Hi Colm,
I can't make it work while I'm exactly in the configuration you're
suggesting (and that is in the example you gave me) and I don't get what I
miss :
So in my spring bean, I initialize as suggested the WebService :
###################################################################################
public WorkListServiceImpl2( ContextService contextService) throws Exception
{
this.contextService = contextService;
SpringBusFactory bf = new SpringBusFactory();
URL busFile =
this.contextService.getResource("/WEB-INF/spring/webservices2.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
URL wsdl = this.contextService.getResource("/wsdl/brm.wsdl");
Service service = Service.create(wsdl, new QName("
http://services.brm.n2.tibco.com","WorkListService";));
QName portQName = new QName("http://services.brm.n2.tibco.com";,
"WorkListService_EP");
this.workListService = service.getPort(portQName, WorkListService.class);
}
###################################################################################
I use afterPropertySet() of Spring to call the webservice right after
Spring init.
###################################################################################
public List<WorkItemFwk> getWorkListItems(String username,
WorkListItemQuery workListItemQuery)
{
//... init this object : getWorkListItems
try
{
((BindingProvider)this.workListService).getRequestContext().put("thread.local.request.context",
"true");
((BindingProvider)this.workListService).getRequestContext().put(SecurityConstants.USERNAME,
username);
getWorkListItemsResponse =
this.workListService.getWorkListItems(getWorkListItems);
}
catch(Exception e)
{
logger.error("Error while getting worklistItems for
"+workListItemQuery.toString(),e);
}
###################################################################################
And yet there's no SOAP header set in the request:
oct. 02, 2013 12:28:11 PM
org.apache.cxf.services.WorkListService.WorkListService_EP.WorkListService
INFO: Outbound Message
---------------------------
ID: 1
Address: http://192.168.2.212:8080/amxbpm/WorkListService
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml
Headers: {Accept=[*/*], SOAPAction=["getWorkListItems"]}
Payload: <soap:Envelope xmlns:soap="
http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><ns2:getWorkListItems
xmlns:ns2="http://api.brm.n2.tibco.com"; xmlns:ns3="
http://exception.api.brm.n2.tibco.com"; xmlns:ns4="
http://exception.api.common.n2.tibco.com"; xmlns:ns5="
http://www.tibco.com/XPD/ScriptDescriptor/"; xmlns:ns6="
http://exception.api.de.n2.tibco.com"; startPosition="0" numberOfItems="10"
getTotalCount="true"><entityID entity-type="RESOURCE" guid="tibco-admin"
model-version="-1"/><orderFilterCriteria/></ns2:getWorkListItems></soap:Body></soap:Envelope>
--------------------------------------
So I get the following expection :
javax.xml.ws.soap.SOAPFaultException: Authentication Failed.
AuthNSAML20Principal set in Subject is null or empty.
oct. 02, 2013 12:28:11 PM
org.apache.cxf.services.WorkListService.WorkListService_EP.WorkListService
INFO: Inbound Message
----------------------------
ID: 1
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml; charset=utf-8
Headers: {Content-Length=[605], content-type=[text/xml; charset=utf-8],
Date=[Wed, 02 Oct 2013 10:27:43 GMT], Expires=[Thu, 01 Jan 1970 00:00:00
GMT],
Set-Cookie=[JSESSIONID=1houdu4luwh4caof40jy2d8x6;Path=/amxbpm;HttpOnly]}
Payload: <?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>SOAP-ENV:Server</faultcode><faultstring>Authentication
Failed. AuthNSAML20Principal set in Subject is null or
empty.</faultstring><faultactor>DefaultRole</faultactor><detail><tibco:myFaultDetail
xmlns:tibco="http://tibcouri/";>com.tibco.amf.spline.api.context.SplineMessagingException:
Authentication Failed. AuthNSAML20Principal set in Subject is null or empty.
</tibco:myFaultDetail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
--------------------------------------
Any idea before I jump through the window ? ;)
Thanks,
Thomas.
On Thu, Sep 26, 2013 at 4:36 PM, Thomas Manson
<[email protected]>wrote:
> Hi Colm,
>
> I know I'm probably exasperating you with my dumb questions, but I really
> need help...
>
>
> So reading the FAQ, I understand that we're thread safe if we use :
>
> ((BindingProvider)proxy).getRequestContext().put(
> "thread.local.request.context", "true");
>
> before calling
>
> ((BindingProvider)*this*.workListService
> ).getRequestContext().put(SecurityConstants.*USERNAME*, "Alice");
>
> Right ?
>
>
> With the JaxWSClient, I've tried to use
>
>
> ((BindingProvider)utPort).getRequestContext().put(SecurityConstants.USERNAME,
> "Alice");
>
> and it didn't had any effect... (I was making subsequent call, and
> changing the username)
>
> The web service response was the same for the two user, while one should
> have replied an empty response.
>
> * try
> * {
> ((BindingProvider)*this*.workListService
> ).getRequestContext().put(SecurityConstants.*USERNAME*, username);
> getWorkListItemsResponse = *this*.workListService
> .getWorkListItems(getWorkListItems);
> }
> *catch*(Exception e)
> {
> *logger*.error("Error while getting worklistItems for "
> +workListItemQuery.toString());
> }
>
> Did I miss somehting ?
>
>
>
> One other thing I did understand in the meantime, is that, by using
>
> JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
> factory.setServiceClass(WorkListService.class);
> factory.setAddress(this.endpoint);
> //
> factory.setWsdlLocation("D:/ARTIC/SOURCE/artic/trunk/webapp/src/main/webapp/WSDL/brm.wsdl");
> factory.setServiceName(new QName("http://services.brm.n2.tibco.com";,
> "WorkListService"));
>
> Or
>
> SpringBusFactory bf = new SpringBusFactory();
> URL busFile = WorkListServiceImpl2.class.getResource("client.xml");
>
> Bus bus = bf.createBus(busFile.toString());
> SpringBusFactory.setDefaultBus(bus);
> SpringBusFactory.setThreadDefaultBus(bus);
>
> URL wsdl = WorkListServiceImpl2.class.getResource(
> "/Users/tmanson/Dropbox/crf/AMXBPM-2.1-WS-Client/src/main/resources/brm.wsdl"
> );
> Service service = Service.create(wsdl, new QName("
> http://api.brm.n2.tibco.com";, "WorkListService"));
> QName portQName = new QName("http://services.brm.n2.tibco.com";,
> "WorkListService_EP");
> this.workListService =
> service.getPort(portQName, WorkListService.class);
>
> etc...
>
> we ask CXF to generate on the fly the WS Client, is it correct?
>
>
> Now I've already generated a client (with CXF/Ant), which I want to invoke
> instead with this code :
>
> WorkListService_Service proxy = *new* WorkListService_Service(*new* URL("
> http://localhost:8080/amxbpm-web/wsdl/brm.wsdl";),
> *new* QName("http://services.brm.n2.tibco.com","WorkListService";
> ));
> *this*.workListService = proxy.getPort( *new* QName("
> http://services.brm.n2.tibco.com";, "WorkListService_EP"), WorkListService.
> *class*);
>
> I wonder how it can be used in conjonction with this code, and How
> should I handle the authentication part...:
>
> SpringBusFactory bf = *new* SpringBusFactory();
> URL busFile = WorkListServiceImpl2.*class*.getResource("client.xml");
> Bus bus = bf.createBus(busFile.toString());
> SpringBusFactory.*setDefaultBus*(bus);
> SpringBusFactory.*setThreadDefaultBus*(bus);
>
>
> I still dont get what file should I put instead of client.xml as I'm
> already in a spring context, should I specify the file where I define my
> bean already ?
> it's quite confusing...
>
>
> Thomas.
>
>
> On Wed, Sep 25, 2013 at 3:36 PM, Colm O hEigeartaigh
> <[email protected]>wrote:
>
>> > Is it thread safe ?
>>
>> http://cxf.apache.org/faq.html#FAQ-AreJAXWSclientproxiesthreadsafe%3F
>>
>> All you need is a JAX-WS client proxy, how you obtain one or set up your
>> project is up to you...
>>
>> Colm.
>>
>>
>> On Tue, Sep 24, 2013 at 2:07 PM, Thomas Manson
>> <[email protected]>wrote:
>>
>> > Hi Colm,
>> >
>> > I'm starting to understand that it's another way to configure the
>> client.
>> >
>> > I've two questions :
>> >
>> > - Is it thread safe ?
>> > I guess that it is as I see that the ServiceBus specify a Thread.
>> > In a J2EE context, should I specify something else than
>> > SpringBusFactory.setThreadDefaultBus(bus); ?
>> >
>> >
>> > - I'm a bit puzzled by the configuration:
>> >
>> >
>> > SpringBusFactory bf = new SpringBusFactory();
>> > URL busFile = UsernameTokenTest.class.getResource("client/client.xml");
>> >
>> >
>> > This code load a Spring configuration file, while I already have mine +
>> > the client.xml configuration has some cxf:bus definition (is it the same
>> > thing ? SringBusFactory & cxf:bus ?).
>> >
>> > So I wonder I can't just use this code in an existing spring context,
>> How
>> > should I transpose this within an existing spring context?
>> >
>> >
>> > How I think it would work is :
>> >
>> >
>> > - Use your way to setup SpringBus and the Client
>> > - Have a Spring class X that has the WS Client as dependency
>> > - X implement each method of the WS(+some additional business logic)
>> > and set the username dynamically <= I still don't know how to do
>> this...
>> >
>> > Is it the correct way ?
>> >
>> > Thomas.
>> >
>> > Here is my current work in progress spring file
>> >
>> > <beans xmlns="http://www.springframework.org/schema/beans";
>> >
>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:cxf="
>> > http://cxf.apache.org/core";
>> > xsi:schemaLocation="
>> > http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
>> > http://www.springframework.org/schema/beans
>> > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";>
>> >
>> >
>> > <cxf:bus>
>> > <cxf:features>
>> > <cxf:logging />
>> > </cxf:features>
>> > </cxf:bus>
>> >
>> >
>> >
>> > <!--
>> >
>> /Users/tmanson/Dropbox/crf/AMXBPM-2.1-WS-Client/src/main/resources/de.wsdl
>> > -->
>> > <jaxws:client
>> > name="{http://services.brm.n2.tibco.com
>> }EntityResolverService"
>> >
>> >
>> wsdlLocation="/Users/tmanson/Dropbox/crf/AMXBPM-2.1-WS-Client/src/main/resources/de.wsdl"
>> > serviceClass="com.tibco.n2.de.services.EntityResolverService"
>> > address="
>> http://192.168.2.202:8080/amxbpm/EntityResolverService";
>> > createdFromAPI="true">
>> > <jaxws:properties>
>> > <entry key="ws-security.callback-handler"
>> >
>> >
>>
>> value="com.mansonthomas.amxbpm.customwebapp.services.amxbpm.security.PasswordCallbackHandler"
>> > />
>> > </jaxws:properties>
>> > </jaxws:client>
>> >
>> > </beans>
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > On Tue, Sep 24, 2013 at 11:41 AM, Colm O hEigeartaigh <
>> [email protected]
>> > > wrote:
>> >
>> >> Look at the last test here:
>> >>
>> >>
>> >>
>> http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java?view=markup
>> >>
>> >>
>> >>
>> ((BindingProvider)utPort).getRequestContext().put(SecurityConstants.USERNAME,
>> >> "Alice");
>> >>
>> >> Colm.
>> >>
>> >>
>> >> On Tue, Sep 24, 2013 at 10:33 AM, Thomas Manson
>> >> <[email protected]>wrote:
>> >>
>> >> > Hi Colm,
>> >> >
>> >> > I'm back working on this subject (was on pause as I was working for
>> >> other
>> >> > clients)
>> >> >
>> >> > I've checked out the SVN repo you gave me, and I've looked through
>> the
>> >> > samples configurations (client.xml) and I can't find anything
>> >> appropriate.
>> >> >
>> >> > In the UT (Username Token I guess), the username is always provided
>> in
>> >> the
>> >> > configuration file.
>> >> > The saml/x509 configuration still refers to Alice.properties...
>> >> >
>> >> >
>> >> > In my case, the username shouldn't appear in the configuration
>> files,
>> >> as
>> >> > I need to use the J2EE Principal as login, and call the webservice to
>> >> > authenticate the user.
>> >> >
>> >> > Could you point me to the right direction ?
>> >> >
>> >> > Thomas.
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > On Sat, Jul 13, 2013 at 1:45 AM, Thomas Manson
>> >> > <[email protected]>wrote:
>> >> >
>> >> > > Thanks, it will surely help a lot :)
>> >> > >
>> >> > > Thomas.
>> >> > >
>> >> > >
>> >> > > On Fri, Jul 12, 2013 at 6:05 PM, Colm O hEigeartaigh <
>> >> > [email protected]>wrote:
>> >> > >
>> >> > >> Please take a look at the tests here:
>> >> > >>
>> >> > >>
>> >> > >>
>> >> >
>> >>
>> http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security-examples/
>> >> > >>
>> >> > >> Colm.
>> >> > >>
>> >> > >>
>> >> > >> On Fri, Jul 12, 2013 at 4:22 PM, Thomas Manson
>> >> > >> <[email protected]>wrote:
>> >> > >>
>> >> > >> > Do you have any other pointer that this page :
>> >> > >> >
>> >> > >> > cxf.apache.org/docs/ws-securitypolicy.html
>> >> > >> >
>> >> > >> > it's way to short for me as documentation to build something
>> that
>> >> > work.
>> >> > >> > When I read the properties described, I feel there's a mix
>> between
>> >> > >> server
>> >> > >> > side properties (which I'm not interested as I'm just
>> implementing
>> >> a
>> >> > >> > client)... + it starts with extra properties... where are the
>> basic
>> >> > >> ones?
>> >> > >> >
>> >> > >> > what would help is a full example of the code of a client.
>> >> > >> >
>> >> > >> > I'm quite lost ;)
>> >> > >> >
>> >> > >> >
>> >> > >> >
>> >> > >> >
>> >> > >> > On Fri, Jul 12, 2013 at 5:09 PM, Colm O hEigeartaigh <
>> >> > >> [email protected]
>> >> > >> > >wrote:
>> >> > >> >
>> >> > >> > >
>> >> > >> > > If you follow the WS-SecurityPolicy approach then it will
>> work,
>> >> as
>> >> > >> all of
>> >> > >> > > the configuration is taken from the context rather than a
>> >> properties
>> >> > >> Map.
>> >> > >> > >
>> >> > >> > > Colm.
>> >> > >> > >
>> >> > >> > >
>> >> > >> > > On Fri, Jul 12, 2013 at 4:01 PM, Thomas Manson <
>> >> > >> > [email protected]
>> >> > >> > > > wrote:
>> >> > >> > >
>> >> > >> > >> I already does what you say as follow, but it mean one
>> >> instance of
>> >> > >> the
>> >> > >> > >> client per user connected.
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >> I've search quite some time dans didn't find a way to set
>> >> something
>> >> > >> like
>> >> > >> > >> the password callback handler.
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >> JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
>> >> > >> > >>
>> >> > >> > >> factory.setServiceClass(WorkListService.class);
>> >> > >> > >>
>> >> > >> > >> factory.setAddress(this.endpoint);
>> >> > >> > >>
>> >> > >> > >> //
>> >> > >> > >>
>> >> > >> >
>> >> > >>
>> >> >
>> >>
>> factory.setWsdlLocation("D:/ARTIC/SOURCE/artic/trunk/webapp/src/main/webapp/WSDL/brm.wsdl");
>> >> > >> > >>
>> >> > >> > >> factory.setServiceName(new QName("
>> >> > >> http://services.brm.n2.tibco.com
>> >> > >> > ",
>> >> > >> > >> "WorkListService"));
>> >> > >> > >>
>> >> > >> > >> WorkListService workListService = (WorkListService)
>> >> > >> > factory.create();
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >> Client client =
>> ClientProxy.getClient(workListService);
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >> Map<String, Object> properties = new HashMap<String,
>> >> Object>();
>> >> > >> > >>
>> >> > >> > >> properties.put(WSHandlerConstants.ACTION ,
>> >> > >> > >> WSHandlerConstants.USERNAME_TOKEN);
>> >> > >> > >>
>> >> > >> > >> properties.put(WSHandlerConstants.USER ,
>> >> > >> this.username);
>> >> > >> > >>
>> >> > >> > >> properties.put(WSHandlerConstants.PASSWORD_TYPE ,
>> >> > WSConstants.
>> >> > >> > >> PW_TEXT);// "PasswordDigest"
>> >> > >> > >>
>> >> > >> > >> properties.put(WSHandlerConstants.PW_CALLBACK_REF ,
>> >> > >> > newPasswordCallbackHandler(
>> >> > >> > >> this.username, password, "password"));
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >> client.getOutInterceptors().add(new
>> >> > >> > WSS4JOutInterceptor(properties));
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >> On Fri, Jul 12, 2013 at 4:36 PM, Colm O hEigeartaigh <
>> >> > >> > [email protected]
>> >> > >> > >> > wrote:
>> >> > >> > >>
>> >> > >> > >>> ou could create a CXF interceptor that sets the username on
>> the
>> >> > fly,
>> >> > >> > >>> before the WSS4JOutInterceptor is called.
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >>
>> >> > >> > >
>> >> > >> > >
>> >> > >> > > --
>> >> > >> > > Colm O hEigeartaigh
>> >> > >> > >
>> >> > >> > > Talend Community Coder
>> >> > >> > > http://coders.talend.com
>> >> > >> > >
>> >> > >> >
>> >> > >>
>> >> > >>
>> >> > >>
>> >> > >> --
>> >> > >> Colm O hEigeartaigh
>> >> > >>
>> >> > >> Talend Community Coder
>> >> > >> http://coders.talend.com
>> >> > >>
>> >> > >
>> >> > >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> Colm O hEigeartaigh
>> >>
>> >> Talend Community Coder
>> >> http://coders.talend.com
>> >>
>> >
>> >
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
>>
>
>
