What I'm doing seems like it should work, on the server side the policy is
being read in and enforced because messages are being denied. I'm trying to do
a simple username/password to get started but the client does seem interested
in reacting to the policy. Messages are being sent across the queues
successfully but they contain no username/password information, causing the
receiving server to deny the request.
I have spent a good bit of time searching the internet so I wouldn't bother
anyone, but I haven't been able to find the answer. One thing I did notice is
that the examples used jaxws:client for their policies to work. I'm not sure
that's an option since we are using JMS for the transport.
I've also debugged as much as I can and nothing obvious seems to stand out, it
seems to enter the policy interceptor and then exit without doing any work.
Any help is greatly appreciated, thanks in advance.
CXF Version is 2.7.7 (included with JBoss Fuse)
Spring configuration file (for the web service):
************************************************************************************************************
<!-- *** Sender service creator *** -->
<bean id="securityFileTransferServiceProxyFactory"
class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
<property name="serviceClass"
value="com.hp.usa.es.csg.filetransfer.SecurityFileTransferServicePortPortType"
/>
<property name="address"
value="camel://direct:SecurityFileTransferServicePortPortType" />
<property name="username" value="admin"/>
<property name="password" value="admin"/>
<property name="outInterceptors">
<list>
<bean
class="org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor"/>
</list>
</property>
</bean>
<bean id="securityFileTransferServiceClient"
class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"
factory-bean="securityFileTransferServiceProxyFactory"
factory-method="create"
scope="prototype" />
************************************************************************************************************
I have tried removing the interceptor shown above and leaving it in.
I also have the following defined in the spring framework:
************************************************************************************************************
<cxf:bus>
<cxf:features>
<p:policies/>
</cxf:features>
</cxf:bus>
************************************************************************************************************
My application is as follows:
************************************************************************************************************
SecurityFileTransferServicePortPortType serviceClient =
(SecurityFileTransferServicePortPortType)applicationContext.getBean("securityFileTransferServiceClient");
Send in = new Send();
Send.Properties properties = new Send.Properties();
in.setProperties(properties);
<.. a bunch of code that doesn't matter ..>
in.setData(sendData);
************************************************************************************************************
The WSDL looks like the following, I took the policy directly from the CXF
policy example:
************************************************************************************************************
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="FileTransferServiceService"
targetNamespace="http://soa.jboss.org/SecurityFileTransferServiceService";
xmlns:ns1="http://com.hp.usa.csg.services.filetransfer.service/";
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";
xmlns:tns="http://soa.jboss.org/SecurityFileTransferServiceService";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";>
<wsdl:types>
<xs:schema xmlns:tns="http://com.hp.usa.csg.services.filetransfer.service/";
xmlns:xs="http://www.w3.org/2001/XMLSchema";
targetNamespace="http://com.hp.usa.csg.services.filetransfer.service/";
version="1.0">
<xs:import
namespace="http://soa.jboss.org/SecurityFileTransferServiceService"/>
<xs:element name="send" type="tns:send"/>
<xs:complexType name="send">
<xs:sequence>
<xs:element name="properties">
<xs:complexType>
<xs:sequence>
<xs:element maxOccurs="unbounded" minOccurs="0" name="entry"
nillable="true">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="key" type="xs:string"/>
<xs:element minOccurs="0" name="value" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element minOccurs="0" name="data" type="xs:base64Binary"/>
</xs:sequence>
</xs:complexType>
</xs:schema>
</wsdl:types>
<wsdl:message name="SecurityFileTransferServicePortOp">
<wsdl:part name="in" element="ns1:send">
</wsdl:part>
</wsdl:message>
<wsdl:portType name="SecurityFileTransferServicePortPortType">
<wsdl:operation name="SecurityFileTransferServicePortOp">
<wsdl:input name="SecurityFileTransferServicePortOp"
message="tns:SecurityFileTransferServicePortOp">
</wsdl:input>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="FileTransferServiceServiceSoapBinding"
type="tns:SecurityFileTransferServicePortPortType">
<wsp:PolicyReference
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; URI="#UP_policy"/>
<soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="SecurityFileTransferServicePortOp">
<soap:operation
soapAction="http://soa.jboss.org/SecurityFileTransferServiceService/SecurityFileTransferServicePortOp";
style="document"/>
<wsdl:input name="SecurityFileTransferServicePortOp">
<soap:body use="literal"/>
</wsdl:input>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="FileTransferServiceService">
<wsdl:port name="SecurityFileTransferServicePortPortTypePort"
binding="tns:FileTransferServiceServiceSoapBinding">
<soap:address
location="https://localhost:8183/SecurityFileTransferServicePortPortTypePort"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="UP_policy" xmlns:wsp="http://www.w3.org/ns/ws-policy";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128 />
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>
************************************************************************************************************
