RE: Issue with CXF-2.5.2 regarding UsernameToken

Fri, 03 Feb 2012 10:04:23 -0800 

Hello,

I don't understand because the 2 ways of coding seem feasible according the 
article at: http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile

So do you mean that the client code provided in this article is wrong ?

Best Regards

-----Original Message-----
From: Colm O hEigeartaigh [mailto:[email protected]] 
Sent: vendredi 3 février 2012 18:17
To: [email protected]
Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken

Hi Francois,

In the code you have that works, you are (correctly) setting the username via 
the tag "ws-security.username". This is defined in the following documentation 
"Configuring the extra properties":

http://cxf.apache.org/docs/ws-securitypolicy.html

However in the code that does not work, you are setting the username via the 
tag WSHandlerConstants.USER. This is a configuration tag used by WSS4J and it 
works with CXF for the non-WS-SecurityPolicy use-case.
As you are using WS-SecurityPolicy (TransportBindingHandler), it does not work.

Colm.

On Fri, Feb 3, 2012 at 5:10 PM, COURTAULT Francois 
<[email protected]> wrote:
> Hello everybody,
>
> For UsernameToken, in my client code I have used the following code which is:
>                  Map<String, Object> ctx = ((BindingProvider) 
> port).getRequestContext();
>                  ctx.put("ws-security.username", "myusername");
>                  ctx.put("ws-security.password", "mypassword"); It 
> works :)
>
> But if I replace this one with:
>            Map<String, Object> outProps = new HashMap<String, 
> Object>();
>            outProps.put(WSHandlerConstants.ACTION, 
> WSHandlerConstants.USERNAME_TOKEN);
>            outProps.put(WSHandlerConstants.USER, "myusername");
>            outProps.put(WSHandlerConstants.PASSWORD_TYPE, 
> WSConstants.PW_TEXT);
>            outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, 
> ClientPasswordCB.class.getName());
>
>            WSS4JOutInterceptor wssOut = new 
> WSS4JOutInterceptor(outProps);
>
>            Client client = 
> org.apache.cxf.frontend.ClientProxy.getClient(port);
>            Endpoint cxfEndpoint = client.getEndpoint();
>
>            cxfEndpoint.getOutInterceptors().add(wssOut);
>
> with
> public class ClientPasswordCB implements CallbackHandler {
>
>      @Override
>      public void handle(Callback[] callbacks) throws IOException,
>                  UnsupportedCallbackException {
>            // TODO Auto-generated method stub
>            WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
>            if ("myusername".equals(pc.getIdentifier())) {
>                  pc.setPassword("mypassword");
>            }
>      }
>
> }
>
> I got the following error:
> févr. 2012 18:04:50 org.apache.cxf.phase.PhaseInterceptorChain 
> doDefaultLogging
> ATTENTION: Interceptor for 
> {http://gemalto/test/ws/}SimpleWSEJBService#{http://gemalto/test/ws/}h
> elloWorld has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: No username available
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandle
> r.handleBinding(TransportBindingHandler.java:151)
>      at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Policy
> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInte
> rceptor.java:158)
>      at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Policy
> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInte
> rceptor.java:88)
>      at 
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercepto
> rChain.java:263)
>      at 
> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>      at 
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
>      at 
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134
> )
>      at $Proxy27.helloWorld(Unknown Source)
>      at 
> com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimpl
> eWSCXFClientHttpsUsername.java:85)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No username 
> available
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .policyNotAsserted(AbstractBindingBuilder.java:301)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .addUsernameToken(AbstractBindingBuilder.java:804)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .handleSupportingTokens(AbstractBindingBuilder.java:475)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .handleSupportingTokens(AbstractBindingBuilder.java:462)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandle
> r.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandle
> r.handleBinding(TransportBindingHandler.java:144)
>      ... 11 more
> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: No 
> username available
>      at 
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156
> )
>      at $Proxy27.helloWorld(Unknown Source)
>      at 
> com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimpl
> eWSCXFClientHttpsUsername.java:85)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No username 
> available
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .policyNotAsserted(AbstractBindingBuilder.java:301)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .addUsernameToken(AbstractBindingBuilder.java:804)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .handleSupportingTokens(AbstractBindingBuilder.java:475)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder
> .handleSupportingTokens(AbstractBindingBuilder.java:462)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandle
> r.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200)
>      at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandle
> r.handleBinding(TransportBindingHandler.java:144)
>      at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Policy
> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInte
> rceptor.java:158)
>      at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Policy
> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInte
> rceptor.java:88)
>      at 
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercepto
> rChain.java:263)
>      at 
> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>      at 
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
>      at 
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134
> )
>      ... 2 more
>
> Any idea ? What's wrong with this code ?
>
> Best Regards.



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to