Hi,
I am trying to apply UsernameToken Security to my cxf webservice using
WSS4jInIterceptor.Here is my endpoint declaration:
<jaxws:endpoint id="ibis-webservice"
mplementor="org.ets.skm.oasys.webservice.event.EventNotificationBean"
address="/eventNotification">
<jaxws:inInterceptors>
<bean id="saajIn"
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
<bean id="wss4jIn"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action"
value="UsernameToken"/>
<entry
key="passwordType" value="PasswordText"/>
<entry
key="passwordCallbackRef">
<ref
bean="myPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
<bean id="saajOut"
class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
</jaxws:inInterceptors>
<jaxws:properties>
<entry key="ws-security.enable.nonce.cache"
value="false" />
<entry key="ws-security.enable.timestamp.cache"
value="false" />
<entry key="ws-security.is-bsp-compliant"
value="false"/>
</jaxws:properties>
</jaxws:endpoint>
I am invoking this webservice fron java client:
EventNotificationService ss = new EventNotificationService(wsdlURL,
SERVICE_NAME);
HeaderHandlerResolver handlerResolver = new
HeaderHandlerResolver();
**ss.setHandlerResolver(handlerResolver);*ss.setHandlerResolver(handlerResolver);*
EventNotificationEndPoint port =
ss.getEventNotificationEndPointPort();
final Client proxy = ClientProxy.getClient(port);
final HTTPConduit conduit = (HTTPConduit)
proxy.getConduit();
HTTPClientPolicy httpClientPolicy = new
HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(1800000);
httpClientPolicy.setReceiveTimeout(1800000);
TLSClientParameters param = new TLSClientParameters();
param.setDisableCNCheck(true);
conduit.setTlsClientParameters(param);
conduit.setClient(httpClientPolicy);
org.ets.skm.oasys.webservice.event.Status _sendNotification__return
= port.sendNotification(info);
Using handlerResolver to create my SOAP message:
private static final String AUTH_NS =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";;
private static final String AUTH_PREFIX="wsse";
SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope();
SOAPHeader header = envelope.getHeader();
QName security = new QName(AUTH_NS, "Security", AUTH_PREFIX);
SOAPHeaderElement securitynHeader =
header.addHeaderElement(security);
securitynHeader.setMustUnderstand(true);
SOAPFactory soapFactory =
SOAPFactory.newInstance();
SOAPElement userNameTokenElm = soapFactory.createElement("UsernameToken",
AUTH_PREFIX,
AUTH_NS);
SOAPElement userNameElm =
soapFactory.createElement("Username",
AUTH_PREFIX,
AUTH_NS);
userNameElm.addTextNode("TestUser");
SOAPElement passwdElm =
soapFactory.createElement("Password",
AUTH_PREFIX,
AUTH_NS);
passwdElm.addTextNode("TestPassword");
userNameTokenElm.addChildElement(passwdElm);
userNameTokenElm.addChildElement(userNameElm);
securitynHeader.addChildElement(userNameTokenElm);
BUT my call come to WSS4jInInterceptor at server side and internally when it
is calling WSSecurityEngine.processSecurityHeader() it didn't find any
UsernameToken and related nodes so while calling Node node =
securityHeader.getFirstChild(); in this method it is returning null.
As I am adding UsernameToken in my request why at server side it cannot find
it and its throwing ActionMismatch WebService Exception.
Please help me as I am not able to understand the problem.
Nidhi
--
View this message in context:
http://cxf.547215.n5.nabble.com/Problem-with-UsernameToken-tp5726788.html
Sent from the cxf-user mailing list archive at Nabble.com.
