Hi everybody,
Sorry for resurrecting an old thread but I didn't have a workaround so
far and I was bitten again by this issue.
The problem is that looks impossible to configure that limit through the
spring configuration. The documentation in
http://cxf.apache.org/docs/security.html#Security-XML is not working for
me because I am using the simple backend and not the jaxws. I have tried
many things and although I could get away from that exception I was
beaten by the same exception later on in reader.next() in
StaxUtils.java:1309
I have asked the same question in
http://mail-archives.apache.org/mod_mbox/cxf-users/201304.mbox/%[email protected]%3E
and although it was possible to configure the client programmatically it
was impossible to configure the server via spring.
Finally we resolved to the following trick in our server-beans.xml
<bean
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass" value="java.lang.System" />
<property name="targetMethod" value="setProperty" />
<property name="arguments">
<list>
<value>org.apache.cxf.stax.maxChildElements</value>
<value>1000000</value>
</list>
</property>
</bean>
because setting the property it is the only thing that it works reliably.
On 07/23/2013 12:23 AM, unicyco wrote:
I'm trying to change the org.apache.cxf.stax.maxChildElements value without
luck. How can I override the default value of 50,000? I've tried injecting
it as a jaxws:property on the endpoint and as a constructor property map
entry on the interceptor. Where should I be injecting it?
Here's my code:
<jaxws:endpoint
id="timeEndpoint"
implementor="#timeService"
address="/TimeService">
<jaxws:properties>
<entry
key="org.apache.cxf.stax.maxChildElements"
value="-1" />
</jaxws:properties>
<jaxws:inInterceptors>
<bean
id="securityInterceptor"
class="com.mycompany.WSS4JSecurityInterceptor">
<constructor-arg>
<map>
<entry
key="org.apache.cxf.stax.maxChildElements"
value="-1" />
</map>
</constructor-arg>
<property
name="usernameInterceptor"
ref="usernameInterceptor" />
<property
name="certificateInterceptor"
ref="certificateInterceptor" />
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean
id="usernameInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry
key="action"
value="UsernameToken" />
<entry
key="passwordType"
value="PasswordText" />
</map>
</constructor-arg>
</bean>
<bean
id="certificateInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry
key="action"
value="Signature" />
<entry
key="signaturePropFile"
value="server_sign.properties" />
</map>
</constructor-arg>
</bean>
public class WSS4JSecurityInterceptor extends WSS4JInInterceptor implements
InitializingBean {
private static final Logger logger =
LoggerFactory.getLogger(WSS4JSecurityInterceptor.class);
private WSS4JInInterceptor certificateInterceptor = null;
private WSS4JInInterceptor usernameInterceptor = null;
public void setCertificateInterceptor(WSS4JInInterceptor
certificateInterceptor) {
this.certificateInterceptor = certificateInterceptor;
}
public void setUsernameInterceptor(WSS4JInInterceptor
usernameInterceptor)
{
this.usernameInterceptor = usernameInterceptor;
}
public WSS4JSecurityInterceptor() {
super();
}
public WSS4JSecurityInterceptor(Map<String, Object> properties) {
super(properties);
}
@Override
public void afterPropertiesSet() throws Exception {
}
@Override
public void handleMessage(SoapMessage message) throws Fault {
SoapMessage messageClone = (SoapMessage) message.clone();
boolean authenticated = true;
try {
usernameInterceptor.handleMessage(messageClone);
} catch (Exception e) {
authenticated = false;
logger.debug("Username/password authentication failed");
}
if (authenticated) {
logger.info("Successfully authenticated using
username/password");
return;
}
authenticated = true;
try {
certificateInterceptor.handleMessage(message);
} catch (Exception e) {
authenticated = false;
logger.debug("Certificate authentication failed", e);
}
if (!authenticated) {
logger.error("Unable to authenticate!");
throw new AuthenticationException("Unable to
authenticate");
}
logger.info("Successfully authenticated using certificate");
}
}
--
View this message in context:
http://cxf.547215.n5.nabble.com/2-possible-validators-interceptors-tp5731252p5731284.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
__________________________________
Vassilis Virvilis Ph.D.
Head of IT
Biovista Inc.
US Offices
2421 Ivy Road
Charlottesville, VA 22903
USA
T: +1.434.971.1141
F: +1.434.971.1144
European Offices
34 Rodopoleos Street
Ellinikon, Athens 16777
GREECE
T: +30.210.9629848
F: +30.210.9647606
www.biovista.com
Biovista is a privately held biotechnology company that finds novel uses
for existing drugs, and profiles their side effects using their
mechanism of action. Biovista develops its own pipeline of drugs in CNS,
oncology, auto-immune and rare diseases. Biovista is collaborating with
biopharmaceutical companies on indication expansion and de-risking of
their portfolios and with the FDA on adverse event prediction.
