Problem with secure connections via https
You are right! I do it right now.
I have a problem with secure connections via https,
I tried JaxWsServerFactoryBean/JaxWsProxyFactoryBean and
ServerFactoryBean/ClientProxyFactoryBean result the same - service
publishing succeeded, but client methods call fails.
I got different exceptions depends on my configuration. Current my
sample for instance used Interceptor action -
WSHandlerConstants.USERNAME_TOKEN and failed with following exception:
(application provided null or empty password) Next to the exception you
can see my client configuration code, with password and user name
supplied. ('configClientInterceptors' method) and my client creation
code ('TestJaxWsProxyFactoryBean' method)
I haven't any working sample to start with to use https.
Can somebody help me please.
Regards,
Luba.
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:184)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:43)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:220)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.frontend.ClientProxy.invoke(ClientProxy.java:68)
at $Proxy15.sayHi(Unknown Source)
at
cxf_client.TestClient.TestClientProxyFactoryBean(TestClient.java:557)
at cxf_client.TestClient.main(TestClient.java:104)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler:
application provided null or empty password
at
org.apache.ws.security.handler.WSHandler.getPassword(WSHandler.java:638)
at
org.apache.ws.security.action.UsernameTokenAction.execute(UsernameTokenA
ction.java:31)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:1
92)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:169)
... 9 more
Hit uncaught exception org.apache.cxf.binding.soap.SoapFault
private void configClientInterceptors(Client client) {
String name = myname;
String password = mypassword;
String passwordKey = password;
String actions = WSHandlerConstants.USERNAME_TOKEN;
//in
WSS4JInInterceptor wsIn = new WSS4JInInterceptor();
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsIn.setProperty(WSHandlerConstants.USER, name);
wsIn.setProperty(passwordKey, password);
client.getInInterceptors().add(wsIn);
client.getInInterceptors().add(new SAAJInInterceptor());
//out
WSS4JOutInterceptor wsOut = new WSS4JOutInterceptor();
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.USER, name);
wsOut.setProperty(passwordKey, password);
client.getOutInterceptors().add(wsOut);
client.getOutInterceptors().add(new SAAJOutInterceptor());
}
public void TestJaxWsProxyFactoryBean() {
JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
Client client;
proxyFac.setServiceClass(HelloWorld.class);
proxyFac.setAddress(ADDRESS + /HelloWorld);
HelloWorld echo = (HelloWorld) proxyFac.create();
client = ClientProxy.getClient(echo);
HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setSecureSocketProtocol(SSL);
httpConduit.setTlsClientParameters(tlsParams);
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(36000);
httpClientPolicy.setAllowChunking(false);
httpConduit.getClient().setAutoRedirect(true);
httpConduit.setClient(httpClientPolicy);
configClientInterceptors(client);
echo.sayHi(Luba);
}
-Original Message-
From: Benson Margulies [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 02, 2008 6:55 PM
To: cxf-user@incubator.apache.org
Subject: Re: Problem deserializing pojos (fields not initialized)
Why don't you send in a new email message with a new subject line that
describes exactly what you did and what didn't work. This thread was
about
the very specific question of the new configuration system for Aegis.
On Wed, Apr 2, 2008 at 10:33 AM, Alpin, Luba [EMAIL PROTECTED] wrote:
I need use secure SOAP.
I succeeded with publish my services on
https://localhost:8080/ServiceName;
But client methods call fails.
Thanks for your time.
Regards,
Luba.
-Original Message-
From: Benson Margulies [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 02, 2008 5:27 PM
To: cxf-user@incubator.apache.org
Subject: Re: Problem
Re: Problem with secure connections via https
I'm not very useful, personally, on https, hopefully Glen or someone will
wade in now that you've given us a full picture.
On Thu, Apr 3, 2008 at 5:52 AM, Alpin, Luba [EMAIL PROTECTED] wrote:
You are right! I do it right now.
I have a problem with secure connections via https,
I tried JaxWsServerFactoryBean/JaxWsProxyFactoryBean and
ServerFactoryBean/ClientProxyFactoryBean result the same - service
publishing succeeded, but client methods call fails.
I got different exceptions depends on my configuration. Current my
sample for instance used Interceptor action -
WSHandlerConstants.USERNAME_TOKEN and failed with following exception:
(application provided null or empty password) Next to the exception you
can see my client configuration code, with password and user name
supplied. ('configClientInterceptors' method) and my client creation
code ('TestJaxWsProxyFactoryBean' method)
I haven't any working sample to start with to use https.
Can somebody help me please.
Regards,
Luba.
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:184)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:43)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:220)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.frontend.ClientProxy.invoke(ClientProxy.java:68)
at $Proxy15.sayHi(Unknown Source)
at
cxf_client.TestClient.TestClientProxyFactoryBean(TestClient.java:557)
at cxf_client.TestClient.main(TestClient.java:104)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler:
application provided null or empty password
at
org.apache.ws.security.handler.WSHandler.getPassword(WSHandler.java:638)
at
org.apache.ws.security.action.UsernameTokenAction.execute(UsernameTokenA
ction.java:31)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:1
92)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:169)
... 9 more
Hit uncaught exception org.apache.cxf.binding.soap.SoapFault
private void configClientInterceptors(Client client) {
String name = myname;
String password = mypassword;
String passwordKey = password;
String actions = WSHandlerConstants.USERNAME_TOKEN;
//in
WSS4JInInterceptor wsIn = new WSS4JInInterceptor();
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsIn.setProperty(WSHandlerConstants.USER, name);
wsIn.setProperty(passwordKey, password);
client.getInInterceptors().add(wsIn);
client.getInInterceptors().add(new SAAJInInterceptor());
//out
WSS4JOutInterceptor wsOut = new WSS4JOutInterceptor();
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.USER, name);
wsOut.setProperty(passwordKey, password);
client.getOutInterceptors().add(wsOut);
client.getOutInterceptors().add(new SAAJOutInterceptor());
}
public void TestJaxWsProxyFactoryBean() {
JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
Client client;
proxyFac.setServiceClass(HelloWorld.class);
proxyFac.setAddress(ADDRESS + /HelloWorld);
HelloWorld echo = (HelloWorld) proxyFac.create();
client = ClientProxy.getClient(echo);
HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setSecureSocketProtocol(SSL);
httpConduit.setTlsClientParameters(tlsParams);
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(36000);
httpClientPolicy.setAllowChunking(false);
httpConduit.getClient().setAutoRedirect(true);
httpConduit.setClient(httpClientPolicy);
configClientInterceptors(client);
echo.sayHi(Luba);
}
-Original Message-
From: Benson Margulies [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 02, 2008 6:55 PM
To: cxf-user@incubator.apache.org
Subject: Re: Problem deserializing pojos (fields not initialized)
Why don't you send in a new email message with a new subject line that
describes exactly what you did and what didn't work. This thread was
about
the very specific question of the new configuration system for Aegis.
On Wed, Apr 2, 2008 at 10:33 AM, Alpin, Luba [EMAIL PROTECTED] wrote:
I need use secure SOAP.
I succeeded with publish my services on
https://localhost:8080/ServiceName;
But client methods call
Re: Problem with secure connections via https
I only know the wsdl2java way of doing this, and Luba in past has not
desired to go this route. As I've said earlier, I don't think SSL with
the simple front end is a robust design that should be taught to
users.
[1] shows how to create a wsdl2java-based web service client with a
cxf.xml file (whose contents are not relevant for SSL); the example at
the top of [2] gives a CXF.xml file that can be used at the client
(Although just looking at it, I don't think that cxf.xml is correct
because nowhere is it declaring SSL to be the protocol. If no one else
does, I'll take a look at it. Per Olsen's blog entry referenced at the
top of [2] gives a better example of a starter cxf.xml configuration
file for SSL.)
Glen
[1] http://www.jroller.com/gmazza/date/20070817
[2]
http://cwiki.apache.org/CXF20DOC/client-http-transport-including-ssl-support.html
Am Donnerstag, den 03.04.2008, 07:35 -0400 schrieb Benson Margulies:
I'm not very useful, personally, on https, hopefully Glen or someone will
wade in now that you've given us a full picture.
On Thu, Apr 3, 2008 at 5:52 AM, Alpin, Luba [EMAIL PROTECTED] wrote:
You are right! I do it right now.
I have a problem with secure connections via https,
I tried JaxWsServerFactoryBean/JaxWsProxyFactoryBean and
ServerFactoryBean/ClientProxyFactoryBean result the same - service
publishing succeeded, but client methods call fails.
I got different exceptions depends on my configuration. Current my
sample for instance used Interceptor action -
WSHandlerConstants.USERNAME_TOKEN and failed with following exception:
(application provided null or empty password) Next to the exception you
can see my client configuration code, with password and user name
supplied. ('configClientInterceptors' method) and my client creation
code ('TestJaxWsProxyFactoryBean' method)
I haven't any working sample to start with to use https.
Can somebody help me please.
Regards,
Luba.
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:184)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:43)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:220)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.frontend.ClientProxy.invoke(ClientProxy.java:68)
at $Proxy15.sayHi(Unknown Source)
at
cxf_client.TestClient.TestClientProxyFactoryBean(TestClient.java:557)
at cxf_client.TestClient.main(TestClient.java:104)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler:
application provided null or empty password
at
org.apache.ws.security.handler.WSHandler.getPassword(WSHandler.java:638)
at
org.apache.ws.security.action.UsernameTokenAction.execute(UsernameTokenA
ction.java:31)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:1
92)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:169)
... 9 more
Hit uncaught exception org.apache.cxf.binding.soap.SoapFault
private void configClientInterceptors(Client client) {
String name = myname;
String password = mypassword;
String passwordKey = password;
String actions = WSHandlerConstants.USERNAME_TOKEN;
//in
WSS4JInInterceptor wsIn = new WSS4JInInterceptor();
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsIn.setProperty(WSHandlerConstants.USER, name);
wsIn.setProperty(passwordKey, password);
client.getInInterceptors().add(wsIn);
client.getInInterceptors().add(new SAAJInInterceptor());
//out
WSS4JOutInterceptor wsOut = new WSS4JOutInterceptor();
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.USER, name);
wsOut.setProperty(passwordKey, password);
client.getOutInterceptors().add(wsOut);
client.getOutInterceptors().add(new SAAJOutInterceptor());
}
public void TestJaxWsProxyFactoryBean() {
JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
Client client;
proxyFac.setServiceClass(HelloWorld.class);
proxyFac.setAddress(ADDRESS + /HelloWorld);
HelloWorld echo = (HelloWorld) proxyFac.create();
client = ClientProxy.getClient(echo);
HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setSecureSocketProtocol(SSL
RE: Problem with secure connections via https
The reason that I selected frontend is:
I don't start from the zero point, I have 64 services with hundreds
methods and I didn't use *.wsdl files creation with other frameworks
that I used in past (GLUE(WebMethods) and XFire), so start create 64
wsdls contains hundreds operations description looks me crazy. CXF (at
least frontends) spend much more memory for publishing and so hard for
SSL configuration - that is my first impression. I would like it will be
by my mistake.
Regards,
Luba.
-Original Message-
From: Glen Mazza [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 03, 2008 3:13 PM
To: cxf-user@incubator.apache.org
Subject: Re: Problem with secure connections via https
I only know the wsdl2java way of doing this, and Luba in past has not
desired to go this route. As I've said earlier, I don't think SSL with
the simple front end is a robust design that should be taught to
users.
[1] shows how to create a wsdl2java-based web service client with a
cxf.xml file (whose contents are not relevant for SSL); the example at
the top of [2] gives a CXF.xml file that can be used at the client
(Although just looking at it, I don't think that cxf.xml is correct
because nowhere is it declaring SSL to be the protocol. If no one else
does, I'll take a look at it. Per Olsen's blog entry referenced at the
top of [2] gives a better example of a starter cxf.xml configuration
file for SSL.)
Glen
[1] http://www.jroller.com/gmazza/date/20070817
[2]
http://cwiki.apache.org/CXF20DOC/client-http-transport-including-ssl-sup
port.html
Am Donnerstag, den 03.04.2008, 07:35 -0400 schrieb Benson Margulies:
I'm not very useful, personally, on https, hopefully Glen or someone
will
wade in now that you've given us a full picture.
On Thu, Apr 3, 2008 at 5:52 AM, Alpin, Luba [EMAIL PROTECTED]
wrote:
You are right! I do it right now.
I have a problem with secure connections via https,
I tried JaxWsServerFactoryBean/JaxWsProxyFactoryBean and
ServerFactoryBean/ClientProxyFactoryBean result the same - service
publishing succeeded, but client methods call fails.
I got different exceptions depends on my configuration. Current my
sample for instance used Interceptor action -
WSHandlerConstants.USERNAME_TOKEN and failed with following
exception:
(application provided null or empty password) Next to the exception
you
can see my client configuration code, with password and user name
supplied. ('configClientInterceptors' method) and my client creation
code ('TestJaxWsProxyFactoryBean' method)
I haven't any working sample to start with to use https.
Can somebody help me please.
Regards,
Luba.
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:184)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:43)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
hain.java:220)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.frontend.ClientProxy.invoke(ClientProxy.java:68)
at $Proxy15.sayHi(Unknown Source)
at
cxf_client.TestClient.TestClientProxyFactoryBean(TestClient.java:557)
at cxf_client.TestClient.main(TestClient.java:104)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler:
application provided null or empty password
at
org.apache.ws.security.handler.WSHandler.getPassword(WSHandler.java:638)
at
org.apache.ws.security.action.UsernameTokenAction.execute(UsernameTokenA
ction.java:31)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:1
92)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4J
OutInterceptor.java:169)
... 9 more
Hit uncaught exception org.apache.cxf.binding.soap.SoapFault
private void configClientInterceptors(Client client) {
String name = myname;
String password = mypassword;
String passwordKey = password;
String actions = WSHandlerConstants.USERNAME_TOKEN;
//in
WSS4JInInterceptor wsIn = new WSS4JInInterceptor();
wsIn.setProperty(WSHandlerConstants.ACTION, actions);
wsIn.setProperty(WSHandlerConstants.USER, name);
wsIn.setProperty(passwordKey, password);
client.getInInterceptors().add(wsIn);
client.getInInterceptors().add(new SAAJInInterceptor());
//out
WSS4JOutInterceptor wsOut = new WSS4JOutInterceptor();
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.USER, name);
wsOut.setProperty(passwordKey, password
