Re: UsernameToken Credentials not coming to Server side Wss4jInInterceptor

Fri, 26 Apr 2013 01:54:49 -0700 

What does the actual request look like?

Colm.


On Thu, Apr 25, 2013 at 8:23 PM, Nidhi Sharma <[email protected]> wrote:

> Hi,
>
> I am trying to apply UsernameToken Security to my cxf webservice using
> WSS4jInIterceptor.Here is my endpoint declaration:
> <jaxws:endpoint id="ibis-webservice"
> mplementor="org.ets.skm.oasys.webservice.event.EventNotificationBean"
>
> address="/eventNotification">
>                         <jaxws:inInterceptors>
>                                 <bean id="saajIn"
> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
>                         <bean id="wss4jIn"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>                                         <constructor-arg>
>                                                 <map>
>                                                         <entry key="action"
> value="UsernameToken"/>
>                                                         <entry
> key="passwordType" value="PasswordText"/>
>                                                         <entry
> key="passwordCallbackRef">
>                                                                 <ref
> bean="myPasswordCallback" />
>                                                         </entry>
>                                                 </map>
>                                         </constructor-arg>
>                                 </bean>
> <bean id="saajOut"
> class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
>                         </jaxws:inInterceptors>
>                         <jaxws:properties>
>                                 <entry key="ws-security.enable.nonce.cache"
> value="false" />
>                                 <entry
> key="ws-security.enable.timestamp.cache" value="false" />
>                                <entry key="ws-security.is-bsp-compliant"
> value="false"/>
>                         </jaxws:properties>
>                 </jaxws:endpoint>
>
> I am invoking this webservice fron java client:
>         EventNotificationService ss = new EventNotificationService(wsdlURL,
> SERVICE_NAME);
>                 HeaderHandlerResolver handlerResolver = new
> HeaderHandlerResolver();
>
>
> ss.setHandlerResolver(handlerResolver);ss.setHandlerResolver(handlerResolver);
>       EventNotificationEndPoint port =
> ss.getEventNotificationEndPointPort();
>
>                 final Client proxy = ClientProxy.getClient(port);
>                         final HTTPConduit conduit = (HTTPConduit)
> proxy.getConduit();
>                         HTTPClientPolicy httpClientPolicy = new
> HTTPClientPolicy();
>                         httpClientPolicy.setConnectionTimeout(1800000);
>                         httpClientPolicy.setReceiveTimeout(1800000);
>                         TLSClientParameters param = new
> TLSClientParameters();
>                         param.setDisableCNCheck(true);
>                         conduit.setTlsClientParameters(param);
>                         conduit.setClient(httpClientPolicy);
>         org.ets.skm.oasys.webservice.event.Status _sendNotification__return
> = port.sendNotification(info);
>
> Using handlerResolver to create my SOAP message:
> private static final String AUTH_NS =
> "
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ";
>
>                 private static final String AUTH_PREFIX="wsse";
>
> SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope();
>                 SOAPHeader header = envelope.getHeader();
> QName security = new QName(AUTH_NS, "Security", AUTH_PREFIX);
>                         SOAPHeaderElement securitynHeader =
> header.addHeaderElement(security);
>                         securitynHeader.setMustUnderstand(true);
>                                 SOAPFactory soapFactory =
> SOAPFactory.newInstance();
> SOAPElement userNameTokenElm = soapFactory.createElement("UsernameToken",
>                                                 AUTH_PREFIX,
>                                                 AUTH_NS);
>                                 SOAPElement userNameElm =
> soapFactory.createElement("Username",
>                                                 AUTH_PREFIX,
>                                                 AUTH_NS);
>                                 userNameElm.addTextNode("TestUser");
>                                 SOAPElement passwdElm =
> soapFactory.createElement("Password",
>                                                 AUTH_PREFIX,
>                                                 AUTH_NS);
>                                 passwdElm.addTextNode("TestPassword");
>
> userNameTokenElm.addChildElement(passwdElm);
>
> userNameTokenElm.addChildElement(userNameElm);
>
> securitynHeader.addChildElement(userNameTokenElm);
>
>
> BUT my call come to WSS4jInInterceptor at server side and internally when
> it
> is calling WSSecurityEngine.processSecurityHeader() it didn't find any
> UsernameToken and related nodes so while calling Node node =
> securityHeader.getFirstChild(); in this method it is returning null.
>
> As I am adding UsernameToken in my request why at server side it cannot
> find
> it and its throwing ActionMismatch WebService Exception.
>
> Any help is appreciated, I am not able to understand the problem.
>
> Nidhi
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/UsernameToken-Credentials-not-coming-to-Server-side-Wss4jInInterceptor-tp5726797.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to