Hi Andrei, Thank you for your response. Do I have to upgrade both the libraries viz., CXF and WSS4J in order to use that feature?
Thanks, Giriraj. On Fri, Apr 25, 2014 at 4:31 AM, Andrei Shakirin <[email protected]>wrote: > Hi Giriraj, > > Not sure that version of CXF and WSS4J you use, but encrypting passwords > in keystores is supported out of the box in WSS4J 2.0 and CXF 3.0.0. > Follow Colm's blog for details: > http://coheigea.blogspot.de/2014/02/apache-wss4j-200-part-iv.html > > Regards, > Andrei. > > > -----Original Message----- > > From: Giriraj Bhojak [mailto:[email protected]] > > Sent: Freitag, 25. April 2014 05:59 > > To: [email protected]; Colm O hEigeartaigh > > Subject: Re: Issue extending the WSS4JOutInterceptor. > > > > It does. > > The unit test works properly. > > It's only when I integrate this into a web app, I start seeing issues. I > am not sure > > why. All the spring dependencies are common between junit's classpath and > > web app's classpath > > > > Andy, > > I am currently trying the SignaturePropRefId option. I have written a > class that > > does exactly what you mentioned. > > I will let you know how it goes. I was more inclined to extend the > interceptor > > with future needs in mind. But I fell your approach is more clean and > easy. > > > > Thank you so much Colm and Andy. > > > > Thanks, > > Giriraj. > > > > > > On Thu, Apr 24, 2014 at 6:34 PM, Colm O hEigeartaigh > > <[email protected]>wrote: > > > > > Does your new interceptor have a constructor that takes a Map<String, > > > Object>? I modified a system test to use a subclass of > > > Object>WSS4JOutInterceptor > > > which just had an empty constructor + a constructor with Map<String, > > > Object> which called super in both cases, and it worked ok. > > > > > > Colm. > > > > > > > > > On Thu, Apr 24, 2014 at 7:35 PM, Giriraj Bhojak <[email protected]> > > > wrote: > > > > > > > Here is the working config: > > > > > > > > <beans xmlns="http://www.springframework.org/schema/beans"; > > > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > > xmlns:jaxws=" > > > > http://cxf.apache.org/jaxws"; > > > > xmlns:util="http://www.springframework.org/schema/util"; > xmlns:cxf=" > > > > http://cxf.apache.org/core"; > > > > xsi:schemaLocation=" http://www.springframework.org/schema/beans > > > > http://www.springframework.org/schema/beans/spring-beans.xsd > > > > http://cxf.apache.org/jaxws > http://cxf.apache.org/schemas/jaxws.xsd > > > > http://www.springframework.org/schema/util > > > > http://www.springframework.org/schema/util/spring-util.xsd > > > > http://cxf.apache.org/core > > > > http://cxf.apache.org/schemas/core.xsd";> > > > > > > > > > > > > <import resource="classpath:META-INF/cxf/cxf.xml" /> > > > > <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> > > > > > > > > <import resource="classpath:META-INF/cxf/cxf.xml" /> > > > > <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> > > > > > > > > <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" > > > > id="outInterceptor" > > > > > <constructor-arg> > > > > <map> > > > > <entry key="action" value="Timestamp Signature > Encrypt" > > > /> > > > > <entry key="user" value="client" /> > > > > <entry key="signaturePropFile" > > > value="keystore.properties" > > > > /> > > > > <entry key="encryptionPropFile" > > > value="keystore.properties" > > > > /> > > > > <entry key="encryptionUser" value="user" /> > > > > <entry key="passwordCallbackClass" > > > > value="PasswordCallback" /> > > > > <entry key="signatureParts" > > > > value="{Element}{ > > > > > > > > > > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-uti > > > lity-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envel > > > ope/}Body > > > > " > > > > /> > > > > <entry key="encryptionParts" > > > > value="{Element}{ > > > > > > > > > > > http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas. > > > xmlsoap.org/soap/envelope/}Body > > > > " > > > > /> > > > > <entry key="encryptionSymAlgorithm" value=" > > > > http://www.w3.org/2001/04/xmlenc#aes128-cbc"; /> > > > > <entry key="encryptionKeyTransportAlgorithm" value=" > > > > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; /> > > > > <entry key="signatureAlgorithm" value=" > > > > http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > > > > <entry key="isBSPCompliant" value="false" /> > > > > </map> > > > > </constructor-arg> > > > > </bean> > > > > > > > > <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor" > > > > id="ininterceptor"> > > > > <constructor-arg> > > > > <map> > > > > <entry key="action" value="Timestamp Signature > Encrypt" > > > /> > > > > <entry key="signaturePropFile" > > > value="keystore.properties" > > > > /> > > > > <entry key="decryptionPropFile" > > > value="keystore.properties" > > > > /> > > > > <entry key="passwordCallbackClass" > > > > value="PasswordCallback" /> > > > > <entry key="encryptionKeyTransportAlgorithm" value=" > > > > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; /> > > > > <entry key="signatureAlgorithm" value=" > > > > http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > > > > </map> > > > > </constructor-arg> > > > > </bean> > > > > <bean id="logInbound" > > > > class="org.apache.cxf.interceptor.LoggingInInterceptor"> > > > > </bean> > > > > <bean id="logOutbound" > > > > class="org.apache.cxf.interceptor.LoggingOutInterceptor"> > > > > </bean> > > > > <cxf:bus> > > > > <cxf:inInterceptors> > > > > <ref bean="logInbound" /> > > > > </cxf:inInterceptors> > > > > <cxf:outInterceptors> > > > > <ref bean="logOutbound" /> > > > > </cxf:outInterceptors> > > > > <cxf:outFaultInterceptors> > > > > <ref bean="logOutbound" /> > > > > </cxf:outFaultInterceptors> > > > > <cxf:inFaultInterceptors> > > > > <ref bean="logInbound" /> > > > > </cxf:inFaultInterceptors> > > > > </cxf:bus> > > > > </beans> > > > > > > > > > > > > The only change I made that led to error is using a different class > > > > for > > > the > > > > bean with id 'outInterceptor'. > > > > The new class simply extends > > > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor and overrides > > > > loadCrypto(String, String, RequestData) Basically I am trying to > > > > extend Merlin implementation in order to use encrypted properties > > > > for keystore. > > > > When I start the application, I get classcast exceptions due to > > > > classloader(that's what I believe). > > > > So defining a new merlin implementation via keystore.properties does > > > > not help. > > > > Hence I have been trying to inject the new merlin impl by overriding > > > > loadCrypto. > > > > > > > > Could you please help me figure out what's wrong? > > > > > > > > Thanks, > > > > Giriraj. > > > > > > > > > > > > On Thu, Apr 24, 2014 at 2:17 PM, Colm O hEigeartaigh < > > > [email protected] > > > > >wrote: > > > > > > > > > I don't quite follow. Could you paste your entire spring config > please? > > > > > > > > > > Colm. > > > > > > > > > > > > > > > On Thu, Apr 24, 2014 at 7:08 PM, Giriraj Bhojak > > > > > <[email protected]> > > > > > wrote: > > > > > > > > > > > Hello, > > > > > > > > > > > > I am running into a problem if I extend the > > > > > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor via spring > > > beans. > > > > > > > > > > > > I have a bean definition defined as(haven't shown complete > > > > > > <bean> > > > > > > definition) : > > > > > > <bean > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" > > > > > > id="interceptor" > > > > > > > <constructor-arg> > > > > > > <map> > > > > > > <entry key="action" value="Encrypt" /> > > > > > > ............................................................. > > > > > > > > > > > > I need to extend WSS4JOutInterceptor to provide some customized > > > > behavior > > > > > > for crypto properties. > > > > > > But when I do that and use the new class in the above bean > > > definition, > > > > I > > > > > > get following: > > > > > > > > > > > > java.lang.IllegalStateException: Cannot convert value of type > > > > > > [NewOutInterceptor] to required type > > > > > > [org.apache.cxf.interceptor.Interceptor] for property > > > > > 'outInterceptors[0]': > > > > > > no matching editors or conversion strategy found. > > > > > > > > > > > > I am on version 2.7.8 of cxf-rt-ws-security-2.7.8. > > > > > > Could anyone please help me with it? > > > > > > > > > > > > Thanks, > > > > > > Giriraj. > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Colm O hEigeartaigh > > > > > > > > > > Talend Community Coder > > > > > http://coders.talend.com > > > > > > > > > > > > > > > > > > > > > -- > > > Colm O hEigeartaigh > > > > > > Talend Community Coder > > > http://coders.talend.com > > > >
