Hi,
I am trying UsernameToken through SSL on Tomcat 7 , CXF 2.7.0.
I get following error.
WARNING: Interceptor for
{http://cxf6.test.com/}HelloWorldImplService#{http://cxf6.test.com/}sayHello
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: No callback handler and no password
available
at
org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:158)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:159)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:89)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
at $Proxy31.sayHello(Unknown Source)
at com.test.cx6.client.Client.main(Client.java:53)
Caused by: org.apache.cxf.ws.policy.PolicyException: No callback handler and
no password available
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:309)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getPassword(AbstractBindingBuilder.java:1002)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.addUsernameToken(AbstractBindingBuilder.java:815)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleUsernameTokenSupportingToken(AbstractBindingBuilder.java:612)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:489)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:476)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:207)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:150)
... 11 more
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: No callback
handler and no password available
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156)
at $Proxy31.sayHello(Unknown Source)
at com.test.cx6.client.Client.main(Client.java:53)
Caused by: org.apache.cxf.ws.policy.PolicyException: No callback handler and
no password available
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:309)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getPassword(AbstractBindingBuilder.java:1002)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.addUsernameToken(AbstractBindingBuilder.java:815)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleUsernameTokenSupportingToken(AbstractBindingBuilder.java:612)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:489)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:476)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:207)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:150)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:159)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:89)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
... 2 more
my client configuration is
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:jaxws="http://cxf.apache.org/jaxws";
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd";>
<bean id="logInBound"
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean id="logOutBound"
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<http:conduit name="{http://cxf6.test.com/}HelloWorldImplPort.http-conduit";>
<http:tlsClientParameters>
<sec:keyManagers keyPassword="ckpass">
<sec:keyStore file="target/classes/keystore/clientKeystore.jks"
password="cspass" type="JKS"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore file="target/classes/keystore/clientKeystore.jks"
password="cspass" type="JKS"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_AES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
<jaxws:client name="{http://cxf6.test.com/}HelloWorldImplPort";
createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.username" value="testuser" />
<entry key="ws-security.callback-handler"
value="com.test.cxf6.client.ClientPasswordCallback" />
</jaxws:properties>
<jaxws:inInterceptors><ref bean="logInBound"
/></jaxws:inInterceptors>
<jaxws:outInterceptors> <ref
bean="logOutBound"/></jaxws:outInterceptors>
</jaxws:client>
</beans>
Above error goes away if I remove callback-handler entry and replace it with
password like the following one.
<jaxws:client name="{http://cxf6.test.com/}HelloWorldImplPort";
createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.username" value="testuser" />
<entry key="ws-security.password"
value="password"></entry>
</jaxws:properties>
<jaxws:inInterceptors><ref bean="logInBound"
/></jaxws:inInterceptors>
<jaxws:outInterceptors> <ref
bean="logOutBound"/></jaxws:outInterceptors>
</jaxws:client>
--
View this message in context:
http://cxf.547215.n5.nabble.com/org-apache-cxf-interceptor-Fault-No-callback-handler-and-no-password-available-tp5722113.html
Sent from the cxf-user mailing list archive at Nabble.com.
