Re: Authentication woes

Fri, 03 Aug 2012 09:10:25 -0700

This blog entry might help: http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile 

Regards,
Glen

On 08/03/2012 12:07 PM, Aaron Stromas wrote:

Hello,

I have received a WSDL that contains a policy element

   <wsp:Policy wsu:Id="UsernameToken" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
     <wsp:ExactlyOne>
       <wsp:All>
         <sp:SupportingTokens xmlns:sp="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
           <wsp:Policy>
             <sp:UsernameToken sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";
/>
           </wsp:Policy>
         </sp:SupportingTokens>
       </wsp:All>
     </wsp:ExactlyOne>
   </wsp:Policy>

so I decided that this is a WS-SecurityPolicy use case my client should
authenticate itself this way

         Map ctx = ((BindingProvider)port).getRequestContext();
         ctx.put("ws-security.username", "aname");
         ctx.put("ws-security.callback-handler",
PasswordCallback.class.getName());

Unfortunately, I'm getting the following stack trace

WARNING: Interceptor for {
http://www.xmlns.enterprise.com/HRM/WorkforceAdmin/service/GetAllEmployeesInfoImpl/1.0/}Get<http://www.xmlns.walmartstores.com/HRM/WorkforceAdmin/service/GetGlobalAssociateInfoImpl/1.0/%7DGetGlobalAssoc>
AllEmployees<http://www.xmlns.walmartstores.com/HRM/WorkforceAdmin/service/GetGlobalAssociateInfoImpl/1.0/%7DGetGlobalAssoc>
}<http://mlns.walmartstores.com/HRM/WorkforceAdmin/wsdl/GetGlobalAssociateInfoIntf/1.0/%7DgetPersonalProfile>
GetAllEmployeesInfoImpl#{http://x<http://www.xmlns.walmartstores.com/HRM/WorkforceAdmin/service/GetGlobalAssociateInfoImpl/1.0/%7DGetGlobalAssoc>
mlns.enterprise<http://www.xmlns.walmartstores.com/HRM/WorkforceAdmin/service/GetGlobalAssociateInfoImpl/1.0/%7DGetGlobalAssoc>
.com/HRM/WorkforceAdmin/wsdl/GetAllEmployees<http://www.xmlns.walmartstores.com/HRM/WorkforceAdmin/service/GetGlobalAssociateInfoImpl/1.0/%7DGetGlobalAssoc>InfoIntf/1.0/}getPersonalProfile
has thrown exception, unwinding now
org.apache.cxf.ws.policy.PolicyException: No username available
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.policyNotAsserted(UsernameTokenInterceptor.java:398)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:341)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:267)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:112)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:76)
         at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
         at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
         at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
         at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
         at $Proxy29.getPersonalProfile(Unknown Source)
         at
com.rsa.pso.common.ws.hcm.client.HcmClient.main(HcmClient.java:95)
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: No
username available
         at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156)
         at $Proxy29.getPersonalProfile(Unknown Source)
         at
com.rsa.pso.common.ws.hcm.client.HcmClient.main(HcmClient.java:95)
Caused by: org.apache.cxf.ws.policy.PolicyException: No username available
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.policyNotAsserted(UsernameTokenInterceptor.java:398)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:341)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:267)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:112)
         at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:76)
         at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
         at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
         at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
         at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)

What am doing wrong, please? TIA,



--
Glen Mazza
Talend Community Coders
coders.talend.com
blog: www.jroller.com/gmazza

Reply via email to