Hi Sergey, thank you very much for taking the time to help me. I have set the property you mentioned. Look, this is my configuration:
<jaxws:endpoint id="SecureServiceBean" address="/example-ejb/SecureService" implementor="com.example.SecureServiceBean"> <jaxws:invoker> <bean class="org.jboss.wsf.stack.cxf.InvokerEJB3" /> </jaxws:invoker> <jaxws:inInterceptors> <bean class="com.example.AuthenticationInterceptor1"/> </jaxws:inInterceptors> <jaxws:properties> <entry key="ws-security.ut.no-callbacks" value="true" /> <!--<entry key="ws-security.validate.token" value="false" />--> <entry key="ws-security.signature.properties" value="keystore.properties" /> <entry key="ws-security.encryption.properties" value="keystore.properties" /> <entry key="ws-security.callback-handler" value="com.example.PasswordCallback" /> </jaxws:properties> </jaxws:endpoint> Where com.example.AuthenticationInterceptor1 extends AbstractUsernameTokenInInterceptor. This results in: 12:01:12,770 ERROR [org.apache.cxf.interceptor.security.AbstractSecurityContextInInterceptor] Security Token is not available on the current message Thanks David -----Ursprüngliche Nachricht----- From: Sergey Beryozkin Sent: Thursday, March 31, 2011 11:06 AM To: [email protected] Subject: Re: UsernameToken JBoss Integration Hi Please check this section: http://cxf.apache.org/docs/security.html#Security-WSSecurityUsernameTokenandCustomAuthentication In 2.3.x you have to set a "ws-security.ut.no-callbacks" property and this will ensure AbstractUserNameTokenInterceptor can be used. Setting this property results in WSS4JInInterceptor duplicating WSS4J specific UT into CXF specific UsernameToken which is what AbstractUserNameTokenInterceptor is checking. Cheers, Sergey On Thu, Mar 31, 2011 at 8:42 AM, David Zhang <[email protected]> wrote: > > Hello, > > > > i have a web service with symmetric binding and self-signed server > certificate. > > I implemented a password callbackhandler for the password to the private > key of the server. > > Now i want to add authentication with username token. So i added a > supporting token to the ws security policy. > > > > To this point everything works fine. The server gets an encrypted request > with a username token. > > My concern is that i do not want to do the authentication in my > application. I want to integrate the username token with JBoss Security. > > > > So i followed these instructions: > http://community.jboss.org/wiki/JBossWS-StackCXFUserGuide#Authentication_and_authorization > > However, it did not work. I used a debugger to check and i saw the > authentication interceptor was created when my app was deployed but it was > never called on a client request. > > > > Later i found this: > http://svn.apache.org/repos/asf/cxf/tags/cxf-2.3.3/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleSubjectCreatingInterceptor.java > > I implemented an interceptor following that example. I put a breakpoint on > the createSubject method. It was never called. > > > > Then i followed this example: > http://svn.apache.org/repos/asf/cxf/tags/cxf-2.3.3/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleUsernameTokenInterceptor.java > > At least i know this interceptor was called. But it produced an error > before the createSubject method was called. The error says: Security Token > is not available on the current message > > > > But this can not be true. Because then i removed the interceptor removed > the property ws-security.ut.no-callbacks and on the next request my password > callbackhandler was called with the username i set on the client. > > > > Please, can anybody explain me what i am doing wrong? > > > > Thanks > > David > -- Sergey Beryozkin Application Integration Division of Talend <http://www.talend.com> http://sberyozkin.blogspot.com
