On Wednesday 07 April 2010 10:22:25 pm Suneet Shah wrote: > Thanks Dan > > If we want to WS-Security interceptor that will work with saml2 and > validate against our own services, should we implement our own > interceptor using the one that is CXF as an example? or is there another > approach that we should take?
Right now, wss4j doesn't really support SAML2 tokens. Thus, you would need to add a processor or similar to wss4j to handle it. There are two open JIRAs with them that have patches under investigation: https://issues.apache.org/jira/browse/WSS-146 https://issues.apache.org/jira/browse/WSS-204 One of them may be a starting point. Dan > Regards > Suneet > > Daniel Kulp wrote: > > On Wednesday 07 April 2010 6:57:22 pm Suneet Shah wrote: > >> Hello: > >> > >> I am trying to setup ws-security using the docs WS-Security with > >> username token. When I call a service, I get the error below. I am > >> using cxf 2.2.4 > >> Any thoughts on what might be wrong? > > > > The version of wss4j that is being picked up is too old. Make sure you > > are using the latest wss4j jar. > > > > Dan > > > >> java.lang.NoSuchMethodError: > >> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkReceiverResults > >> Any Order(Ljava/util/Vector;Ljava/util/Vector;)Z at > >> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI > >> nIn terceptor.java:287) at > >> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI > >> nIn terceptor.java:77) at > >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC > >> hai n.java:236) at > >> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiati > >> onO bserver.java:104) at > >> org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestin > >> ati on.java:98) at > >> org.apache.cxf.transport.servlet.ServletController.invokeDestination(Ser > >> vle tController.java:392) at > >> org.apache.cxf.transport.servlet.ServletController.invoke(ServletControl > >> ler .java:170) at > >> org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFSe > >> rvl et.java:142) at > >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTP > >> Ser vlet.java:45) at > >> javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at > >> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTT > >> PSe rvlet.java:101) at > >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica > >> tio nFilterChain.java:290) at > >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt > >> erC hain.java:206) at > >> org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFil > >> ter Internal(OpenSessionInViewFilter.java:198) at > >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ > >> est Filter.java:76) at > >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica > >> tio nFilterChain.java:235) at > >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt > >> erC hain.java:206) at > >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv > >> e.j ava:233) at > >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv > >> e.j ava:191) at > >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java > >> :12 8) at > >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java > >> :10 2) at > >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. > >> jav a:109) at > >> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567 > >> ) > >> > >> at > >> > >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:2 > >> 93) > >> > >> at > >> > >> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:84 > >> 9) > >> > >> at > >> > >> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process( > >> Htt p11Protocol.java:583) at > >> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) > >> > >> at java.lang.Thread.run(Thread.java:619) > >> > >> Web service setup: > >> <bean id="passwordCallback" > >> > >> class="org.openiam.ws.sec.ServerPasswordCallback"/> > >> > >> <jaxws:endpoint id="userDataService" > >> > >> implementor="#userWS" > >> address="/idmsrvc/UserDataService" > > >> > >> <jaxws:properties> > >> > >> <entry key="schema-validation-enabled" value="false" /> > >> > >> </jaxws:properties> > >> > >> <jaxws:inInterceptors> > >> > >> <!-- SAAJ Interceptor needs to be explicitly declared only in > >> > >> CXF 2.0.x --> > >> > >> <bean > >> > >> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> <bean > >> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> > >> <constructor-arg> > >> > >> <map> > >> > >> <entry key="action" value="UsernameToken"/> > >> <entry key="passwordType" value="PasswordDigest"/> > >> <entry key="signaturePropFile" value=""/> > >> <entry key="passwordCallbackRef"> > >> > >> <ref bean="passwordCallback"/> > >> > >> </entry> > >> > >> </map> > >> > >> </constructor-arg> > >> > >> </bean> > >> > >> </jaxws:inInterceptors> > >> > >> </jaxws:endpoint> -- Daniel Kulp [email protected] http://dankulp.com/blog
