>
> <jaxws:client id="WorkListServiceProxyFactory"
>
> name="{http://services.brm.n2.tibco.com}WorkListService_EP";
>
> serviceClass="com.tibco.n2.brm.services.WorkListService" address="
> http://192.168.2.213:8080/amxbpm/WorkListService";>
>
>
> <jaxws:properties>
>
>
> <entry key="ws-security.username" value="tibco-admin" />
>
> <entry key="ws-security.callback-handler"
>
> value=
> "com.mansonthomas.amxbpm.customwebapp.services.amxbpm.security.PasswordCallbackHandler"
> />
>
> </jaxws:properties>
>
> </jaxws:client>
>
> </beans>
>
> and no soap headers:
This configuration will ONLY work if your WSDL contains a ws-security policy
fragment that defines a username token policy in it. In addition, you would
NEED to add a wsdlLocation item onto the jaxws:client for the wsdl to be picked
up. Right now, with that configuration, it doesn't know to even apply any
security stuff at all.
Dan
On Oct 15, 2013, at 5:17 AM, Thomas Manson <[email protected]> wrote:
> Colm,
>
> honestly i'm really getting mad and sick of this security stuff.
> I'm blocked on this for sooo long now and don't work on the actual stuff I
> should do.
>
> I was pushing CXF as I did had good experience on it before, but I'm now
> considering to move to something else... I really need to get the thing
> done, anyhow.
>
>
>> If you have a WS-SecurityPolicy in operation
> I don't understand this.
> if you mean that the wsdl should contain some stuff, I don't think so,
> maybe beacuse it allow username token, SAML (sendervoucher) and X509 and
> that all samples I've tried do not work.
>
> the only actual code that did send the SOAP header is
>
> this code :
>
> ###############################################################################################
>
> JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
>
> factory.setServiceClass(WorkListService.class);
>
> factory.setAddress(this.endpoint);
>
> //
> factory.setWsdlLocation("D:/ARTIC/SOURCE/artic/trunk/webapp/src/main/webapp/WSDL/brm.wsdl");
>
> factory.setServiceName(new QName("http://services.brm.n2.tibco.com";,
> "WorkListService"));
>
> this.workListService = (WorkListService) factory.create();
>
>
> Client client = ClientProxy.getClient(this.workListService);
>
>
> Map<String, Object> properties = new HashMap<String, Object>();
>
> properties.put(WSHandlerConstants.ACTION , WSHandlerConstants.
> USERNAME_TOKEN);
>
> properties.put(WSHandlerConstants.USER , this.username);
>
> properties.put(WSHandlerConstants.PASSWORD_TYPE , WSConstants.PW_TEXT
> );// "PasswordDigest"
>
> properties.put(WSHandlerConstants.PW_CALLBACK_REF ,
> newPasswordCallbackHandler(
> "secret"));
>
>
> client.getOutInterceptors().add(new WSS4JOutInterceptor(properties));
>
>
> HTTPConduit conduit = (HTTPConduit) client.getConduit();
>
>
> long timeoutMillis = this.timeout * 1000;
>
>
> HTTPClientPolicy policy = new HTTPClientPolicy();
>
> policy.setConnectionTimeout(timeoutMillis);
>
> policy.setReceiveTimeout(timeoutMillis);
>
>
> conduit.setClient(policy);
> ###############################################################################################
>
>
> I'm just trying to get the basic thing to work :
>
> Configure the client with spring, inject it into another bean and use it
> and even that do not work.
>
>
> I'm just having the same spring code in all samples, I can't get why it
> doesn't send the security headers.
>
>
>
>
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <beans xmlns="http://www.springframework.org/schema/beans";
>
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:jaxws="
> http://cxf.apache.org/jaxws";
>
>
> xmlns:cxf="http://cxf.apache.org/core"; xmlns:p="
> http://cxf.apache.org/policy";
>
>
> xsi:schemaLocation="
>
> http://www.springframework.org/schema/beans
>
> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>
> http://cxf.apache.org/jaxws
>
> http://cxf.apache.org/schemas/jaxws.xsd
>
> http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
>
> ">
>
>
>
>
> <cxf:bus>
>
> <cxf:features>
>
> <p:policies />
>
> <cxf:logging />
>
> </cxf:features>
>
> </cxf:bus>
>
>
>
>
> <jaxws:client id="WorkListServiceProxyFactory"
>
> name="{http://services.brm.n2.tibco.com}WorkListService_EP";
>
> serviceClass="com.tibco.n2.brm.services.WorkListService" address="
> http://192.168.2.213:8080/amxbpm/WorkListService";>
>
>
> <jaxws:properties>
>
>
> <entry key="ws-security.username" value="tibco-admin" />
>
> <entry key="ws-security.callback-handler"
>
> value=
> "com.mansonthomas.amxbpm.customwebapp.services.amxbpm.security.PasswordCallbackHandler"
> />
>
> </jaxws:properties>
>
> </jaxws:client>
>
> </beans>
>
> and no soap headers:
>
>
> INFO: Creating Service
> {http://services.brm.n2.tibco.com}WorkListServiceService
> from class com.tibco.n2.brm.services.WorkListService
>
> oct. 15, 2013 10:52:41 AM
> org.apache.cxf.services.WorkListServiceService.WorkListServicePort.WorkListService
>
> INFO: Outbound Message
>
> ---------------------------
>
> ID: 1
>
> Address: http://192.168.2.213:8080/amxbpm/WorkListService
>
> Encoding: UTF-8
>
> Http-Method: POST
>
> Content-Type: text/xml
>
> Headers: {Accept=[*/*], SOAPAction=["getWorkListItems"]}
>
> Payload: <soap:Envelope xmlns:soap="
> http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><ns2:getWorkListItems
> xmlns:ns2="http://api.brm.n2.tibco.com"; xmlns:ns3="
> http://exception.api.brm.n2.tibco.com"; xmlns:ns4="
> http://exception.api.common.n2.tibco.com"; xmlns:ns5="
> http://exception.api.de.n2.tibco.com"; xmlns:ns6="
> http://www.tibco.com/XPD/ScriptDescriptor/"; startPosition="0"
> numberOfItems="10" getTotalCount="true"><entityID entity-type="RESOURCE"
> guid="tibco-admin"
> model-version="-1"/><orderFilterCriteria/></ns2:getWorkListItems></soap:Body></soap:Envelope>
>
> --------------------------------------
>
> oct. 15, 2013 10:52:41 AM
> org.apache.cxf.services.WorkListServiceService.WorkListServicePort.WorkListService
>
> INFO: Inbound Message
>
> ----------------------------
>
> ID: 1
>
> Response-Code: 500
>
> Encoding: UTF-8
>
> Content-Type: text/xml; charset=utf-8
>
> Headers: {Content-Length=[605], content-type=[text/xml; charset=utf-8],
> Date=[Tue, 15 Oct 2013 14:50:18 GMT], Expires=[Thu, 01 Jan 1970 00:00:00
> GMT], Set-Cookie=[JSESSIONID=eflukkvn7glfvw8s53n2228;Path=/amxbpm;HttpOnly]}
>
> Payload: <?xml version="1.0" encoding="UTF-8"?>
>
> <SOAP-ENV:Envelope
> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>SOAP-ENV:Server</faultcode><faultstring>Authentication
> Failed. AuthNSAML20Principal set in Subject is null or
> empty.</faultstring><faultactor>DefaultRole</faultactor><detail><tibco:myFaultDetail
> xmlns:tibco="http://tibcouri/
> ">com.tibco.amf.spline.api.context.SplineMessagingException: Authentication
> Failed. AuthNSAML20Principal set in Subject is null or empty.
>
> </tibco:myFaultDetail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
>
> --------------------------------------
>
> 2013-10-15 10:52:41,915 - ERROR - localhost-startStop-1 (
> WorkListServiceImpl4.java:81) - Error while getting worklistItems for
> WorkListItemQuery [username=tibco-admin, userGUID=tibco-admin, start=0,
> numberOfItems=10, filter=null, order=null]
>
> javax.xml.ws.soap.SOAPFaultException: Authentication Failed.
> AuthNSAML20Principal set in Subject is null or empty.
>
> at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156)
>
> at com.sun.proxy.$Proxy57.getWorkListItems(Unknown Source)
>
>
>
>
>
>
>
>
>
> On Tue, Oct 15, 2013 at 11:04 AM, Colm O hEigeartaigh
> <[email protected]>wrote:
>
>> If you have a WS-SecurityPolicy in operation, it will take care of adding
>> the correct headers, once you supply it with the correct information
>> (username, password, etc.). Please take a look at the ws-security-examples
>> systests to see how it all works.
>>
>> Colm.
>>
>>
>> On Mon, Oct 14, 2013 at 10:27 PM, Thomas Manson <
>> [email protected]> wrote:
>>
>>> Hi Colm,
>>>
>>> I will resume work on this subject tomorrow.
>>>
>>> So I'm in a situation where there's no soap header setted, and the
>>> spring configuraiton seems to be ignored (which would be quite logical as
>>> we don't use it in the java code, just rebuiling all ourselves.)
>>>
>>> So how can I make sure the soap header is setted in my request? How can I
>>> set the authentication type (username/password plain) ?
>>>
>>> Thanks,
>>> Thomas.
>>>
>>>
>>> On Mon, Oct 7, 2013 at 11:23 AM, Thomas Manson <
>>> [email protected]> wrote:
>>>
>>>> Hi Colm,
>>>>
>>>> If I remove the <jaxws:client element, it still work as before, so I
>>>> guess this client xml declaration is not taken into account as we're just
>>>> programmatically re-doing what the spring configuration does...
>>>>
>>>> As I stated earlier, I'm already in a spring context (J2EE Spring MVC
>>>> application), that's why I don't understand the BusFactory need to be given
>>>> the spring xml file.
>>>>
>>>> I've understood that while seeing that the endpoint was not taken into
>>>> account (thanks to my Virtual machine that changes of IP each time I resume
>>>> my mac).
>>>>
>>>> So I'll focus to make it work programmatically first, then figure out
>>>> how to use the spring XML configurations files and finally try to use my
>>>> own generated WS Client instead of generating it on the fly.
>>>>
>>>>
>>>> For now, I'm still blocked on enabling a security policy on the client
>>>> side programmatically.
>>>> For instance, my password callback handler is not taken into account,
>>>> as it's not called at all.
>>>>
>>>> (the method public void handle(Callback[] callbacks) throwsIOException,
>>>> UnsupportedCallbackException is not called)
>>>>
>>>>
>>>> I programmatically specify it as follow (full code at the end of the
>>>> mail):
>>>>
>>>> *this*.workListService = service.getPort(portQName, WorkListService.*
>>>> class*);
>>>>
>>>> ((BindingProvider)*this*.workListService
>>>> ).getRequestContext().put(BindingProvider.*ENDPOINT_ADDRESS_PROPERTY*, "
>>>> http://192.168.2.213:8080/amxbpm/WorkListService";);
>>>>
>>>> //I've also tryed by just specificying a class name, but don't work
>>>> either.
>>>>
>>>> PasswordCallbackHandler passwordCallbackHandler =
>>>> *new*PasswordCallbackHandler(
>>>> "secret");
>>>> ((BindingProvider)*this*.workListService
>>>> ).getRequestContext().put(SecurityConstants.*CALLBACK_HANDLER*,
>>>> passwordCallbackHandler);
>>>>
>>>>
>>>>
>>>>
>>>> In the CXF samples, it's done like this:
>>>>
>>>> <jaxws:client name=*"{
>>>> http://www.example.org/contract/DoubleIt}DoubleItPlaintextPrincipalPort";
>>>> *
>>>> createdFromAPI=*"true"*>
>>>> <jaxws:properties>
>>>> <entry key=*"ws-security.callback-handler"
>>>> *
>>>> value=*
>>>> "org.apache.cxf.systest.ws.wssec10.client.UTPasswordCallback"*/>
>>>> </jaxws:properties>
>>>> </jaxws:client>
>>>>
>>>>
>>>> So I wonder what I miss...
>>>>
>>>> Thomas.
>>>>
>>>>
>>>> package com.mansonthomas.amxbpm.customwebapp.services.amxbpm;
>>>>
>>>> import java.net.URL;
>>>> import java.util.ArrayList;
>>>> import java.util.List;
>>>>
>>>> import javax.xml.namespace.QName;
>>>> import javax.xml.transform.Source;
>>>> import javax.xml.ws.BindingProvider;
>>>> import javax.xml.ws.EndpointReference;
>>>> import javax.xml.ws.Service;
>>>> import javax.xml.ws.WebServiceFeature;
>>>> import javax.xml.ws.wsaddressing.W3CEndpointReference;
>>>> import javax.xml.ws.wsaddressing.W3CEndpointReferenceBuilder;
>>>>
>>>> import org.apache.commons.logging.Log;
>>>> import org.apache.commons.logging.LogFactory;
>>>> import org.apache.cxf.Bus;
>>>> import org.apache.cxf.bus.spring.SpringBusFactory;
>>>> import org.apache.cxf.endpoint.Client;
>>>> import org.apache.cxf.ws.security.SecurityConstants;
>>>> import org.springframework.beans.factory.InitializingBean;
>>>>
>>>> import com.mansonthomas.amxbpm.customwebapp.model.WorkItemFwk;
>>>> import com.mansonthomas.amxbpm.customwebapp.model.WorkListItemQuery;
>>>> import
>>>> com.mansonthomas.amxbpm.customwebapp.services.amxbpm.context.ContextService;
>>>> import
>>>> com.mansonthomas.amxbpm.customwebapp.services.amxbpm.mapper.WorkItemMapper;
>>>> import
>>>> com.mansonthomas.amxbpm.customwebapp.services.amxbpm.security.PasswordCallbackHandler;
>>>> import com.tibco.n2.brm.api.GetWorkListItems;
>>>> import com.tibco.n2.brm.api.GetWorkListItemsResponse;
>>>> import com.tibco.n2.brm.api.OrderFilterCriteria;
>>>> import com.tibco.n2.brm.api.WorkItem;
>>>> import com.tibco.n2.brm.services.WorkListService;
>>>> import com.tibco.n2.common.organisation.api.OrganisationalEntityType;
>>>> import com.tibco.n2.common.organisation.api.XmlModelEntityId;
>>>>
>>>> public class WorkListServiceImpl2 implements WorkListFwkService,
>>>> InitializingBean
>>>> {
>>>>
>>>> private static final Log logger =
>>>> LogFactory.getLog(WorkListServiceImpl2.class);
>>>>
>>>>
>>>>
>>>> private WorkListService workListService = null;
>>>> private ContextService contextService = null;
>>>>
>>>> public WorkListServiceImpl2( ContextService contextService) throws
>>>> Exception
>>>> {
>>>> this.contextService = contextService;
>>>>
>>>> SpringBusFactory bf = new SpringBusFactory();
>>>> URL busFile =
>>>> this.contextService.getResource("/WEB-INF/spring/webservices2.xml");
>>>>
>>>> Bus bus = bf.createBus(busFile.toString());
>>>> SpringBusFactory.setDefaultBus(bus);
>>>> SpringBusFactory.setThreadDefaultBus(bus);
>>>>
>>>> URL wsdl =
>>>> this.contextService.getResource("/wsdl/brm.wsdl");
>>>>
>>>> Service service = Service.create(wsdl, new QName("
>>>> http://services.brm.n2.tibco.com","WorkListService";));
>>>>
>>>> QName portQName = new QName("http://services.brm.n2.tibco.com";,
>>>> "WorkListService_EP");
>>>>
>>>> this.workListService = service.getPort(portQName,
>>>> WorkListService.class);
>>>>
>>>>
>>>> ((BindingProvider)this.workListService).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
>>>> "http://192.168.2.213:8080/amxbpm/WorkListService";);
>>>>
>>>> PasswordCallbackHandler passwordCallbackHandler = new
>>>> PasswordCallbackHandler("secret");
>>>>
>>>>
>>>> ((BindingProvider)this.workListService).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
>>>> passwordCallbackHandler);
>>>>
>>>>
>>>> }
>>>>
>>>> public List<WorkItemFwk> getWorkListItems(String username,
>>>> WorkListItemQuery workListItemQuery)
>>>> {
>>>> XmlModelEntityId entityId = new XmlModelEntityId();
>>>> entityId.setGuid(workListItemQuery.getUserGUID());
>>>> entityId.setEntityType(OrganisationalEntityType.RESOURCE);
>>>> entityId.setModelVersion(-1);
>>>>
>>>> GetWorkListItems getWorkListItems = new GetWorkListItems();
>>>>
>>>> getWorkListItems.setGetTotalCount (true);
>>>> getWorkListItems.setEntityID (entityId);
>>>> getWorkListItems.setStartPosition
>>>> (workListItemQuery.getStart());
>>>> getWorkListItems.setNumberOfItems
>>>> (workListItemQuery.getNumberOfItems());
>>>> getWorkListItems.setOrderFilterCriteria (new OrderFilterCriteria());
>>>>
>>>> GetWorkListItemsResponse getWorkListItemsResponse = null;
>>>>
>>>> try
>>>> {
>>>>
>>>> ((BindingProvider)this.workListService).getRequestContext().put("thread.local.request.context",
>>>> "true");
>>>>
>>>> ((BindingProvider)this.workListService).getRequestContext().put(SecurityConstants.USERNAME,
>>>> username);
>>>>
>>>> getWorkListItemsResponse =
>>>> this.workListService.getWorkListItems(getWorkListItems);
>>>> }
>>>> catch(Exception e)
>>>> {
>>>> logger.error("Error while getting worklistItems for
>>>> "+workListItemQuery.toString(),e);
>>>> }
>>>>
>>>>
>>>>
>>>> if(getWorkListItemsResponse == null)
>>>> {
>>>> logger.error("recieve a null response while getting worklistItems
>>>> for "+workListItemQuery.toString());
>>>> return new ArrayList<WorkItemFwk>(0);
>>>> }
>>>>
>>>> List<WorkItem> workitems =
>>>> getWorkListItemsResponse.getWorkItems();
>>>> List<WorkItemFwk> workListItemFwk = new
>>>> ArrayList<WorkItemFwk>(workitems.size());
>>>>
>>>>
>>>> int i = 0;
>>>> for (WorkItem workItem : workitems)
>>>> {
>>>> workListItemFwk.add(WorkItemMapper.map(workItem, i++));
>>>> }
>>>> return workListItemFwk;
>>>> }
>>>>
>>>> @Override
>>>> public void afterPropertiesSet() throws Exception
>>>> {
>>>>
>>>> WorkListItemQuery workListItemQuery = new WorkListItemQuery();
>>>>
>>>> workListItemQuery.setStart(0l);
>>>> workListItemQuery.setNumberOfItems(10l);
>>>> workListItemQuery.setUsername("tibco-admin");
>>>> workListItemQuery.setUserGUID("tibco-admin");
>>>>
>>>> this.getWorkListItems("tibc-admin", workListItemQuery);
>>>>
>>>> }
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
>>
--
Daniel Kulp
[email protected] - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
