Blair Jennings Sr. Software Engineer A-Life Medical 6195 Lusk Blvd., Ste 120, San Diego, CA, 92121
Office: 888.224.6300 x1716 Fax: 858.812.0952 Email: [email protected] Web: www.alifemedical.com Streamlining the Code to Collection Process with Computerized Practice Management and Medical Coding Products and Services This message is for the sole use of the intended recipient and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and destroy all copies of the original message. -----Original Message----- From: Blair Jennings Sent: Wednesday, July 01, 2009 12:53 PM To: 'Daniel Kulp' Subject: RE: Connecting CXF 2.2 client to a WCF webservice Ok I figured out part of the issue. The RequestContext was being give this key value: "ws-security.username" when it should have been this: "ws-security.username.sct". In the documentation I found the 1st key while in the forum I found the 2nd one which has gotten me farther. Now why the 1st way worked for a couple of weeks until the server was rebooted is something I do not currently care about. Now the server is giving me a HTTP 405 forbidden verb error. Not entirely sure why but I am now talking to my server which will allow me to figure out what else is wrong. Though if anyone has seen this before I appreciate any help. Thanks, Blair Jennings -----Original Message----- From: Daniel Kulp [mailto:[email protected]] Sent: Wednesday, July 01, 2009 11:47 AM To: [email protected] Cc: Blair Jennings Subject: Re: Connecting CXF 2.2 client to a WCF webservice How is the client configured? From the stacktrace, the policy states that it needs to output a UsernameToken into the security header. However, it's not finding configuration that can provide a username. That suggests that a username isn't being passed in (either via config or via the RequestContext). Dan On Tue June 30 2009 6:56:19 pm Blair Jennings wrote: > Hello everyone, > > > > I have a CXF client which was working fine against a WCF 3.0 webservice > which uses both SSL and message encryption. The IIS server was slightly > reconfigured in the way it was doing SSL, and now my client is throwing > these errors: > > > > INFO: The cipher suite filters have not been configured, falling back to > default filters. > > Jun 30, 2009 3:19:41 PM org.apache.cxf.transport.https.SSLUtils > getCiphersFromList > > INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5, > SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, > SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, > SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, > SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, > SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, > SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, > TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, > TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, > TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, > TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, > TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5. > > Jun 30, 2009 3:19:41 PM org.apache.cxf.phase.PhaseInterceptorChain > doIntercept > > INFO: Interceptor has thrown exception, unwinding now > > org.apache.cxf.interceptor.Fault: No username available > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler. > handleBinding(TransportBindingHandler.java:211) > > at > org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBa > sedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutIntercep > tor.java:127) > > at > org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBa > sedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutIntercep > tor.java:73) > > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC > hain.java:236) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:471) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:301) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:253) > > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClien > t.java:404) > > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClien > t.java:311) > > at > org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInte > rceptor.issueToken(SecureConversationOutInterceptor.java:156) > > at > org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInte > rceptor.handleMessage(SecureConversationOutInterceptor.java:68) > > at > org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInte > rceptor.handleMessage(SecureConversationOutInterceptor.java:43) > > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC > hain.java:236) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:471) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:301) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:253) > > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:121) > > at $Proxy41.ping(Unknown Source) > > at com.alifemedical.JavaTest.main(JavaTest.java:21) > > Caused by: org.apache.cxf.ws.policy.PolicyException: No username > available > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.p > olicyNotAsserted(AbstractBindingBuilder.java:277) > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.a > ddUsernameToken(AbstractBindingBuilder.java:600) > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler. > addUsernameTokens(TransportBindingHandler.java:80) > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler. > handleBinding(TransportBindingHandler.java:127) > > ... 19 more > > > > I am at a loss why is it looking for a username now when it seemed to be > able to find it before? I have looked through the mailing list and other > places for any possible help but nothing seems to address this issue. > FYI I have a .NET client which still connects perfectly fine to the > service. > > > > Any suggestions are appreciated. > > Thanks, > > > > Blair Jennings > > Sr. Software Engineer > > A-Life Medical -- Daniel Kulp [email protected] http://www.dankulp.com/blog
