> So according to this , if I understood it correctly the example given for > STS has input and output policy which contains the signed part, encrypted > part won't work for Dispatch case?
Yes it appears so. If you change the binding policy, to also include the SignedParts/EncryptedParts policies, does your test-case work? Colm. On Tue, Feb 18, 2014 at 1:51 PM, [email protected] <[email protected]>wrote: > Hi Colm, > > We were doing exactly the same thing which you wrote in the test case. I > have removed the addressing and we are getting the same fault. > > package com.cxf.sample; > import static > org.apache.cxf.ws.addressing.JAXWSAConstants.CLIENT_ADDRESSING_PROPERTIES; > > import java.util.HashMap; > import java.util.Map; > > import javax.xml.soap.MessageFactory; > import javax.xml.soap.SOAPBody; > import javax.xml.soap.SOAPConstants; > import javax.xml.soap.SOAPElement; > import javax.xml.soap.SOAPEnvelope; > import javax.xml.soap.SOAPMessage; > import javax.xml.soap.SOAPPart; > import javax.xml.ws.Dispatch; > import javax.xml.ws.soap.SOAPBinding; > > import org.apache.cxf.Bus; > import org.apache.cxf.endpoint.Client; > import org.apache.cxf.jaxws.DispatchImpl; > import org.apache.cxf.ws.addressing.AddressingProperties; > import org.apache.cxf.ws.addressing.AttributedURIType; > import org.apache.cxf.ws.addressing.EndpointReferenceType; > import org.apache.cxf.ws.addressing.MetadataType; > import org.apache.cxf.ws.addressing.ObjectFactory; > import org.apache.cxf.ws.addressing.ReferenceParametersType; > import org.apache.cxf.ws.addressing.RelatesToType; > import org.apache.cxf.ws.addressing.impl.AddressingPropertiesImpl; > import org.apache.cxf.ws.policy.PolicyConstants; > import org.apache.cxf.ws.security.trust.STSClient; > import org.apache.neethi.Policy; > import org.apache.cxf.ws.security.SecurityConstants; > > > public class TestCXFSTSS { > private static final ObjectFactory WSA_OBJECT_FACTORY = new > ObjectFactory(); > > /** > * @param args > * @throws Exception > */ > public static void main(String[] args) throws Exception { > testService1(); > } > > private static void testService1() throws Exception { > Dispatch<SOAPMessage> dispatch = CXFUtils.getDispatch( > SOAPBinding.SOAP11HTTP_BINDING, > " > http://127.0.0.1:9999/SoapContext/SoapPort";); > Client disPatchClient = ((DispatchImpl<SOAPMessage>) > dispatch).getClient(); > > > //Engage the policy after parsing with neethi library > > Policy wsaPolicy = PolicyHelper.parsePolicy(disPatchClient, > "c://wsa-policy.xml"); > Policy policy = PolicyHelper.parsePolicy(disPatchClient, > "c://wsa-policy2.xml"); > Policy policy2 = PolicyHelper.parsePolicy(disPatchClient, > "c://wsa-policy3.xml"); > wsaPolicy.merge(policy); > wsaPolicy.merge(policy2); > > dispatch.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, > wsaPolicy); > > > Map<String,Object> stsmap = setSTSMaps(); > disPatchClient.getRequestContext().putAll(stsmap); > > //Create the STSClient and set the properties > STSClient stsClient = > createDispatchSTSClient(disPatchClient.getBus()); > > stsClient.setWsdlLocation(" > http://localhost:9989/SecurityTokenService/UT?wsdl";); > //stsClient.setEnableAppliesTo(false); > > disPatchClient.getRequestContext().put("ws-security.sts.client", stsClient > ); > > MessageFactory mf = > MessageFactory.newInstance(SOAPConstants.SOAP_1_1_PROTOCOL); > SOAPMessage request = mf.createMessage(); > SOAPPart part = request.getSOAPPart(); > > // Obtain the SOAPEnvelope and header and body elements. > SOAPEnvelope env = part.getEnvelope(); > SOAPBody body = env.getBody(); > > disPatchClient.getRequestContext().put("ws-security.enable.streaming", > "true"); > > // Construct the message payload. > SOAPElement operation = body.addChildElement("greetMe", > "tns", > "http://apache.org/hello_world_soap_http/types";); > SOAPElement value = > operation.addChildElement("requestType", > "tns","http://apache.org/hello_world_soap_http/types";); > value.addTextNode("Renu"); > request.saveChanges(); > SOAPMessage response = dispatch.invoke(request); > > System.out.println(response.getSOAPBody().getTextContent()); > > > } > > private static Map<String,Object> setSTSMaps(){ > > Map<String,Object> stsmap = new HashMap<String, Object>(); > stsmap.put("ws-security.signature.properties", > "clientKeystore.properties"); > stsmap.put("ws-security.signature.username", > "myclientkey"); > stsmap.put("ws-security.callback-handler", > "com.cxf.sample.ClientCallbackHandler"); > stsmap.put("ws-security.encryption.properties", > "clientKeystore.properties"); > stsmap.put("ws-security.encryption.username", > "myservicekey"); > return stsmap; > > } > > private static STSClient createDispatchSTSClient(Bus bus) { > STSClient stsClient = new STSClient(bus); > > stsClient.setServiceName("{ > http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService";); > > stsClient.setEndpointName("{ > http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port";); > Map<String, Object> stsprop = new HashMap<String, Object>(); > stsprop.put("ws-security.username","alice"); > > > stsprop.put("ws-security.callback-handler","com.cxf.sample.ClientCallbackHandler"); > > > stsprop.put("ws-security.encryption.properties","clientKeystore.properties"); > stsprop.put("ws-security.encryption.username","mystskey"); > > stsprop.put("ws-security.sts.token.username","myclientkey"); > > > stsprop.put("ws-security.sts.token.properties","clientKeystore.properties"); > stsprop.put("ws-security.sts.token.usecert","true"); > stsprop.put("ws-security.is-bsp-compliant", "false"); > stsClient.setProperties(stsprop); > return stsClient; > } > > } > > > Exception: > > > Feb 18, 2014 7:20:32 PM org.apache.cxf.ws.addressing.soap.MAPCodec > restoreExchange > WARNING: Response message does not contain WS-Addressing properties. Not > correlating response. > Feb 18, 2014 7:20:32 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor > handleMessage > WARNING: Request does not contain Security header, but it's a fault. > Feb 18, 2014 7:20:32 PM org.apache.cxf.ws.addressing.ContextUtils > retrieveMAPs > WARNING: WS-Addressing - failed to retrieve Message Addressing Properties > from context > Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: These > policy alternatives can not be satisfied: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts: > {http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRYPTED > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts: > {http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED > at > org.apache.cxf.jaxws.DispatchImpl.mapException(DispatchImpl.java:287) > at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:388) > at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243) > at com.cxf.sample.TestCXFSTSS.testService1(TestCXFSTSS.java:86) > at com.cxf.sample.TestCXFSTSS.main(TestCXFSTSS.java:42) > Caused by: org.apache.cxf.binding.soap.SoapFault: These policy alternatives > can not be satisfied: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts: > {http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRYPTED > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts: > {http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED > at > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:84) > at > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:51) > at > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:40) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) > at > > org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113) > at > > org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69) > at > > org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) > at > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:835) > at > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1612) > at > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1503) > at > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1310) > at > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) > at > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:628) > at > > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330) > at > org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:365) > at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:381) > ... 3 more > > > "One thing to note is that the security policy associated with the binding > must contain the SignedParts/EncryptedParts (this may explain the error you > give above). Any policy attached to the messages input/output of the > binding does not get picked up for the Dispatch case. " > So according to this , if I understood it correctly the example given for > STS has input and output policy which contains the signed part, encrypted > part won't work for Dispatch case? > > > > > > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Facing-issue-while-building-STS-Client-USing-Dispatch-API-tp5739992p5740102.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
