers that exchange
signed soap messages.
Signing the body and timestamp elements works just fine. However, I also
need to sign the x509 certificate that is included in the security header
(using the direct reference strategy).
Below I've outlined the structure of the soap message that I would like to
produce.
?xml version=1.0 encoding=UTF-8?
soapenv:Envelope ...
soapenv:Header
wsse:Security xmlns:wsse=... soapenv:mustUnderstand=1
wsse:BinarySecurityToken ... wsu:Id=CertId-24950043
MIIE...!--an x509v3 certificate--
/wsse:BinarySecurityToken
ds:Signature
ds:SignedInfo
ds:CanonicalizationMethod
Algorithm=http://www.w3.org/2001/10/xml-excc14n#;
/ds:CanonicalizationMethod
ds:SignatureMethod
Algorithm=http://www.w3.org/2000/09/xmldsig#rsasha1;
/ds:SignatureMethod
ds:Reference URI=#id-10168913
!--reference to body. Works OK!--
...
/ds:Reference
ds:Reference
URI=#Timestamp-30487154 !--reference to timestamp.
Works OK!--
...
/ds:Reference
ds:Reference URI=#CertId-24950043
!-- Reference to certificate.
This is the reference I want to generate--
/ds:Reference
/ds:SignedInfo
ds:SignatureValue
MkA...
/ds:SignatureValue
ds:KeyInfo Id=KeyId-19714461
wsse:SecurityTokenReference...
wsse:Reference
URI=#CertId-24950043 .../wsse:Reference
/wsse:SecurityTokenReference
/ds:KeyInfo
/ds:Signature
wsu:Timestamp...
wsu:Created2007-09-11T12:49:35.499Z/wsu:Created
wsu:Expires2007-09-11T12:54:35.499Z/wsu:Expires
/wsu:Timestamp
/wsse:Security
/soapenv:Header
soapenv:Body ... wsu:Id=id-10168913
...
/soapenv:Body
/soapenv:Envelope
I've tried to get it to work by configuring setting the
org.apache.ws.security.handler.WSHandlerConstants.SIGNATURE_PARTS property
to this value:
{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken;,
but it doesn't work.
Has anyone tried to sign the BinarySecurityToken? Any help will be
appreciated!
best regards,
Jakob Bendsen
BEC, Denmark
www.bec.dk
--
View this message in context:
http://www.nabble.com/signing-the-Binary-Security-Token-%28BST%29-tf4593716.html#a13114086
Sent from the cxf-user mailing list archive at Nabble.com.
Writing blocking input interceptor
Hi How to write a blocking input interceptor which can send a non-fault response back to a client, over HTTP ? Input interceptors can access input Messages in its handleMessage, which, somewhat surprisingly, in case of HTTP, have javax.servlet.HTTPServletRequest/HTTPServletResponse object in the map, provided Jetty is used. It's tempting to use HTTPServletResponse, as it's exactly what I need for my scenario, but what is the right way to write blocking in interceptors ? Thanks, Sergey IONA Technologies PLC (registered in Ireland) Registered Number: 171387 Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
Re: signing the Binary Security Token (BST)
jbendsen wrote:
Hi,
I'm using CXF and WSS4J to develop consumers and providers that exchange
signed soap messages.
Signing the body and timestamp elements works just fine. However, I also
need to sign the x509 certificate that is included in the security header
(using the direct reference strategy).
Below I've outlined the structure of the soap message that I would like to
produce.
?xml version=1.0 encoding=UTF-8?
soapenv:Envelope ...
soapenv:Header
wsse:Security xmlns:wsse=... soapenv:mustUnderstand=1
wsse:BinarySecurityToken ... wsu:Id=CertId-24950043
MIIE...!--an x509v3 certificate--
/wsse:BinarySecurityToken
ds:Signature
ds:SignedInfo
ds:CanonicalizationMethod
Algorithm=http://www.w3.org/2001/10/xml-excc14n#;
/ds:CanonicalizationMethod
ds:SignatureMethod
Algorithm=http://www.w3.org/2000/09/xmldsig#rsasha1;
/ds:SignatureMethod
ds:Reference URI=#id-10168913
!--reference to body. Works OK!--
...
/ds:Reference
ds:Reference URI=#Timestamp-30487154
!--reference to timestamp.
Works OK!--
...
/ds:Reference
ds:Reference URI=#CertId-24950043
!-- Reference to certificate.
This is the reference I want to generate--
/ds:Reference
/ds:SignedInfo
ds:SignatureValue
MkA...
/ds:SignatureValue
ds:KeyInfo Id=KeyId-19714461
wsse:SecurityTokenReference...
wsse:Reference URI=#CertId-24950043
.../wsse:Reference
/wsse:SecurityTokenReference
/ds:KeyInfo
/ds:Signature
wsu:Timestamp...
wsu:Created2007-09-11T12:49:35.499Z/wsu:Created
wsu:Expires2007-09-11T12:54:35.499Z/wsu:Expires
/wsu:Timestamp
/wsse:Security
/soapenv:Header
soapenv:Body ... wsu:Id=id-10168913
...
/soapenv:Body
/soapenv:Envelope
I've tried to get it to work by configuring setting the
org.apache.ws.security.handler.WSHandlerConstants.SIGNATURE_PARTS property
to this value:
{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken;,
but it doesn't work.
Has anyone tried to sign the BinarySecurityToken? Any help will be
appreciated!
Hi Jakob,
I also tried, but it gave following error, I guess the same,
General security error (WSEncryptBody/WSSignEnvelope: Element to
encrypt/sign not found:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,
BinarySecurityToken)
Surprisingly, SecurityTokenReference can refer to the
BinarySecurityToken using wsu:id, then why ds:Reference can't refer to
the token.
With Regards,
Mayank
best regards,
Jakob Bendsen
BEC, Denmark
www.bec.dk
Stacktrace, Why?
Can someone give me a clue as to why I'm getting this stack trace, I
don't reference a class by that name ever.
class: com.stryker.cmf.cipushep.jaxws.PushReceive could not be found
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.getClass(RuntimeModeler.j
ava:271)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.processDocWrappedMethod(R
untimeModeler.java:562)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.processMethod(RuntimeMode
ler.java:509)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.processClass(RuntimeModel
er.java:355)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.buildRuntimeModel(Runtime
Modeler.java:251)
at
com.sun.xml.internal.ws.client.ServiceContextBuilder.processAnnotations(
ServiceContextBuilder.java:119)
at
com.sun.xml.internal.ws.client.ServiceContextBuilder.completeServiceCont
ext(ServiceContextBuilder.java:87)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.processServiceContext(W
SServiceDelegate.java:136)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.createEndpointIFBasePro
xy(WSServiceDelegate.java:288)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.getPort(WSServiceDelega
te.java:184)
at javax.xml.ws.Service.getPort(Service.java:120)
at
com.stryker.cmf.cipush.CIPushBean.execute(CIPushBean.java:100)
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at
org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java
:529)
package com.stryker.cmf.cipush;
import java.net.MalformedURLException;
import java.net.URL;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.quartz.Job;
import org.quartz.JobExecutionContext;
import org.quartz.JobExecutionException;
import com.stryker.cmf.cipushep.CIPushEP;
import com.stryker.leibinger.db.ConnectionFactoryWrapper;
public class CIPushBean implements Job {
Logger _log = Logger.getLogger(CIPush);
private Connection connMako, connRock;
public void execute(JobExecutionContext context) throws
JobExecutionException {
HashtableString, CIPushClass allCustomers = new
HashtableString, CIPushClass();
ArrayListString pushCustomerFilter = new
ArrayListString();
ArrayListCIPushClass pushCustomers = new
ArrayListCIPushClass();
CIPushClass customer;
String queryMako, queryRock;
PreparedStatement psMako, psRock;
ResultSet rsMako, rsRock;
int result = 0;
_log.info(***Starting CIPush Job);
connMako =
ConnectionFactoryWrapper.getConnection(mako);
connRock =
ConnectionFactoryWrapper.getConnection(sqlServer);
queryMako = SELECT c.custnum, c.shipnum, c.custname,
c.address1, c.address2, c.addressx,
+ c.city, c.state,
c.zipcode, c.regnnum, c.terrnum, c.srepnum, f.forcedesc,
+ r.regndesc,
t.terrname, t.srepname
+ FROM sislib.macmt100
c
+ JOIN sislib.sfcrt100 f
ON c.compnum = f.compnum AND c.regnnum = f.regnnum
+ JOIN sislib.margt100 r
ON c.compnum = r.compnum AND c.divnnum = r.divnnum
+ AND c.regnnum =
r.regnnum
+ JOIN sislib.matrt100 t
ON c.compnum = t.compnum AND c.divnnum = t.divnnum
+ AND c.regnnum =
t.regnnum AND c.terrnum = t.terrnum AND c.srepnum = t.srepnum
+ WHERE c.compnum = 18
AND c.divnnum = c.compnum AND c.active = '1'
+ AND c.regnnum NOT IN
(0, 96, 97, 99) AND c.custnum 70
+ ORDER BY c.regnnum,
c.custnum, c.shipnum;
queryRock = SELECT * FROM ciPush;
try {
_log.info(***Fetching Database information);
psMako = connMako.prepareStatement(queryMako);
psRock = connRock.prepareStatement(queryRock);
rsMako = psMako.executeQuery();
rsRock = psRock.executeQuery();
while (rsMako.next()) {
customer = new CIPushClass();
customer.setCustnum(rsMako.getInt(1));
customer.setShipnum(rsMako.getInt(2));
Microsoft interoperability
I pointed the Microsoft visual studio 2005 wsdl.exe tool at a WSDL from one of my CXF services. The results are not wonderful. I get warnings like the following. Based on my reading of the WSDL, the Microsoft tool is just confused, but I wonder if anyone else has been here? Schema validation warning: Schema item 'complexType' named 'NameIndexQuery' from namespace 'http://index.rnm.basistech.com' is invalid. Namespace 'http://rnm.basistech.com' is not available to be referenced in this schema.
Re: xs:choice
Thanks Jim. I learned something new. :-) To answer the other question: I'm also curious if/how CXF/JAXB can enforce xs:choice? If you turn on schema validation in CXF, the schema validators should be able to enforce the xs:choice schema. If you look in samples/wsdl_first (in 2.0.2 kits), the cxf.xml there does configure the client and endpoint to do schema validation. Dan On Monday 08 October 2007, Jim Ma wrote: You need to use the below jaxb binding file when run wsdl2java to tell jaxb you need choice content : jaxb:bindings version=2.0 schemaLocation=your.wsdl xmlns:jaxb=http://java.sun.com/xml/ns/jaxb; xmlns:xsd=http://www.w3.org/2001/XMLSchema; node=//xsd:schema jaxb:globalBindings choiceContentProperty=true/ /jaxb:bindings You will see the generated OjbectFactory.java is a different one. CXF will load these classes you generated with this binding file and run java2wsdl to generate the wsdl contains choice content. -Jim David W Sica wrote: Ok, great, thanks. Let me ask you this then...if I run wsdl2java on my wsdl that contains xs:choice, deploy this with CXF, the resulting CXF-generated wsdl (I took out the wsdlLocation annotation) does not contain xs:choice? Does this make sense? I'm also curious if/how CXF/JAXB can enforce xs:choice? David Sent from my iPhone On Oct 8, 2007, at 3:21 PM, Daniel Kulp [EMAIL PROTECTED] wrote: On Monday 08 October 2007, David W Sica wrote: Does CXF wsdl2java support xs:choice XSD attributes? If it's not supported what will happen if I try to use wsdl2java against a schema that has this attribute? Finally, is there a place/document where I can find out what attributes are supported/non-supported? When using the JAXB databinding, there is VERY VERY little that isn't supported from a schema/wsdl first point of view. JAXB was designed to map as much of schema as is possible. The place to look for more information about jaxb would be: https://jaxb.dev.java.net/ To answer your specific question: yes, xs:choice is supported. :-) Thanks! -- J. Daniel Kulp Principal Engineer IONA P: 781-902-8727C: 508-380-7194 [EMAIL PROTECTED] http://www.dankulp.com/blog
Re: Microsoft interoperability
I've seen that warning from .NET's wsdl tool a number of times. It has never caused any problems though. It sill seems to generate both Vb and C# code that works just fine. Also we have two clients up and running on .NET and all are running fine. On 10/9/07, Benson Margulies [EMAIL PROTECTED] wrote: I pointed the Microsoft visual studio 2005 wsdl.exe tool at a WSDL from one of my CXF services. The results are not wonderful. I get warnings like the following. Based on my reading of the WSDL, the Microsoft tool is just confused, but I wonder if anyone else has been here? Schema validation warning: Schema item 'complexType' named 'NameIndexQuery' from namespace 'http://index.rnm.basistech.com' is invalid. Namespace 'http://rnm.basistech.com' is not available to be referenced in this schema. -- Dave Kallstrom
Re: Microsoft interoperability
One more thing... Can you run our own wsdlvalidator (in the bin directory) against the wsdl just to double check that the wsdl looks OK from it's standpoint? Dan On Tuesday 09 October 2007, Dave Kallstrom wrote: I've seen that warning from .NET's wsdl tool a number of times. It has never caused any problems though. It sill seems to generate both Vb and C# code that works just fine. Also we have two clients up and running on .NET and all are running fine. On 10/9/07, Benson Margulies [EMAIL PROTECTED] wrote: I pointed the Microsoft visual studio 2005 wsdl.exe tool at a WSDL from one of my CXF services. The results are not wonderful. I get warnings like the following. Based on my reading of the WSDL, the Microsoft tool is just confused, but I wonder if anyone else has been here? Schema validation warning: Schema item 'complexType' named 'NameIndexQuery' from namespace 'http://index.rnm.basistech.com' is invalid. Namespace 'http://rnm.basistech.com' is not available to be referenced in this schema. -- J. Daniel Kulp Principal Engineer IONA P: 781-902-8727C: 508-380-7194 [EMAIL PROTECTED] http://www.dankulp.com/blog
Re: Stacktrace, Why?
That stack trace points to you using the the Sun reference implementation
of JAX-WS thats built into JDK 6. You aren't hitting CXF code at all.
The classes:
com.sun.xml.internal.ws.*
are the JAX-WS stuff in JDK 6.
Double check that CXF is properly on the classpath.
Dan
On Tuesday 09 October 2007, Mattas, Tony wrote:
Can someone give me a clue as to why I'm getting this stack trace, I
don't reference a class by that name ever.
class: com.stryker.cmf.cipushep.jaxws.PushReceive could not be found
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.getClass(RuntimeModeler
.j ava:271)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.processDocWrappedMethod
(R untimeModeler.java:562)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.processMethod(RuntimeMo
de ler.java:509)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.processClass(RuntimeMod
el er.java:355)
at
com.sun.xml.internal.ws.modeler.RuntimeModeler.buildRuntimeModel(Runti
me Modeler.java:251)
at
com.sun.xml.internal.ws.client.ServiceContextBuilder.processAnnotation
s( ServiceContextBuilder.java:119)
at
com.sun.xml.internal.ws.client.ServiceContextBuilder.completeServiceCo
nt ext(ServiceContextBuilder.java:87)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.processServiceContext
(W SServiceDelegate.java:136)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.createEndpointIFBaseP
ro xy(WSServiceDelegate.java:288)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.getPort(WSServiceDele
ga te.java:184)
at javax.xml.ws.Service.getPort(Service.java:120)
at
com.stryker.cmf.cipush.CIPushBean.execute(CIPushBean.java:100)
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at
org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.ja
va
:529)
package com.stryker.cmf.cipush;
import java.net.MalformedURLException;
import java.net.URL;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.logging.Logger;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.quartz.Job;
import org.quartz.JobExecutionContext;
import org.quartz.JobExecutionException;
import com.stryker.cmf.cipushep.CIPushEP;
import com.stryker.leibinger.db.ConnectionFactoryWrapper;
public class CIPushBean implements Job {
Logger _log = Logger.getLogger(CIPush);
private Connection connMako, connRock;
public void execute(JobExecutionContext context) throws
JobExecutionException {
HashtableString, CIPushClass allCustomers = new
HashtableString, CIPushClass();
ArrayListString pushCustomerFilter = new
ArrayListString();
ArrayListCIPushClass pushCustomers = new
ArrayListCIPushClass();
CIPushClass customer;
String queryMako, queryRock;
PreparedStatement psMako, psRock;
ResultSet rsMako, rsRock;
int result = 0;
_log.info(***Starting CIPush Job);
connMako =
ConnectionFactoryWrapper.getConnection(mako);
connRock =
ConnectionFactoryWrapper.getConnection(sqlServer);
queryMako = SELECT c.custnum, c.shipnum, c.custname,
c.address1, c.address2, c.addressx,
+ c.city, c.state,
c.zipcode, c.regnnum, c.terrnum, c.srepnum, f.forcedesc,
+ r.regndesc,
t.terrname, t.srepname
+ FROM sislib.macmt100
c
+ JOIN sislib.sfcrt100
f ON c.compnum = f.compnum AND c.regnnum = f.regnnum
+ JOIN sislib.margt100
r ON c.compnum = r.compnum AND c.divnnum = r.divnnum
+ AND c.regnnum =
r.regnnum
+ JOIN sislib.matrt100
t ON c.compnum = t.compnum AND c.divnnum = t.divnnum
+ AND c.regnnum =
t.regnnum AND c.terrnum = t.terrnum AND c.srepnum = t.srepnum
+ WHERE c.compnum = 18
AND c.divnnum = c.compnum AND c.active = '1'
+ AND c.regnnum NOT IN
(0, 96, 97, 99) AND c.custnum 70
+ ORDER BY c.regnnum,
c.custnum, c.shipnum;
queryRock = SELECT * FROM ciPush;
try {
_log.info(***Fetching Database information);
psMako = connMako.prepareStatement(queryMako);
psRock =
RE: Microsoft interoperability
So far, not too good. 'Unable to generate a temporary class (result = 1). Error CS0030: Cannot convert type BasisTechnology.rnm.ws.Name[] to BasisTechnology.rnm.ws.Name' This is thrown on construction of the proxy class generated by their wsdl tool. I'm also getting all the parameters wrapped up as extra objects, but I imagine that there's some option on the MS side that I need to rediscover on that front.
RE: Microsoft interoperability
Also, the Mindreef Soapscope tool has complaints about inaccessible types that I am harassing their tech support for an explanation of. -Original Message- From: Benson Margulies [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 9:55 AM To: cxf-user@incubator.apache.org Subject: RE: Microsoft interoperability So far, not too good. 'Unable to generate a temporary class (result = 1). Error CS0030: Cannot convert type BasisTechnology.rnm.ws.Name[] to BasisTechnology.rnm.ws.Name' This is thrown on construction of the proxy class generated by their wsdl tool. I'm also getting all the parameters wrapped up as extra objects, but I imagine that there's some option on the MS side that I need to rediscover on that front.
RE: Microsoft interoperability
The cs0030 is this charming bug of Microsoft's: http://support.microsoft.com/kb/891386 -Original Message- From: Benson Margulies [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 9:57 AM To: cxf-user@incubator.apache.org Subject: RE: Microsoft interoperability Also, the Mindreef Soapscope tool has complaints about inaccessible types that I am harassing their tech support for an explanation of. -Original Message- From: Benson Margulies [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 9:55 AM To: cxf-user@incubator.apache.org Subject: RE: Microsoft interoperability So far, not too good. 'Unable to generate a temporary class (result = 1). Error CS0030: Cannot convert type BasisTechnology.rnm.ws.Name[] to BasisTechnology.rnm.ws.Name' This is thrown on construction of the proxy class generated by their wsdl tool. I'm also getting all the parameters wrapped up as extra objects, but I imagine that there's some option on the MS side that I need to rediscover on that front.
Re: cxf plain xml http configuration using simple frontend
Willem - Thanks. I configured it using that example. With this simple frontend, how can I set 'wrapped = true? -- View this message in context: http://www.nabble.com/cxf-plain-xml-http-configuration-using-simple-frontend-tf4591639.html#a13117511 Sent from the cxf-user mailing list archive at Nabble.com.
Using TCPMon with CXF
Hello,
Using the simple server example, I would like to monitor web service request
and responses using tcpmon. The tcpmon application needs to know three
things in order add a listener:
- target hostname: 127.0.0.1
- target Port #: 9000
- Listen Port#: ?
How may I determine what port number cxf is using in its default
configuration?
protected Server() throws Exception {
// START SNIPPET: publish
System.out.println(Starting Server);
HelloWorldImpl implementor = new HelloWorldImpl();
String address = http://localhost:9000/helloWorld;;
Endpoint.publish(address, implementor);
// END SNIPPET: publish
}
Thanks,
Hycel
RE: org.apache.cxf.interceptor.Fault: Marshalling Error: class javax.xml.ws.Holder nor any of its super class is known to this context.
Hi Daniel,
I am using JaxWsProxyFactoryBean now and it does create the factory and
the port class as expected but still getting the exception when invoking
any RSI web service, any help in resolving this?
JaxWsProxyFactoryBean factory = new
JaxWsProxyFactoryBean();
factory.setServiceClass(com.aol.rsi.wsdls.rsi.RSIPortType.class);
factory.setAddress(getServiceURL());
factory.setServiceName(QNAME_SERVICE_NAME);
RSIPortType port = (com.aol.rsi.wsdls.rsi.RSIPortType)
factory.create();
this.servicePort = port;
Note that getServiceURL returns
http://twdev-mda04.tweb.aol.com:6601/Services ... i.e. does not expose
wsdl to us.
The logs shows
Listening for transport dt_socket at address: 8000
Oct 9, 2007 5:59:43 PM
org.apache.cxf.service.factory.ReflectionServiceFactoryBean
buildServiceFromClass
INFO: Creating Service {http://rsi.aol.com/wsdls/RSI.wsdl/}RSIService
from class com.aol.rsi.wsdls.rsi.RSIPortType
Oct 9, 2007 6:01:29 PM org.apache.cxf.phase.PhaseInterceptorChain
doIntercept
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Marshalling Error: class
javax.xml.ws.Holder nor any of its super class is known to this context.
at
org.apache.cxf.jaxb.JAXBEncoderDecoder.marshall(JAXBEncoderDecoder.java:
155)
at
org.apache.cxf.jaxb.io.DataWriterImpl.write(DataWriterImpl.java:40)
at
org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor.handleHeaderP
art(SoapOutInterceptor.java:194)
at
org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor.writeSoapEnve
lopeStart(SoapOutInterceptor.java:124)
at
org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor.handleMessage
(SoapOutInterceptor.java:76)
at
org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor.handleMessage
(SoapOutInterceptor.java:57)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:206)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:253)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:204)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
at $Proxy59.processGetPromo(Unknown Source)
at
com.aol.reg.rsp.adapter.rsi.RSIServiceGetPromo.getPromo(RSIServiceGetPro
mo.java:27)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
com.aol.reg.rsp.engine.ProxyImplementor.methodInvoke(ProxyImplementor.ja
va:132)
at
com.aol.reg.rsp.engine.ProxyImplementor.methodInvoke(ProxyImplementor.ja
va:79)
at
com.aol.reg.rsp.engine.ServiceManagerProxy.methodInvoke(ServiceManagerPr
oxy.java:349)
at
com.aol.reg.rsp.engine.ServiceManagerProxy.invoke(ServiceManagerProxy.ja
va:258)
at $Proxy15.getPromo(Unknown Source)
at
com.aol.reg.rsp.registration.RegFlowMapperImpl.getPromo(RegFlowMapperImp
l.java:331)
at
com.aol.reg.rsp.registration.RegFlowMapperImpl.loadCampaign(RegFlowMappe
rImpl.java:198)
at
com.aol.reg.rsp.registration.RegFlowMapperImpl.getFlowMapping(RegFlowMap
perImpl.java:156)
at
com.aol.reg.rsp.registration.RegistrationSessionImpl.getFlowMapping(Regi
strationSessionImpl.java:1081)
at
com.aol.reg.rsp.registration.RCSessionImpl.getFlowMapping(RCSessionImpl.
java:156)
at com.aol.reg.rsp.web.SnsReg.doGet(SnsReg.java:235)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:269)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:188)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:210)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:174)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:117)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:108)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1
51)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87
0)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc
essConnection(Http11BaseProtocol.java:665)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint
.java:528)
at
True or false: embedded schemata need to be imported?
-Original Message- From: Mindreef Support [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 5:01 PM To: Benson Margulies Subject: [issue #QSU-61718-589]: Validation errors that don't make sense to me Hi Benson, Thanks for sending the WSDL. Issue #1: When you're on the overview page, you'll see just one error line with XSD Schema Validation highlighted. Click on that line, or click the red 5 failures link on the top right and you'll get results filtered for just the 5 failures. If the top error is expanded, you might need to scroll down to see all five. I see five on both SOAPscope 5.3 and SOAPscope Workstation 6.0. Issue #2: I showed this to one of our developers. When your WSDL includes multiple schema blocks, you need include statements for each schema. You don't need to provide locations because the schemas are already in the WSDL. This error message points out a basic ambiguity between WSDL and Schema, and potential interop problems depending on how your SOAP toolkit is implemented. According to XSD Schema, you must import a schema in order to use it. This is entirely independent from the WSDL spec. I hope this helps. Carol Tyler, Mindreef Support On Tue, 09 Oct 2007 09:29:32 -0400, [EMAIL PROTECTED] wrote: Issue #1: Top-level result from analysis with Mindreef Basic Diagnosis Results says '5 failures'. Only one failure is reported. Issue #2: the failure makes no sense to me. I don't know what all this 'fragment' business is about, but I see no reason why the namespace in question is 'not referencable' from the place it is referenced from. All the schemas are included in-line. Schema validation error on node xsd:element Error resolving component 'ns1:Name'. It was detected that 'ns1:Name' is in namespace 'http://rnm.basistech.com', but components from this namespace are not referenceable from schema document 'http://localhost:8080/rlpws/NameIndex?wsdlmindreefFragmentId=6062082'. If this is the incorrect namespace, perhaps the prefix of 'ns1:Name' needs to be changed. If this is the correct namespace, then an appropriate 'import' tag should be added to 'http://localhost:8080/rlpws/NameIndex?wsdlmindreefFragmentId=6062082'.
RE: deploy webservices
Thanks Willem Now I have two fully webservices Bye -Mensaje original- De: Willem Jiang [mailto:[EMAIL PROTECTED] Enviado el: Lunes, 08 de Octubre de 2007 08:54 p.m. Para: cxf-user@incubator.apache.org Asunto: Re: deploy webservices Hi, You can't reuse the service factory for two jaxws endpoints. When the service factory create the endpoint, it will not create a new service model if the service factory's model is already there. You need create a new service factory for endpoint to use. Willem. Olvera Segura Jaime Ivan wrote: Hi i have a little problem I have to publish to webservices, i´m using aegis and 2.0.1 release, the problem is that a only see one wsdl definition, I only get the first one for both, is there something wrong in configuration?? this is my spring.xml: Thanks in advance jaxws:endpoint id=publicador implementor=#publicadorWebService address=/servicio jaxws:properties entry key=mtom-enabled value=true/ /jaxws:properties jaxws:serviceFactory ref bean='jaxws-and-aegis-service-factory' / /jaxws:serviceFactory /jaxws:endpoint jaxws:endpoint id=operabasepublicador implementor=#operaBaseWebService address=/operabase jaxws:serviceFactory ref bean='jaxws-and-aegis-service-factory' / /jaxws:serviceFactory /jaxws:endpoint . .
Re: signing the Binary Security Token (BST)
You're trying to sign an element (BST containing the certificate)
that hasn't been created yet.
This is a bit of an odd use-case -- typically, you'd sign the body of
the message with the private key associated with the public key in
the certificate you are sending, and then do some kin dof cert
validation on the receiving side (e.g., to verify that the cert sent
in the message is singed by a trustworthy authority). But now you
want to add a signature on top of that. What key are you planning to
use to do that? The same one?
I think the only way you're going to get this to work will be to
chain 2 WSS4JOutInterceptors. Make the first one sign the body, and
the second the BST.
-Fred
On Oct 9, 2007, at 8:57 AM, Mayank Mishra wrote:
jbendsen wrote:
Hi,
I'm using CXF and WSS4J to develop consumers and providers that
exchange
signed soap messages. Signing the body and timestamp elements
works just fine. However, I also
need to sign the x509 certificate that is included in the security
header
(using the direct reference strategy).
Below I've outlined the structure of the soap message that I would
like to
produce.
?xml version=1.0 encoding=UTF-8?
soapenv:Envelope ...
soapenv:Header
wsse:Security xmlns:wsse=... soapenv:mustUnderstand=1
wsse:BinarySecurityToken ... wsu:Id=CertId-24950043
MIIE...!--an x509v3 certificate--
/wsse:BinarySecurityToken
ds:Signature
ds:SignedInfo
ds:CanonicalizationMethod
Algorithm=http://www.w3.org/2001/10/xml-excc14n#;
/ds:CanonicalizationMethod
ds:SignatureMethod
Algorithm=http://www.w3.org/2000/09/xmldsig#rsasha1;
/ds:SignatureMethod
ds:Reference URI=#id-10168913 !--reference to body.
Works OK!--
...
/ds:Reference
ds:Reference URI=#Timestamp-30487154 !--reference to
timestamp.
Works OK!--
...
/ds:Reference
ds:Reference URI=#CertId-24950043 !-- Reference to
certificate.
This is the reference I want to generate--
/ds:Reference
/ds:SignedInfo
ds:SignatureValue
MkA...
/ds:SignatureValue
ds:KeyInfo Id=KeyId-19714461
wsse:SecurityTokenReference...
wsse:Reference URI=#CertId-24950043
.../wsse:Reference
/wsse:SecurityTokenReference
/ds:KeyInfo
/ds:Signature
wsu:Timestamp...
wsu:Created2007-09-11T12:49:35.499Z/wsu:Created
wsu:Expires2007-09-11T12:54:35.499Z/wsu:Expires
/wsu:Timestamp
/wsse:Security
/soapenv:Header
soapenv:Body ... wsu:Id=id-10168913
...
/soapenv:Body
/soapenv:Envelope
I've tried to get it to work by configuring setting the
org.apache.ws.security.handler.WSHandlerConstants.SIGNATURE_PARTS
property
to this value:
{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
wssecurity-secext-1.0.xsd}BinarySecurityToken,
but it doesn't work.
Has anyone tried to sign the BinarySecurityToken? Any help will be
appreciated!
Hi Jakob,
I also tried, but it gave following error, I guess the same,
General security error (WSEncryptBody/WSSignEnvelope: Element to
encrypt/sign not found: http://docs.oasis-open.org/wss/2004/01/
oasis-200401-wss-wssecurity-secext-1.0.xsd, BinarySecurityToken)
Surprisingly, SecurityTokenReference can refer to the
BinarySecurityToken using wsu:id, then why ds:Reference can't refer
to the token.
With Regards,
Mayank
best regards,
Jakob Bendsen
BEC, Denmark
www.bec.dk
Re: Using TCPMon with CXF
It's the client port which defined in the wsdl, if you didn't change the
way to specify the client port.
James
Hycel Taylor wrote:
Hello,
Using the simple server example, I would like to monitor web service request
and responses using tcpmon. The tcpmon application needs to know three
things in order add a listener:
- target hostname: 127.0.0.1
- target Port #: 9000
- Listen Port#: ?
How may I determine what port number cxf is using in its default
configuration?
protected Server() throws Exception {
// START SNIPPET: publish
System.out.println(Starting Server);
HelloWorldImpl implementor = new HelloWorldImpl();
String address = http://localhost:9000/helloWorld;;
Endpoint.publish(address, implementor);
// END SNIPPET: publish
}
Thanks,
Hycel
Re: help in setting JaxWsProxyFactoryBean endpoint/url in CXF 2.0.2
Jarada, Hussam wrote: Per finding info on setting client url from http://www.nabble.com/Client-question-tf4357978.html#a12419843 I changed my code as follows At which getServiceURL() return http://todev-mda09.tops.aol.com:8080/; MadcapService ss = new MadcapService(); MadcapPort port = ss.getMadcap(); BindingProvider provider = (BindingProvider)port; In this case, Client trying to get the wsdl from the MadcapService, make sure the wsdl is accessible James provider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPER TY, getServiceURL()); this.servicePort = port; The problem now MadcapService ss = new MadcapService(); throws this exception. Any help in resolving this cause I am almost running out of solutions for integrating third party web service into my application using CXF 2.0.2 and wsdl2java in Windows XP running on Tomcat. java.lang.IncompatibleClassChangeError at org.apache.cxf.wsdl11.WSDLServiceBuilder.copyExtensionAttributes(WSDLSer viceBuilder.java:125) at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildServices(WSDLServiceBuilde r.java:229) at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildServices(WSDLServiceBuilde r.java:158) at org.apache.cxf.wsdl11.WSDLServiceFactory.create(WSDLServiceFactory.java: 117) at org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:110) at org.apache.cxf.jaxws.ServiceImpl.init(ServiceImpl.java:101) at org.apache.cxf.jaxws.spi.ProviderImpl.createServiceDelegate(ProviderImpl .java:55) at javax.xml.ws.Service.init(Service.java:57) at com.aol.madcap._2007._06.MadcapService.init(MadcapService.java:41) at com.aol.reg.rsp.adapter.madcap.MADCAPAdapter.getService(MADCAPAdapter.ja va:74) at com.aol.reg.rsp.adapter.madcap.ExtServiceMADCAPImpl.nameSuggestionMADCAP (ExtServiceMADCAPImpl.java:86) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav a:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor Impl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.aol.reg.rsp.engine.ProxyImplementor.methodInvoke(ProxyImplementor.ja va:132) at com.aol.reg.rsp.engine.ProxyImplementor.methodInvoke(ProxyImplementor.ja va:79) at com.aol.reg.rsp.engine.ServiceManagerProxy.methodInvoke(ServiceManagerPr oxy.java:349) at com.aol.reg.rsp.engine.ServiceManagerProxy.invoke(ServiceManagerProxy.ja va:258) at $Proxy15.nameSuggestionMADCAP(Unknown Source) at com.aol.reg.rsp.web.SnsReg.doGet(SnsReg.java:207) at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java:210) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java:174) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1 51) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87 0) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc essConnection(Http11BaseProtocol.java:665) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint .java:528) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow erWorkerThread.java:81) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool .java:685) at java.lang.Thread.run(Thread.java:595) -Original Message- From: Jarada, Hussam [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 11:49 AM To: cxf-user@incubator.apache.org Subject: help in setting JaxWsProxyFactoryBean endpoint/url in CXF 2.0.2 Hi, I have the following code at which I am trying to set factory client endpoint to third party web service Can someone help me with a working sample on how to set JaxWsProxyFactoryBean endpoint with url cause I am getting exception when calling factory.create(); WSDLException: faultCode=PARSER_ERROR: Problem parsing 'http://todev-mda09.tops.aol.com:8080/'.: The element type HTML must be terminated by the matching end-tag /HTML.: org.xml.sax.SAXParseException: The element type HTML must be terminated by the matching end-tag /HTML which I believe cause the
Re: cxf plain xml http configuration using simple frontend
It is same with the jaxws:endpoint. You need to create a service factory bean and set it to the simple:server. Here is an example bean id=ReflectionServiceFactoryBean class=org.apache.cxf.service.factory.ReflectionServiceFactoryBean property name=wrapped value=true/ /bean simple:server id=inlineImplementor address=http://localhost:8080/simpleWithAddress; simple:serviceBean bean class=org.apache.cxf.service.factory.HelloServiceImpl/ /simple:serviceBean simple:serviceFactory bean ref=ReflectionServiceFactoryBean /simple:serviceFactory /simple:server BTW, You need to specify different simple:serviceFactory for different simple:server. You can find more information here. http://www.nabble.com/deploy-webservices-tf4591636.html#a13107881 Willem. mule1 wrote: Willem - Thanks. I configured it using that example. With this simple frontend, how can I set 'wrapped = true?
Re: help in setting JaxWsProxyFactoryBean endpoint/url in CXF 2.0.2
You can specify the wsdl url to your local wsdl url. eg. File://C:\svnwork\reg\trunk\reg\reg-ws\ws-madcap\src\wsdl\madcap.wsdl Willem. Jarada, Hussam wrote: my problem is that the wsdl is not accessible from this web service url. Jarada From: James Mao [mailto:[EMAIL PROTECTED] Sent: Tue 10/9/2007 10:15 PM To: cxf-user@incubator.apache.org Subject: Re: help in setting JaxWsProxyFactoryBean endpoint/url in CXF 2.0.2 Jarada, Hussam wrote: Per finding info on setting client url from http://www.nabble.com/Client-question-tf4357978.html#a12419843 I changed my code as follows At which getServiceURL() return http://todev-mda09.tops.aol.com:8080/; MadcapService ss = new MadcapService(); MadcapPort port = ss.getMadcap(); BindingProvider provider = (BindingProvider)port; In this case, Client trying to get the wsdl from the MadcapService, make sure the wsdl is accessible James provider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPER TY, getServiceURL()); this.servicePort = port; The problem now MadcapService ss = new MadcapService(); throws this exception. Any help in resolving this cause I am almost running out of solutions for integrating third party web service into my application using CXF 2.0.2 and wsdl2java in Windows XP running on Tomcat. java.lang.IncompatibleClassChangeError at org.apache.cxf.wsdl11.WSDLServiceBuilder.copyExtensionAttributes(WSDLSer viceBuilder.java:125) at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildServices(WSDLServiceBuilde r.java:229) at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildServices(WSDLServiceBuilde r.java:158) at org.apache.cxf.wsdl11.WSDLServiceFactory.create(WSDLServiceFactory.java: 117) at org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:110) at org.apache.cxf.jaxws.ServiceImpl.init(ServiceImpl.java:101) at org.apache.cxf.jaxws.spi.ProviderImpl.createServiceDelegate(ProviderImpl .java:55) at javax.xml.ws.Service.init(Service.java:57) at com.aol.madcap._2007._06.MadcapService.init(MadcapService.java:41) at com.aol.reg.rsp.adapter.madcap.MADCAPAdapter.getService(MADCAPAdapter.ja va:74) at com.aol.reg.rsp.adapter.madcap.ExtServiceMADCAPImpl.nameSuggestionMADCAP (ExtServiceMADCAPImpl.java:86) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav a:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor Impl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.aol.reg.rsp.engine.ProxyImplementor.methodInvoke(ProxyImplementor.ja va:132) at com.aol.reg.rsp.engine.ProxyImplementor.methodInvoke(ProxyImplementor.ja va:79) at com.aol.reg.rsp.engine.ServiceManagerProxy.methodInvoke(ServiceManagerPr oxy.java:349) at com.aol.reg.rsp.engine.ServiceManagerProxy.invoke(ServiceManagerProxy.ja va:258) at $Proxy15.nameSuggestionMADCAP(Unknown Source) at com.aol.reg.rsp.web.SnsReg.doGet(SnsReg.java:207) at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java:210) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java:174) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1 51) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87 0) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc essConnection(Http11BaseProtocol.java:665) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint .java:528) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow erWorkerThread.java:81) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool .java:685) at java.lang.Thread.run(Thread.java:595) -Original Message- From: Jarada, Hussam [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 09, 2007 11:49 AM To: cxf-user@incubator.apache.org Subject: help in setting JaxWsProxyFactoryBean endpoint/url in CXF 2.0.2 Hi, I have the following code at which I am trying to set factory client endpoint to third party web service Can someone help me with a working sample on how to set
