May be you need to clean up a local maven repo ? I'm building the trunk like this regularly...
Cheers, Sergey On Thu, Apr 7, 2011 at 11:46 AM, David Zhang <[email protected]> wrote: > Yes, i will try to build cxf. But there are still some problems. > Maybe i have to configure something else. Is there some more > documentation about the build process? > > If i do: > mvn install -Pfastinstall,jaxws22 > the build fails like this: > > [INFO] > ------------------------------------------------------------------------ > [INFO] Reactor Summary: > [INFO] > [INFO] Apache CXF ........................................ SUCCESS [0.110s] > [INFO] Apache CXF Parent ................................. SUCCESS [0.405s] > [INFO] Apache CXF Common Utilities ....................... SUCCESS [1.451s] > [INFO] Apache CXF Common Schemas ......................... SUCCESS [0.125s] > [INFO] Apache CXF API .................................... SUCCESS [1.841s] > [INFO] Apache CXF Woodstox/MSV Schema Validation ......... SUCCESS [0.296s] > [INFO] Apache CXF XML Schema Validation with Xerces ...... SUCCESS [0.187s] > [INFO] Apache CXF Common ................................. SUCCESS [0.016s] > [INFO] Apache CXF Runtime Core ........................... SUCCESS [1.092s] > [INFO] Apache CXF Command Line Tools Common .............. SUCCESS [0.530s] > [INFO] Apache CXF Command Line Tools Validator ........... SUCCESS [0.328s] > [INFO] Apache CXF Command Line Tools WSDLTo Core ......... SUCCESS [0.312s] > [INFO] Apache CXF Command Line Tools WSDLTo JAXWS Frontend SUCCESS > [0.593s] > [INFO] Apache CXF WSDL Validator Maven2 Plugin ........... SUCCESS [1.263s] > [INFO] Apache CXF Command Line Tools WSDLTo JAXB Databinding SUCCESS > [0.297s] > [INFO] Apache CXF Code Generation Maven2 Plugins ......... SUCCESS [0.717s] > [INFO] Apache CXF Test Utilities ......................... FAILURE > [38.454s] > [INFO] Apache CXF Runtime JAXB DataBinding ............... SKIPPED > [INFO] Apache CXF Runtime XML Binding .................... SKIPPED > [INFO] Apache CXF Runtime SOAP Binding ................... SKIPPED > [INFO] Apache CXF Runtime Local Transport ................ SKIPPED > [INFO] Apache CXF Runtime Simple Frontend ................ SKIPPED > [INFO] Apache CXF Runtime Transport Common Used Classes .. SKIPPED > [INFO] Apache CXF Runtime HTTP Transport ................. SKIPPED > [INFO] Apache CXF Runtime HTTP Jetty Transport ........... SKIPPED > [INFO] Apache CXF Runtime WS Addressing .................. SKIPPED > [INFO] Apache CXF Runtime JAX-WS Frontend ................ SKIPPED > [INFO] Apache CXF Test Case Support ...................... SKIPPED > [INFO] Apache CXF Runtime Aegis Databinding .............. SKIPPED > [INFO] Apache CXF Runtime JavaScript Client Generator .... SKIPPED > [INFO] Apache CXF Command Line Tools WSDL to JavaScript Front End SKIPPED > [INFO] Apache CXF Runtime Management ..................... SKIPPED > [INFO] Apache CXF Runtime JMS Transport .................. SKIPPED > [INFO] Apache CXF Runtime XmlBeans DataBinding ........... SKIPPED > [INFO] Apache CXF Command Line Tools WSDLTo Test ......... SKIPPED > [INFO] Apache CXF Command Line Tools WSDLTo Misctools .... SKIPPED > [INFO] Apache CXF Command Line Tools ..................... SKIPPED > [INFO] Apache CXF Command Line Tools WSDLTo .............. SKIPPED > [INFO] Apache CXF Command Line Tools JavaTo WS ........... SKIPPED > [INFO] Apache CXF Command Line Tools JavaTo .............. SKIPPED > [INFO] Apache CXF Runtime CORBA Binding .................. SKIPPED > [INFO] Apache CXF Command Line Tools CORBA ............... SKIPPED > [INFO] Apache CXF Runtime SDO DataBinding ................ SKIPPED > [INFO] Apache CXF Runtime HTTP Binding ................... SKIPPED > [INFO] Apache CXF Runtime Object Binding ................. SKIPPED > [INFO] Apache CXF Runtime Colocated Binding .............. SKIPPED > [INFO] Apache CXF Runtime JBI Binding .................... SKIPPED > [INFO] Apache CXF Runtime ................................ SKIPPED > [INFO] Apache CXF Runtime Bindings ....................... SKIPPED > [INFO] Apache CXF Runtime JAX-RS Frontend ................ SKIPPED > [INFO] Apache CXF Runtime JavaScript Frontend ............ SKIPPED > [INFO] Apache CXF HTTP Transport for OSGi ................ SKIPPED > [INFO] Apache CXF Runtime JBI Transport .................. SKIPPED > [INFO] Apache CXF Runtime WS Policy ...................... SKIPPED > [INFO] Apache CXF Runtime WS Reliable Messaging .......... SKIPPED > [INFO] Apache CXF Runtime WS Security .................... SKIPPED > [INFO] Apache CXF Runtime Web Management ................. SKIPPED > [INFO] Apache CXF JBI Integration ........................ SKIPPED > [INFO] Apache CXF JCA Connection ......................... SKIPPED > [INFO] Apache CXF Integration ............................ SKIPPED > [INFO] Apache CXF Java2WS Maven2 Plugin .................. SKIPPED > [INFO] Apache CXF CORBA Tools Maven2 Plugins ............. SKIPPED > [INFO] Apache CXF Archetype - Simple JAX-WS Java First ... SKIPPED > [INFO] Apache CXF Maven Archetypes ....................... SKIPPED > [INFO] Apache CXF Maven Plugins .......................... SKIPPED > [INFO] Apache CXF Container Integration System Tests ..... SKIPPED > [INFO] Apache CXF Container Integration Test Webapp ...... SKIPPED > [INFO] Apache CXF Container Integration Test Grizzly ..... SKIPPED > [INFO] Apache CXF Uncategorized System Tests ............. SKIPPED > [INFO] Apache CXF Transport System Tests ................. SKIPPED > [INFO] Apache CXF JAX-WS System Tests .................... SKIPPED > [INFO] Apache CXF Databinding System Tests ............... SKIPPED > [INFO] Apache CXF JAX-RS System Tests .................... SKIPPED > [INFO] Apache CXF WS-* Specifications System Tests ....... SKIPPED > [INFO] Test for writing wsdl to repo ..................... SKIPPED > [INFO] Test for generating code from wsdl in repo ........ SKIPPED > [INFO] Apache CXF System Tests ........................... SKIPPED > [INFO] Apache CXF System Tests for Maven Plugins ......... SKIPPED > [INFO] > ------------------------------------------------------------------------ > [INFO] BUILD FAILURE > [INFO] > ------------------------------------------------------------------------ > [INFO] Total time: 49.530s > [INFO] Finished at: Thu Apr 07 12:42:45 CEST 2011 > [INFO] Final Memory: 40M/159M > [INFO] > ------------------------------------------------------------------------ > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-compiler-plugin:2.3.2:compile > (default-compile) on project > cxf-testutils: Compilation failure: Compilation failure: > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\hello_wor > ld_soap_http\any\SOAPService.java:[60,8] cannot find symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\hello_wor > ld_soap_http\any\SOAPService.java:[67,8] cannot find symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\hello_wor > ld_soap_http\any\SOAPService.java:[74,8] cannot find symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\cxf\anony > mous_complex_type\AnonymousComplexTypeService.java:[60,8] cannot find > symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\cxf\anony > mous_complex_type\AnonymousComplexTypeService.java:[67,8] cannot find > symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\cxf\anony > mous_complex_type\AnonymousComplexTypeService.java:[74,8] cannot find > symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\handlers\ > AddNumbersService.java:[60,8] cannot find symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\handlers\ > AddNumbersService.java:[67,8] cannot find symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] > \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\handlers\ > AddNumbersService.java:[74,8] cannot find symbol > [ERROR] symbol : constructor > Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[]) > [ERROR] location: class javax.xml.ws.Service > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, > please read the following articles: > [ERROR] [Help 1] > http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException > [ERROR] > [ERROR] After correcting the problems, you can resume the build with the > command > [ERROR] mvn <goals> -rf :cxf-testutils > c:\Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT> > > > -----Ursprüngliche Nachricht----- From: Sergey Beryozkin > Sent: Thursday, April 07, 2011 11:03 AM > > To: [email protected] > Subject: Re: UsernameToken JBoss Integration > > Sorry, should be > > 'mvn install -Pfastinstall,jaxws22' > > Cheers, Sergey > > On Thu, Apr 7, 2011 at 10:01 AM, Sergey Beryozkin <[email protected] > >wrote: > > Hi >> >> On Thu, Apr 7, 2011 at 9:53 AM, David Zhang <[email protected]> wrote: >> >> Hello Sergey, >>> >>> i did my best to try that, but i ran into problems. >>> >>> First one is i cannot build the project. >>> This documentation is not sufficient for me: >>> http://cxf.apache.org/building.html >>> Is there more extensive documentation somewhere? >>> >>> However, i downloaded the individual artifacts from Jenkins and patched >>> my >>> JBoss installation with them. >>> >>> To test the new snapshot release i changed my project to depend on the >>> 2.3.4-SNAPSHOT version from the apache snapshots repository and rebuilt >>> it. >>> >>> The second problem is the 2.3.4-SNAPSHOT is not compatible anymore with >>> JBoss 6.0.0.Final. Cause of this is a package name changed from >>> org.apache.cxf.jaxws22 to org.apache.cxf.jaxws. >>> But JBoss has a class >>> org.jboss.wsf.stack.cxf.deployment.EndpointImpl extends >>> org.apache.cxf.jaxws22.EndpointImpl >>> >>> The result is i cannot deploy my project anymore. :-( >>> >>> >>> Just checkout CXF 2.3.4 using svn or git, and then do >> >> 'mvn install -Pfastinstall,jaxws' >> >> that should fix it >> >> Give it a try please >> >> Cheers, Sergey >> >> >> >>> -----Ursprüngliche Nachricht----- From: Sergey Beryozkin >>> Sent: Wednesday, April 06, 2011 6:39 PM >>> To: [email protected] >>> Subject: Re: UsernameToken JBoss Integration >>> >>> Hi David >>> >>> I did a minor update to WSS4JInInterceptor to ensure that the 'best' >>> principal is wrapped as a SecurityContext principal, when possible. This >>> update does not change the fact all Principals are still available on the >>> message for subsequent interceptors to check, it simply attempts not to >>> set >>> a Principal representing the encryption key which was used to encrypt UT >>> as >>> the 'main' Principal. >>> >>> Hope Colm and others will be ok with this update. >>> >>> Can you please checkout 2.3.4-SNAPSHOT and verify it fixes the problem ? >>> >>> Thanks, Sergey >>> >>> On Tue, Apr 5, 2011 at 12:01 PM, David Zhang <[email protected]> >>> wrote: >>> >>> Hello Sergey, >>> >>>> >>>> i think i found the cause of the problem. JBoss 6.0.0.Final comes with >>>> CXF >>>> 2.3.1. However, i checked out the 2.3.3 tag and did a little bug fix. >>>> >>>> What do you think of it? Please tell me, if you will make a fix for >>>> 2.3.x, >>>> then i would like to download the update. >>>> >>>> Please look at >>>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.doResults() >>>> >>>> At the end of the method is a for-loop over the wssEngineResults. If >>>> withCallbacks is false then the UsernameToken should be put in the >>>> message. >>>> The Problem is, the first Principal found is not the >>>> UsernameTokenPrincipal >>>> but the DerivedKeyPrincipal. This triggers creation of a security >>>> context >>>> and breakes the for-loop. The second wssEngineResult would have been the >>>> UsernameTokenPrincipal. >>>> >>>> I believe this is the reason why i receive the error message: >>>> Security Token is not available on the current message >>>> >>>> Here is the patch i use. It seems to work for me. >>>> >>>> David >>>> >>>> protected void doResults(SoapMessage msg, String actor, SOAPMessage doc, >>>> Vector wsResult, >>>> boolean utWithCallbacks) throws SOAPException, XMLStreamException, >>>> WSSecurityException { >>>> /* >>>> * All ok up to this point. Now construct and setup the security >>>> result >>>> * structure. The service may fetch this and check it. >>>> */ >>>> List<Object> results = >>>> CastUtils.cast((List)msg.get(WSHandlerConstants.RECV_RESULTS)); >>>> if (results == null) { >>>> results = new Vector<Object>(); >>>> msg.put(WSHandlerConstants.RECV_RESULTS, results); >>>> } >>>> WSHandlerResult rResult = new WSHandlerResult(actor, wsResult); >>>> results.add(0, rResult); >>>> >>>> SOAPBody body = doc.getSOAPBody(); >>>> >>>> XMLStreamReader reader = StaxUtils.createXMLStreamReader(new >>>> DOMSource(body)); >>>> // advance just past body >>>> int evt = reader.next(); >>>> int i = 0; >>>> while (reader.hasNext() && i < 1 >>>> && (evt != XMLStreamConstants.END_ELEMENT || evt != >>>> XMLStreamConstants.START_ELEMENT)) { >>>> reader.next(); >>>> i++; >>>> } >>>> msg.setContent(XMLStreamReader.class, reader); >>>> String pwType = (String)getProperty(msg, "passwordType"); >>>> if ("PasswordDigest".equals(pwType)) { >>>> //CXF-2150 - we need to check the UsernameTokens >>>> for (WSSecurityEngineResult o : CastUtils.cast(wsResult, >>>> WSSecurityEngineResult.class)) { >>>> Integer actInt = >>>> (Integer)o.get(WSSecurityEngineResult.TAG_ACTION); >>>> if (actInt == WSConstants.UT) { >>>> WSUsernameTokenPrincipal princ >>>> = >>>> (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL); >>>> if (!princ.isPasswordDigest()) { >>>> LOG.warning("Non-digest UsernameToken found, but >>>> digest required"); >>>> throw new >>>> WSSecurityException(WSSecurityException.INVALID_SECURITY); >>>> } >>>> } >>>> } >>>> } >>>> >>>> if (!utWithCallbacks) { >>>> for (WSSecurityEngineResult o : CastUtils.cast(wsResult, >>>> WSSecurityEngineResult.class)) { >>>> final Principal p = >>>> (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL); >>>> if (p instanceof WSUsernameTokenPrincipal) { >>>> msg.put(PRINCIPAL_RESULT, p); >>>> WSS4JTokenConverter.convertToken(msg, p); >>>> SecurityContext sc = msg.get(SecurityContext.class); >>>> if (sc == null || sc.getUserPrincipal() == null) { >>>> msg.put(SecurityContext.class, >>>> createSecurityContext(p)); >>>> } >>>> break; >>>> } >>>> } >>>> } else { >>>> for (WSSecurityEngineResult o : CastUtils.cast(wsResult, >>>> WSSecurityEngineResult.class)) { >>>> final Principal p = >>>> (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL); >>>> if (p != null) { >>>> msg.put(PRINCIPAL_RESULT, p); >>>> if (!utWithCallbacks) { >>>> WSS4JTokenConverter.convertToken(msg, p); >>>> } >>>> SecurityContext sc = msg.get(SecurityContext.class); >>>> if (sc == null || sc.getUserPrincipal() == null) { >>>> msg.put(SecurityContext.class, >>>> createSecurityContext(p)); >>>> break; >>>> } >>>> } >>>> } >>>> } >>>> } >>>> >>>> -----Ursprüngliche Nachricht----- >>>> From: Sergey Beryozkin >>>> Sent: Monday, April 04, 2011 1:50 PM >>>> To: [email protected] >>>> Cc: David Zhang >>>> Subject: Re: UsernameToken JBoss Integration >>>> >>>> Sorry, that one is indeed needed for the encryption itself to succeed. >>>> Can you try, for the sake of the test, send unencrypted UTs ? >>>> >>>> I don't recall if I had the test for the case when the body was also >>>> encrypted, would have to check. >>>> In meantime, you may want to try the following: >>>> >>>> - if UT passwords are not encrypted then simply register a CXF >>>> interceptor, >>>> after WSS4JInInterceptor, extract a WSS4J token and use it to create the >>>> Subject and then replace the existing SecurityContext on the message >>>> with >>>> the new one - if you decide to follow this route then I can provide more >>>> info on how existing CXF SecurityContext impls can be reused >>>> - if it is not a WSDL-first case then register an >>>> AbstractUsernameTokenAuthenticatingInterceptor implementation instead of >>>> WSS4InInterceptor but configure it as usual, just do not provide a UT >>>> callback >>>> >>>> Let us know how it goes >>>> >>>> Sergey >>>> >>>> On Mon, Apr 4, 2011 at 12:33 PM, David Zhang <[email protected]> >>>> wrote: >>>> >>>> > Hello, >>>> > >>>> > i still cannot get the AuthenticationInterceptor to work. >>>> > >>>> > The password callback is needed to retrieve the password for the >>>> private >>>> > key. Otherwise the server cannot decrypt the SOAP Request. >>>> > >>>> > However, when the AuthenticationInterceptor is called in the > >>>> pre-invoke >>>> > Phase, the security token is null. >>>> > see AbstractSecurityContextInInterceptor.handleMessage() >>>> > >>>> > Any ideas? >>>> > >>>> > David >>>> > >>>> > From: [email protected] >>>> > Sent: Friday, April 01, 2011 7:38 AM >>>> > To: [email protected] >>>> > Subject: Re: UsernameToken JBoss Integration >>>> > >>>> > Hello Sergey, >>>> > >>>> > if i remove the password callback, i get another error message: >>>> > General security error (WSSecurityEngine: Callback supplied no > >>>> password >>>> > for: myAlias) >>>> > >>>> > The keystore.properties file contains only the password for the > >>>> keystore, >>>> > not for the private key inside the keystore. Also i can not find a way >>>> > to >>>> > create a private key without password by the java keytool. >>>> > >>>> > Is there another way to provide the password besides the password >>>> callback? >>>> > Is there maybe a property in the keystore.properties file? I cannot >>>> find >>>> a >>>> > suitable property in this list: >>>> > http://cxf.apache.org/docs/ws-securitypolicy.html >>>> > >>>> > This is the content of the keystore.properties. The ${}-parts are >>>> replaced >>>> > by maven with actual values: >>>> > >>>> > >>>> > >>>> > >>>> >>>> >>>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin >>>> > org.apache.ws.security.crypto.merlin.keystore.type=jks >>>> > >>>> >>>> >>>> org.apache.ws.security.crypto.merlin.keystore.password=${keystore.password} >>>> > >>>> org.apache.ws.security.crypto.merlin.keystore.alias=${certificate.alias} >>>> > org.apache.ws.security.crypto.merlin.file=${keystore.path} >>>> > >>>> > >>>> > >>>> > Thank you >>>> > David >>>> > >>>> > -----Ursprüngliche Nachricht----- >>>> > From: Sergey Beryozkin >>>> > Sent: Thursday, March 31, 2011 10:21 PM >>>> > To: [email protected] >>>> > Subject: Re: UsernameToken JBoss Integration >>>> > >>>> > Hi - >>>> > >>>> > You don't need a password callback in this case. >>>> > >>>> > Cheers, Sergey >>>> > >>>> > On Thu, Mar 31, 2011 at 7:42 PM, David Zhang <[email protected]> >>>> wrote: >>>> > >>>> > > Hi Sergey, >>>> > > >>>> > > thank you very much for taking the time to help me. >>>> > > I have set the property you mentioned. Look, this is my >>>> configuration: >>>> > > >>>> > > >>>> > > <jaxws:endpoint id="SecureServiceBean" >>>> > > >>>> > > address="/example-ejb/SecureService" >>>> > > >>>> > > implementor="com.example.SecureServiceBean"> >>>> > > >>>> > > <jaxws:invoker> >>>> > > >>>> > > <bean class="org.jboss.wsf.stack.cxf.InvokerEJB3" /> >>>> > > >>>> > > </jaxws:invoker> >>>> > > >>>> > > <jaxws:inInterceptors> >>>> > > >>>> > > >>>> > > <bean class="com.example.AuthenticationInterceptor1"/> >>>> > > >>>> > > </jaxws:inInterceptors> >>>> > > >>>> > > <jaxws:properties> >>>> > > >>>> > > <entry key="ws-security.ut.no-callbacks" value="true" /> >>>> > > >>>> > > <!--<entry key="ws-security.validate.token" value="false" />--> >>>> > > >>>> > > <entry key="ws-security.signature.properties" >>>> value="keystore.properties" >>>> > > /> >>>> > > >>>> > > <entry key="ws-security.encryption.properties" >>>> > value="keystore.properties" >>>> > > /> >>>> > > >>>> > > <entry key="ws-security.callback-handler" >>>> > > value="com.example.PasswordCallback" /> >>>> > > >>>> > > </jaxws:properties> >>>> > > >>>> > > </jaxws:endpoint> >>>> > > >>>> > > Where com.example.AuthenticationInterceptor1 extends >>>> > > AbstractUsernameTokenInInterceptor. >>>> > > This results in: >>>> > > 12:01:12,770 ERROR >>>> > > >>>> > >>>> >>>> >>>> [org.apache.cxf.interceptor.security.AbstractSecurityContextInInterceptor] >>>> > > Security Token is not available on the current message >>>> > > >>>> > > Thanks >>>> > > David >>>> > > >>>> > > >>>> > > -----Ursprüngliche Nachricht----- >>>> > > From: Sergey Beryozkin >>>> > > Sent: Thursday, March 31, 2011 11:06 AM >>>> > > To: [email protected] >>>> > > Subject: Re: UsernameToken JBoss Integration >>>> > > >>>> > > Hi >>>> > > >>>> > > Please check this section: >>>> > > >>>> > > >>>> > > >>>> > >>>> >>>> >>>> http://cxf.apache.org/docs/security.html#Security-WSSecurityUsernameTokenandCustomAuthentication >>>> > > >>>> > > In 2.3.x you have to set a "ws-security.ut.no-callbacks" property > >>>> > and >>>> > this >>>> > > will ensure AbstractUserNameTokenInterceptor can be used. >>>> > > >>>> > > Setting this property results in WSS4JInInterceptor duplicating > > >>>> WSS4J >>>> > > specific UT into CXF specific UsernameToken which is what >>>> > > AbstractUserNameTokenInterceptor is checking. >>>> > > >>>> > > Cheers, Sergey >>>> > > >>>> > > On Thu, Mar 31, 2011 at 8:42 AM, David Zhang <[email protected]> >>>> > wrote: >>>> > > >>>> > > > >>>> > > > Hello, >>>> > > > >>>> > > > >>>> > > > >>>> > > > i have a web service with symmetric binding and self-signed server >>>> > > > certificate. >>>> > > > >>>> > > > I implemented a password callbackhandler for the password to the >>>> > private >>>> > > > key of the server. >>>> > > > >>>> > > > Now i want to add authentication with username token. So i added a >>>> > > > supporting token to the ws security policy. >>>> > > > >>>> > > > >>>> > > > >>>> > > > To this point everything works fine. The server gets an encrypted >>>> > request >>>> > > > with a username token. >>>> > > > >>>> > > > My concern is that i do not want to do the authentication in my >>>> > > > application. I want to integrate the username token with JBoss >>>> > Security. >>>> > > > >>>> > > > >>>> > > > >>>> > > > So i followed these instructions: >>>> > > > >>>> > > >>>> > >>>> >>>> >>>> http://community.jboss.org/wiki/JBossWS-StackCXFUserGuide#Authentication_and_authorization >>>> > > > >>>> > > > However, it did not work. I used a debugger to check and i saw the >>>> > > > authentication interceptor was created when my app was deployed > >>>> > > but >>>> it >>>> > > was >>>> > > > never called on a client request. >>>> > > > >>>> > > > >>>> > > > >>>> > > > Later i found this: >>>> > > > >>>> > > >>>> > >>>> >>>> >>>> http://svn.apache.org/repos/asf/cxf/tags/cxf-2.3.3/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleSubjectCreatingInterceptor.java >>>> > > > >>>> > > > I implemented an interceptor following that example. I put a >>>> breakpoint >>>> > > on >>>> > > > the createSubject method. It was never called. >>>> > > > >>>> > > > >>>> > > > >>>> > > > Then i followed this example: >>>> > > > >>>> > > >>>> > >>>> >>>> >>>> http://svn.apache.org/repos/asf/cxf/tags/cxf-2.3.3/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleUsernameTokenInterceptor.java >>>> > > > >>>> > > > At least i know this interceptor was called. But it produced an > >>>> > > > > >>>> > error >>>> > > > before the createSubject method was called. The error says: >>>> Security >>>> > > Token >>>> > > > is not available on the current message >>>> > > > >>>> > > > >>>> > > > >>>> > > > But this can not be true. Because then i removed the interceptor >>>> > removed >>>> > > > the property ws-security.ut.no-callbacks and on the next request > >>>> > > my >>>> > > password >>>> > > > callbackhandler was called with the username i set on the client. >>>> > > > >>>> > > > >>>> > > > >>>> > > > Please, can anybody explain me what i am doing wrong? >>>> > > > >>>> > > > >>>> > > > >>>> > > > Thanks >>>> > > > >>>> > > > David >>>> >>>> >>> >
