Re: [xfire-user] WS-Security and UserTokens

Wed, 10 May 2006 07:03:25 -0700 

As usual, thanks for all the help.

XFire 1.1 rc1
Java 1.4.2_11
Spring bean config...

<bean name="LogonAdminService" class="org.codehaus.xfire.spring.ServiceBean">
        <property name="serviceBean" ref="logonManager"/>
<property name="serviceClass" value="com.peopledoc.jura.LogonAdminManager"/> 
        <property name="namespace" value="http://hemp.hummingbird.com/v1/hemp"/>
        <property name="inHandlers">
            <list>
                <ref bean="addressingHandler"/>
                <ref bean="domInHandler"/>
                <ref bean="wss4jInHandler"/>
                <ref bean="validateUserTokenHandler"/>
            </list>
        </property>
    </bean>
<bean id="addressingHandler" class="org.codehaus.xfire.addressing.AddressingInHandler"/> 

    <bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"/>
<bean id="validateUserTokenHandler" class="com.peopledoc.rhum.webservices.ValidateUserTokenHandler"/> 

    <bean id="wss4jInHandler"
        name="org.codehaus.xfire.security.wss4j.WSS4JInHandler"
        class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
        <property name="properties">
            <map>
                <entry key="action" value="UsernameToken">
                </entry>
<entry key="passwordCallbackClass" value="com.peopledoc.rhum.webservices.PasswordCallbackHandler" > 
                </entry>
            </map>
        </property>
    </bean>



Client class...

public class LogonWSSecurityTest extends TestCase {

    public void testLogonAndLogoff() throws Exception {
URL url = new URL("http://localhost:8090/hc/webservices/LogonAdminManager?wsdl";); 
        Client client = new Client(url);

        Properties properties = new Properties();
        configureOutProperties(properties);
        client.addOutHandler(new WSS4JOutHandler(properties));
Object[] response = client.invoke("getTrustedNetworkAddresses", new Object[]{Long.getLong("27263522912")}); 

    }

    protected void configureOutProperties(Properties properties) {
        // Action to perform : user token
properties.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); 

        // Set password type to hashed
properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST); 

        // Username in keystore
        properties.setProperty(WSHandlerConstants.USER, "system");

        // Used to retrive password for given user name
properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordCallbackHandler.class.getName()); 
    }

}








Dan Diephouse wrote:

Hi Stuart,
I can't immediately see whats going wrong here. Can you paste your configuration for us to look at? Thanks. 
- Dan

Stuart Barlow wrote:

I am now using xmlsec-1.3.0.jar and get the following error...
[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@ee22f7 org.codehaus.xfire.fault.XFireFault: Fault: java.lang.NullPointerException at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89) 
    at org.codehaus.xfire.client.Client.invoke(Client.java:363)
    at org.codehaus.xfire.client.Client.invoke(Client.java:389)
at com.peopledoc.rhum.webservices.LogonWSSecurityTest.testLogonAndLogoff(LogonWSSecurityTest.java:27) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at com.intellij.rt.execution.junit2.JUnitStarter.main(JUnitStarter.java:32) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at com.intellij.rt.execution.application.AppMain.main(AppMain.java:90) 
Caused by: java.lang.NullPointerException
at org.apache.ws.security.message.WSSecHeader.insertSecurityHeader(WSSecHeader.java:131) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:98) at org.codehaus.xfire.security.wss4j.WSS4JOutHandler.invoke(WSS4JOutHandler.java:154) at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:98) 
    at org.codehaus.xfire.client.Client.invoke(Client.java:359)
    ... 25 more

Process finished with exit code -1
If I have debug turned on for the package: org.codehaus.xfire.security.wss4j 
then I get...

DEBUG - Action: 1
DEBUG - Actor: null



Dan Diephouse wrote:
It seems you're using the wrong version of xalan. If you have the xml-security 1.2 jar, you need to use Xalan 2.6. If you want to use Xalan 2.7, you need to use xml-security 1.3:
http://www.apache.org/dist/java-repository/xml-security/jars/xmlsec-1.3.0.jar 

Xml sec 1.3 will be bundled in the final release along with Xalan 2.7
Hope that helps,

- Dan

Stuart Barlow wrote:

Continuing with UserTokens...
At the following line in my code...
client.addOutHandler(new WSS4JOutHandler(properties));

I get the stack trace...
[EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED]@39ab89- Unable to patch xalan function table. 
java.lang.NoSuchFieldException: m_functions
    at java.lang.Class.getField(Class.java:919)
at org.apache.xml.security.Init.registerHereFunction(Unknown Source) 
    at org.apache.xml.security.Init.init(Unknown Source)
    at org.apache.ws.security.WSSConfig.<init>(WSSConfig.java:72)
at org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.java:95) 
    at org.apache.ws.security.WSSConfig.<clinit>(WSSConfig.java:47)
at org.apache.ws.security.WSSecurityEngine.<clinit>(WSSecurityEngine.java:51) at org.apache.ws.security.handler.WSHandler.<clinit>(WSHandler.java:61) at com.peopledoc.rhum.webservices.LogonWSSecurityTest.testLogonAndLogoff(LogonWSSecurityTest.java:25) 


Is this because I am on Java 1.4 ?


thanks,
Stuart











--
Stuart

Reply via email to