Thanks Dan
If we want to WS-Security interceptor that will work with saml2 and
validate against our own services, should we implement our own
interceptor using the one that is CXF as an example? or is there another
approach that we should take?
Regards
Suneet
Daniel Kulp wrote:
On Wednesday 07 April 2010 6:57:22 pm Suneet Shah wrote:
Hello:
I am trying to setup ws-security using the docs WS-Security with
username token. When I call a service, I get the error below. I am
using cxf 2.2.4
Any thoughts on what might be wrong?
The version of wss4j that is being picked up is too old. Make sure you are
using the latest wss4j jar.
Dan
java.lang.NoSuchMethodError:
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkReceiverResultsAny
Order(Ljava/util/Vector;Ljava/util/Vector;)Z at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInIn
terceptor.java:287) at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInIn
terceptor.java:77) at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
n.java:236) at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationO
bserver.java:104) at
org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestinati
on.java:98) at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(Servle
tController.java:392) at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController
.java:170) at
org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServl
et.java:142) at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPSer
vlet.java:45) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPSe
rvlet.java:101) at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio
nFilterChain.java:290) at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC
hain.java:206) at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilter
Internal(OpenSessionInViewFilter.java:198) at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequest
Filter.java:76) at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio
nFilterChain.java:235) at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC
hain.java:206) at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.j
ava:233) at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.j
ava:191) at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:12
8) at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:10
2) at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.jav
a:109) at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Htt
p11Protocol.java:583) at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
Web service setup:
<bean id="passwordCallback"
class="org.openiam.ws.sec.ServerPasswordCallback"/>
<jaxws:endpoint id="userDataService"
implementor="#userWS"
address="/idmsrvc/UserDataService" >
<jaxws:properties>
<entry key="schema-validation-enabled" value="false" />
</jaxws:properties>
<jaxws:inInterceptors>
<!-- SAAJ Interceptor needs to be explicitly declared only in
CXF 2.0.x -->
<bean
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> <bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="signaturePropFile" value=""/>
<entry key="passwordCallbackRef">
<ref bean="passwordCallback"/>
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
