I am trying to add UsernameToken based security in web services written using apache cxf version 2.2.12.
Once I deploy my application in weblogic, I am getting two URL's from which I can access my WSDL. 1.http://localhst:8080/myapp/services/MyService?wsdl 2.http://localhost:8080/myapp/MyService?wsdl I am trying to consume webservice using soapUI client and problem is If I use 2nd URL, everything works fine, my ejb is getting injected properly etc but WSS4JInterceptor is not getting called at all and I am getting request header must understand fault in response. If I change the URL in soapUI to use 1st one, then Interceptor is getting called but then my services is not getting injected and I am getting NULL as service object. I have configured WSS4JInterceptor in my spring configuration file. I need to call this Interceptor before each request so that I can verify user token from request header. Here is my beans.xml <bean id="wss4jInConfiguration" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <property name="properties"> <map> <entry key="action" value="UsernameToken Timestamp"/> <entry key="passwordType" value="PasswordText" /> <entry> <key> <value>passwordCallbackRef</value> </key> <ref bean="passwordCallback"/> </entry> </map> </property> </bean> <bean id="passwordCallback" class="my.interceptors.callbacks.handlers.PasswordCallbackHandler"/> <jaxws:endpoint id="myservice" implementor="my.sample.application.MyServiceImpl" address="/MyService"> <jaxws:ininterceptors> <ref bean="wss4jInConfiguration" /> </jaxws:ininterceptors> </jaxws:endpoint> Here is my web.xml <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <context-param> <param-name>contextConfigLocation</param-name> <param-value> classpath:WEB-INF/beans.xml </param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener </listener-class> </listener> <servlet> <servlet-name>CXFServlet</servlet-name> <display-name>CXF Servlet</display-name> <servlet-class>org.apache.cxf.transport.servlet.CXFServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/services/*</url-pattern> </servlet-mapping> </web-app> I don't have currently access to my WSDL but here is the tag looks like. <soap:address location="http://localhost:8080/MyServiceSoapPort"; /> Any pointer what i am doing wrong. NOTE: My services are working fine without call back on URL without /services/ -- View this message in context: http://cxf.547215.n5.nabble.com/ws-security-endpoint-address-problem-tp4929961p4929961.html Sent from the cxf-user mailing list archive at Nabble.com.
