we tried the http://localhost:8000/TradeOrderProcessor/msec, as
OrderProcessor processor = new OrderProcessor(new URL("
http://localhost:8000/tradeorderprocessor/msec<http://localhost:8000/tradeorderprocessor>"),
new QName("http://tempuri.org/";,
"OrderProcessor"));
but we got another error:
java.io.IOException: Server returned HTTP response code: 400 for URL:
http://stocktrader:8000/tradeorderprocessor/msec
java.io.IOException: Server returned HTTP response code: 400 for URL:
http://stocktrader:8000/tradeorderprocessor/msec?wsdl
that's why let us still keep the basicHttpBinding URL. :(
We'll try the customBinding tomorrow.
On Thu, May 21, 2009 at 10:16 PM, Ben Dewey <[email protected]> wrote:
> Ming,
>
> Two things,
>
> 1. Can you verify that you're using the
> http://localhost:8000/TradeOrderProcessor/msec endpoint address when
> calling wsHttp? It seems like the code is still setup for the basicBinding
> endpoint.
>
> 2. Were you able to get the customBinding for .NET working. PHP and WSAS
> are using the customBinding OPS_SEC. the endpoint is
> http://localhost:8000/tradeorderprocessor/sec (without the m). This might
> be a better option, There has been talks of removing the wsHttpBinding and
> replacing it with the customBinding throughout.
>
> -Ben
>
> -----Original Message-----
> From: Ming Jin [mailto:[email protected]]
> Sent: Thursday, May 21, 2009 10:07 AM
> To: [email protected]
> Cc: Kent Brown; Harold Carr; [email protected]; Ye Zheng;
> [email protected]; Ming Jin; [email protected];
> [email protected]; Song Zhang
> Subject: Interoperability Failure: SslContextToken & WS-Policy
>
> Hi, we're configuring stonehenge to use Java WSIT client to connect the
> .NET
> orderprocessor service via wsHttpBinding.
>
> We followed the installation document under the .net directory from
> stonehenge m1 branch, and we got order processor service running via both
> basicHttpBinding and wsHttpBinding.
>
> At first, we tried the interoperability via basicHttpBinding, the result
> was
> perfect.
>
> Then we wanted to configure it to via wsHttpBinding, but we encountered the
> following problem:
> --------------
> May 21, 2009 8:21:21 PM com.sun.xml.ws.security.impl.policy.Constants
> log_invalid_assertion
> WARNING: SP0100: Policy assertion
>
> Assertion[com.sun.xml.ws.policy.sourcemodel.DefaultPolicyAssertionCreator$DefaultPolicyAssertion]
> {
> assertion data {
> namespace = 'http://schemas.microsoft.com/ws/2005/07/securitypolicy
> '
> prefix = 'mssp'
> local name = 'SslContextToken'
> value = 'null'
> optional = 'false'
> ignorable = 'false'
> attributes {
> name = '
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy:IncludeToken', value
> =
> '
>
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
> '
> }
> }
> no parameters
> nested policy {
> namespace version = 'v1_5'
> id = 'null'
> name = 'null'
> vocabulary {
> 1. entry = '
>
> http://schemas.microsoft.com/ws/2005/07/securitypolicy:RequireClientCertificate
> '
> 2. entry = '
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy:RequireDerivedKeys'
> }
> assertion set {
>
>
> Assertion[com.sun.xml.ws.policy.sourcemodel.DefaultPolicyAssertionCreator$DefaultPolicyAssertion]
> {
> assertion data {
> namespace = '
> http://schemas.microsoft.com/ws/2005/07/securitypolicy'
> prefix = 'mssp'
> local name = 'RequireClientCertificate'
> value = 'null'
> optional = 'false'
> ignorable = 'false'
> no attributes
> }
> no parameters
> no nested policy
> }
>
>
> Assertion[com.sun.xml.ws.policy.sourcemodel.DefaultPolicyAssertionCreator$DefaultPolicyAssertion]
> {
> assertion data {
> namespace = '
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'
> prefix = 'sp'
> local name = 'RequireDerivedKeys'
> value = 'null'
> optional = 'false'
> ignorable = 'false'
> no attributes
> }
> no parameters
> no nested policy
> }
> }
> }
> } is not supported under Token assertion.
> Exception in thread "main" java.lang.NullPointerException
> at
>
> com.sun.xml.ws.security.impl.policy.PolicyUtil.isSecurityPolicyNS(PolicyUtil.java:70)
> at
>
> com.sun.xml.ws.security.impl.policy.PolicyUtil.isIssuedToken(PolicyUtil.java:644)
> at
>
> com.sun.xml.ws.security.impl.policyconv.SCTokenWrapper.addToken(SCTokenWrapper.java:222)
> at
>
> com.sun.xml.ws.security.impl.policyconv.SCTokenWrapper.getTokens(SCTokenWrapper.java:205)
> at
>
> com.sun.xml.ws.security.impl.policyconv.SCTokenWrapper.getIssuedTokens(SCTokenWrapper.java:169)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityTubeBase.getIssuedTokenPoliciesFromBootstrapPolicy(SecurityTubeBase.java:458)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityTubeBase.constructPolicyHolder(SecurityTubeBase.java:1332)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityClientTube.addIncomingProtocolPolicy(SecurityClientTube.java:599)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityTubeBase.buildProtocolPolicy(SecurityTubeBase.java:1258)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityTubeBase.collectPolicies(SecurityTubeBase.java:752)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityTubeBase.<init>(SecurityTubeBase.java:284)
> at
>
> com.sun.xml.wss.jaxws.impl.SecurityClientTube.<init>(SecurityClientTube.java:131)
> at
>
> com.sun.xml.wss.provider.wsit.SecurityTubeAppender.appendTube(SecurityTubeAppender.java:189)
> at
>
> com.sun.xml.ws.assembler.TubelineAssemblerFactoryImpl$WsitTubelineAssembler.createClient(TubelineAssemblerFactoryImpl.java:79)
> at
>
> com.sun.xml.ws.client.WSServiceDelegate.createPipeline(WSServiceDelegate.java:446)
> at
>
> com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:639)
> at
> com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:342)
> at
> com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:324)
> at
> com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:306)
> at javax.xml.ws.Service.getPort(Service.java:92)
> at
>
> org.tempuri.OrderProcessor.getWSHttpBindingOrderProcessorService(OrderProcessor.java:78)
> at
>
> org.wso2.stocktrader.services.TradeOrderServiceClient.SubmitOrderTrasactedQueue(Unknown
> Source)
> at org.wso2.stocktrader.services.TradeOrderServiceClient.main(Unknown
> Source)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at com.intellij.rt.execution.application.AppMain.main(AppMain.java:90)
>
> Process finished with exit code 1
> --------------
>
> After some digging by google, we found this article with the solution:
> Interoperability Gotcha: SslContextToken Negotiation & WS-Policy (
>
> http://proxy88.com/index.php?hl=f5&q=uggc%3A%2F%2Fjrofreivprf20.oybtfcbg.pbz%2F2008%2F10%2Fvagrebcrenovyvgl-tbgpun-ffypbagrkggbxra.ugzy
> )
>
> There the author provided a solution, we can turn the X.509 negotiation off
> by updating wshttpbinding configuration like bellow
> <security>
> <message clientCredentialType="None" negotiateServiceCredential="false"
> />
> </security>
>
> So, we updated the relevant configuration in
> Trade.BusinessServiceConsole.exe.config as bellow:
>
> <binding name="OpsClient_WsHttpBinding_MSec" closeTimeout="00:01:00"
> openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
> bypassProxyOnLocal="false" transactionFlow="false"
> hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288"
> maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8"
> useDefaultWebProxy="true" allowCookies="false">
> <readerQuotas maxDepth="32" maxStringContentLength="8192"
> maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"
> />
> <reliableSession ordered="true" inactivityTimeout="00:10:00"
> enabled="false" />
> <security mode="Message">
> <!--<transport clientCredentialType="Windows"
> proxyCredentialType="None" realm="" />--><!--here we comment it out-->
> <!--<message clientCredentialType="Certificate"
> negotiateServiceCredential="true" algorithmSuite="Default"
> establishSecurityContext="true" />--><!--here we comment it out-->
> <message clientCredentialType="None"
> negotiateServiceCredential="false"/>
> </security>
> </binding>
>
> However, the error message as former still occured.
>
> Here is our java client code:
>
> OrderProcessor processor = new OrderProcessor(new URL("
> http://localhost:8000/tradeorderprocessor";), new QName("
> http://tempuri.org/";,
> "OrderProcessor"));
> //OrderProcessor class is generated by wsimport from
> http://localhost:8000/tradeorderprocessor?wsdl
> OrderProcessorService service =
> processor.getWSHttpBindingOrderProcessorService();
> SubmitOrder param = new SubmitOrder();
> param.setOrder(order);
> service.submitOrder(param);
>
> We've imported the certificate of CN OPS.Com into the keystore.jks for the
> glassfish, and imported the certificate of alias 's1as' from glassfish into
> mmc.
>
> We tried to find some examples about using WSIT to inter-operate the java
> client and .net service provider via wsHttpBinding, but there are so few
> materials or examples.
>
> Does anyone have any suggestion? Where can we find the examples that
> represent the interoperability via wsHttpBinding?
>
>
>
> ----
> Ming Jin
>
> Consultant
> Thoughtworks, Inc
>
--
Ming Jin
Consultant
Thoughtworks, Inc
Mobile: +86 135-2125-6300
Email: [email protected]
MSN: [email protected]
Blog: http://blogjava.net/mingj
