Hello Glen,
First, my WDSL contains policy statements.
I have read again more carefully your article.
Let me know if I have well understood:
- if the WSDL contains policy statements, the WS-SecurityPolicy option is
the preferred approach: right ?
- if the WSDL doesn't contain policy statements, the WSS4J interceptors
option is required: right ?
But does that mean also that you cannot use this option if the WSDL
contains policy statements ?
So, if the answer to above question is yes, the CXF client coding rules are:
- if your WSDL contains policy statements, you have no choice, you have
to use WS-SecurityPolicy option: right ?
- if your WSDL doesn't contains policy statements, you have no choice,
you have to use WSS4J interceptors option: right ?
Best Regards.
-----Original Message-----
From: Glen Mazza [mailto:gma...@talend.com]
Sent: vendredi 3 février 2012 19:42
To: users@cxf.apache.org
Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken
Once *you* decide which one you want--your choice but if the WSDL doesn't have
security policy statements it will need to be WSS4J--just follow my blog entry,
making changes as explained in the tutorial depending on the option you wanted.
For example, the code segment referenced had instructions just before it
telling you to comment out / uncomment the particular segment depending on the
method you chose.
Glen
On 02/03/2012 01:33 PM, COURTAULT Francois wrote:
> Hello,
>
> OK but how do you choose the method WSS4J interceptors or WS-SecurityPolicy ?
>
> Best Regards.
>
> -----Original Message-----
> From: Glen Mazza [mailto:gma...@talend.com]
> Sent: vendredi 3 février 2012 19:29
> To: users@cxf.apache.org
> Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken
>
> The only reference to WSHandlerConstants.USER in the blog article is in the
> case where you're using WSS4J interceptors and not WS-SecurityPolicy.
> Remember just before that code block the article says to activate the section
> of the code depending on the method you're using--WSS4J interceptors or
> WS-SecurityPolicy.
>
> Glen
>
> On 02/03/2012 01:03 PM, COURTAULT Francois wrote:
>> Hello,
>>
>> I don't understand because the 2 ways of coding seem feasible
>> according the article at:
>> http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile
>>
>> So do you mean that the client code provided in this article is wrong ?
>>
>> Best Regards
>>
>> -----Original Message-----
>> From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
>> Sent: vendredi 3 février 2012 18:17
>> To: users@cxf.apache.org
>> Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken
>>
>> Hi Francois,
>>
>> In the code you have that works, you are (correctly) setting the username
>> via the tag "ws-security.username". This is defined in the following
>> documentation "Configuring the extra properties":
>>
>> http://cxf.apache.org/docs/ws-securitypolicy.html
>>
>> However in the code that does not work, you are setting the username via the
>> tag WSHandlerConstants.USER. This is a configuration tag used by WSS4J and
>> it works with CXF for the non-WS-SecurityPolicy use-case.
>> As you are using WS-SecurityPolicy (TransportBindingHandler), it does not
>> work.
>>
>> Colm.
>>
>> On Fri, Feb 3, 2012 at 5:10 PM, COURTAULT
>> Francois<francois.courta...@gemalto.com> wrote:
>>> Hello everybody,
>>>
>>> For UsernameToken, in my client code I have used the following code which
>>> is:
>>> Map<String, Object> ctx = ((BindingProvider)
>>> port).getRequestContext();
>>> ctx.put("ws-security.username", "myusername");
>>> ctx.put("ws-security.password", "mypassword"); It
>>> works :)
>>>
>>> But if I replace this one with:
>>> Map<String, Object> outProps = new HashMap<String,
>>> Object>();
>>> outProps.put(WSHandlerConstants.ACTION,
>>> WSHandlerConstants.USERNAME_TOKEN);
>>> outProps.put(WSHandlerConstants.USER, "myusername");
>>> outProps.put(WSHandlerConstants.PASSWORD_TYPE,
>>> WSConstants.PW_TEXT);
>>> outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
>>> ClientPasswordCB.class.getName());
>>>
>>> WSS4JOutInterceptor wssOut = new
>>> WSS4JOutInterceptor(outProps);
>>>
>>> Client client =
>>> org.apache.cxf.frontend.ClientProxy.getClient(port);
>>> Endpoint cxfEndpoint = client.getEndpoint();
>>>
>>> cxfEndpoint.getOutInterceptors().add(wssOut);
>>>
>>> with
>>> public class ClientPasswordCB implements CallbackHandler {
>>>
>>> @Override
>>> public void handle(Callback[] callbacks) throws IOException,
>>> UnsupportedCallbackException {
>>> // TODO Auto-generated method stub
>>> WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
>>> if ("myusername".equals(pc.getIdentifier())) {
>>> pc.setPassword("mypassword");
>>> }
>>> }
>>>
>>> }
>>>
>>> I got the following error:
>>> févr. 2012 18:04:50 org.apache.cxf.phase.PhaseInterceptorChain
>>> doDefaultLogging
>>> ATTENTION: Interceptor for
>>> {http://gemalto/test/ws/}SimpleWSEJBService#{http://gemalto/test/ws/}
>>> h elloWorld has thrown exception, unwinding now
>>> org.apache.cxf.interceptor.Fault: No username available
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl
>>> e
>>> r.handleBinding(TransportBindingHandler.java:151)
>>> at
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic
>>> y
>>> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt
>>> e
>>> rceptor.java:158)
>>> at
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic
>>> y
>>> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt
>>> e
>>> rceptor.java:88)
>>> at
>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept
>>> o
>>> rChain.java:263)
>>> at
>>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>>> at
>>> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:13
>>> 4
>>> )
>>> at $Proxy27.helloWorld(Unknown Source)
>>> at
>>> com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimp
>>> l
>>> eWSCXFClientHttpsUsername.java:85)
>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No username
>>> available
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .policyNotAsserted(AbstractBindingBuilder.java:301)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .addUsernameToken(AbstractBindingBuilder.java:804)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .handleSupportingTokens(AbstractBindingBuilder.java:475)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .handleSupportingTokens(AbstractBindingBuilder.java:462)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl
>>> e
>>> r.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl
>>> e
>>> r.handleBinding(TransportBindingHandler.java:144)
>>> ... 11 more
>>> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: No
>>> username available
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:15
>>> 6
>>> )
>>> at $Proxy27.helloWorld(Unknown Source)
>>> at
>>> com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimp
>>> l
>>> eWSCXFClientHttpsUsername.java:85)
>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No username
>>> available
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .policyNotAsserted(AbstractBindingBuilder.java:301)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .addUsernameToken(AbstractBindingBuilder.java:804)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .handleSupportingTokens(AbstractBindingBuilder.java:475)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde
>>> r
>>> .handleSupportingTokens(AbstractBindingBuilder.java:462)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl
>>> e
>>> r.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200)
>>> at
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl
>>> e
>>> r.handleBinding(TransportBindingHandler.java:144)
>>> at
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic
>>> y
>>> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt
>>> e
>>> rceptor.java:158)
>>> at
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic
>>> y
>>> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt
>>> e
>>> rceptor.java:88)
>>> at
>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept
>>> o
>>> rChain.java:263)
>>> at
>>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>>> at
>>> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:13
>>> 4
>>> )
>>> ... 2 more
>>>
>>> Any idea ? What's wrong with this code ?
>>>
>>> Best Regards.
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
>
> --
> Glen Mazza
> Talend Community Coders - coders.talend.com
> blog: www.jroller.com/gmazza
>
--
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza
