Hi Remy,
Your client side out configuration can look something like below:
*Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put("action", "UsernameToken Timestamp Signature");*
**
*outProps.put("passwordType", "PasswordDigest");
outProps.put("user", "clientx509v1");
outProps.put("passwordCallbackClass",
"demo.wssec.client.UTPasswordCallback");*
**
*outProps.put("signaturePropFile","etc/Client_Sign.properties");
outProps.put("signatureKeyIdentifier", "DirectReference");
outProps.put("signatureParts","{Element}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body
");*
**
*bus.getOutInterceptors().add(new SAAJOutInterceptor());
bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));*
and your Client_Sign.properties file can look like:
*
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=storepassword
org.apache.ws.security.crypto.merlin.keystore.alias=clientx509v1
org.apache.ws.security.crypto.merlin.file=keystore/client-keystore.jks*
and your server side can have WSS4JInInterceptor configured for inProps
accordingly.
With Regards,
Mayank
On Thu, Jun 11, 2009 at 4:39 AM, remy2009 <[email protected]> wrote:
>
> That's good news Mayank.
> Have to dig-up the code myself. Can you post some snippets here so I can
> compare the code?
>
> Thanks,
>
> Remy
>
>
> Mayank Mishra-3 wrote:
> >
> > remy2009 wrote:
> >> Hello,
> >>
> >> Reading aprrox. all of the cxf-user forum still cannot find answer.
> >> Maybe missed something?
> >> I'm trying to set up USERNAME_TOKEN + SIGNATURE in cxf 2.1.3 but cannot
> >> make
> >> it work (also tried 2.1.2, 2.1.4 and 2.2 with same results)
> >>
> >>
> > I am able to run USERNAME_TOKEN + SIGNATURE in cxf 2.2.1. Can you try on
> > it?
> >
> > With Regards,
> > Mayank
> >> Only USERNAME_TOKEN works fine. Only SIGNATURE works fine but the
> >> combination keeps giving following exception.
> >> INFO: Interceptor has thrown exception, unwinding now
> >> org.apache.cxf.binding.soap.SoapFault: General security error
> >> (WSSecurityEngine: No password callback supplied)
> >> at
> >>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:398)
> >> at
> >>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:247)
> >> at
> >>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:65)
> >> at
> >>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
> >> at
> >>
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:78)
> >> at
> >>
> org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:92)
> >> at
> >>
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:283)
> >> at
> >>
> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:166)
> >> at
> >>
> org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:174)
> >> at
> >>
> org.apache.cxf.transport.servlet.AbstractCXFServlet.doPost(AbstractCXFServlet.java:152)
> >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> >> at
> >>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> >> at
> >>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> >> at
> >>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> >> at
> >>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
> >> at
> >>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
> >> at
> >>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> >> at
> >>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> >> at
> >>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
> >> at
> >>
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
> >> at
> >>
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
> >> at
> >> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> >> at java.lang.Thread.run(Thread.java:619)
> >> Caused by: org.apache.ws.security.WSSecurityException: General security
> >> error (WSSecurityEngine: No password callback supplied)
> >> at
> >>
> org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:134)
> >> at
> >>
> org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:53)
> >> at
> >>
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
> >> at
> >>
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
> >> at
> >>
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:153)
> >> ... 22 more
> >> Feb 3, 2009 5:40:48 PM
> >> org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose
> >>
> >> After trying almost everything that was said on this forum and reading
> >> most
> >> of Glan Mazza's weblogs still no luck. Found some people that seem to
> >> have
> >> same problem but did not find conclusive answer.
> >> There should have been a fix in wws4j 1.5.5. but after installing in
> >> cxf-2.2
> >> (snapshot) still same error.
> >>
> >> Has anyone got it to work?
> >>
> >> Any ideas/help very much appreciated
> >>
> >> Remy
> >>
> >>
> >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/USERNAME_TOKEN-%2B-SIGNATURE-gives-%22General-security-error-%28WSSecurityEngine%3A-No-password-callback-supplied%29%22-tp21814109p23978217.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
>
