Neither CXF 2.3 nor 2.4 are supported any more. Could you try instead with one of the latest 2.6 or 2.7 releases?
https://cxf.apache.org/download.html Colm. On Tue, May 28, 2013 at 4:29 PM, pep25abril <[email protected]> wrote: > Hi everyone, > > I'm developing a WS with CXF v2.3 and WS-Security with Username & Password > policy, that I've checked that works properly with CXF v2.4 but not in > v2.3. > Of course I've seen all docs placed on Apache CXF website in relation to > this topic, and the most interesting information I find is found on the > website > > http://coheigea.blogspot.com.es/2011/02/wspasswordcallback-changes-in-wss4j-16.html > , explaining the changes applied in wss4j v1.5 to v1.6, that is the same as > the library changed in CXF v2.3 and v2.4. I'm not sure if because of these > I > should change my configuration file in some way, depending on the version > used... > > Specifically, I have the following files on my project: > > beans.xml: > <?xml version="1.0" encoding="UTF-8"?> > <beans xmlns="http://www.springframework.org/schema/beans"; > xmlns:cxf="http://cxf.apache.org/core"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:sec="http://cxf.apache.org/configuration/security"; > xmlns:http="http://cxf.apache.org/transports/http/configuration"; > xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"; > xmlns:jaxws="http://cxf.apache.org/jaxws"; > xsi:schemaLocation=" > http://cxf.apache.org/core > http://cxf.apache.org/schemas/core.xsd > http://cxf.apache.org/configuration/security > http://cxf.apache.org/schemas/configuration/security.xsd > http://cxf.apache.org/jaxws > http://cxf.apache.org/schemas/jaxws.xsd > http://cxf.apache.org/transports/http/configuration > http://cxf.apache.org/schemas/configuration/http-conf.xsd > http://cxf.apache.org/transports/http-jetty/configuration > http://cxf.apache.org/schemas/configuration/http-jetty.xsd > http://www.springframework.org/schema/beans > > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";> > > > <import resource="classpath:META-INF/cxf/cxf.xml" /> > <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> > <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> > > <cxf:bus> > <cxf:features> > <cxf:logging/> > </cxf:features> > </cxf:bus> > > <jaxws:endpoint id="server" > endpointName="s:IfuncionessformswsPort" > serviceName="s:Ifuncionessformsws" > > > implementor="es.servef.comuns.webservices.funcionessforms.IfuncionessformswsPortTypeImpl" > address="/IfuncionessformswsPort" > depends-on="ClientAuthHttpsSettings" > wsdlLocation="Ifuncionessformsws.wsdl" > xmlns:s=" > http://funcionessforms.webservices.comuns.servef.es/";> > <jaxws:properties> > <entry key="ws-security.callback-handler" > > value="es.servef.comuns.webservices.funcionessforms.ServerPasswordCallback"/> > </jaxws:properties> > </jaxws:endpoint> > > <httpj:engine-factory id="ClientAuthHttpsSettings" bus="cxf"> > <httpj:engine port="8443"> > <httpj:tlsServerParameters> > <sec:clientAuthentication want="true" > required="true" /> > </httpj:tlsServerParameters> > </httpj:engine> > </httpj:engine-factory> > > </beans> > > --- > > WSDL settings (only service and policy): > > ... > <wsdl:service name="Ifuncionessformsws"> > <wsdl:port binding="tns:IfuncionessformswsSoapBinding" > name="IfuncionessformswsPort"> > <soap:address > location=" > https://localhost:8443/testWsCxfMavenFuncionsSformsPolitica/services/IfuncionessformswsPort > "/> > <wsp:PolicyReference URI="#listassformswspolicy"/> > </wsdl:port> > </wsdl:service> > <wsp:Policy wsu:Id="listassformswspolicy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SupportingTokens> > <wsp:Policy> > <sp:UsernameToken > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > "> > <wsp:Policy> > > <sp:WssUsernameToken11/> > </wsp:Policy> > </sp:UsernameToken> > </wsp:Policy> > </sp:SupportingTokens> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > ... > > --- > > server.java: > > protected IfuncionessformswsPortType_IfuncionessformswsPort_Server() > throws Exception { > System.out.println("Starting Server"); > > SpringBusFactory bf = new SpringBusFactory(); > URL busFile = > > IfuncionessformswsPortType_IfuncionessformswsPort_Server.class.getResource("WEB-INF/beans.xml"); > Bus bus = bf.createBus(busFile.toString()); > bf.setDefaultBus(bus); > } > > public static void main(String args[]) throws Exception { > new IfuncionessformswsPortType_IfuncionessformswsPort_Server(); > System.out.println("Server ready..."); > > Thread.sleep(5 * 60 * 1000); > System.out.println("Server exiting"); > System.exit(0); > } > > --- > > and ServerPasswordCallback: > > public class ServerPasswordCallback implements CallbackHandler { > > public void handle(Callback[] callbacks) throws IOException, > UnsupportedCallbackException { > WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; > System.out.println("pc.getIdentifier() = " + pc.getIdentifier() + > ", > pc.getPassword() = " + pc.getPassword()); > > if ("joe".equals(pc.getIdentifier())) { > if (!pc.getPassword().equals("joespassword")) { > throw new IOException("wrong password"); > } > } > else { > throw new UnsupportedCallbackException(callbacks[0], "check > failed"); > } > } > } > > Testing this, I have seen that system.out in serverpasswordcallback appears > while using CXF v2.4 but not v2.3... Maybe it doesn't link the beans.xml > configuration file with the callback class for some reason? In a sample > from > CXF distribution v2.3 (ws_security\ut_policy\src\demo\wssec\server), it's > done also in this way. > > Any idea? > > Thanks in advance, > > Josep > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/WS-Security-in-CXF-2-4-vs-2-3-tp5728447.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
