Hi, > 1) The client with WSS4JStaxOutInterceptor (WSS4J-2.0.0) is not working. It is throwing the exception.
It was a bug in WSS4J 2.0.0 (SOAP schemas were not included), fixed in WSS4J 2.0.1. > 2) I replaced the WSS4J 2.0.0 jar’s with WSS4J 2.0.1 jar and the client side works fine. However with 2.0.0 and 2.0.1 the server > side code was not getting the User Name in password callback handler when WSS4JStaxInInterceptor used, basically > “getIdentifier” method returns an empty string. Everything works fine with old WSS4J interceptors as well as WS-SecurityPolicy. This seems odd. Could you paste in what the UsernameToken from the message looks like, what the CallbackHandler implementation looks like? > 3) WSS4JStaxOutInterceptor does not log the outbound message when the logging enabled. Do you mean that if you enable the CXF logging interceptors, it doesn't log the message? WSS4JStaxOutInterceptor itself doesn't log the message. Colm. On Wed, Aug 20, 2014 at 7:22 PM, NALLA, VENKAT <[email protected]> wrote: > Hi Colm, > > > > I am using Apache CXF version 3.0.0 and testing JAX-WS services with > WS-Security UsernameToken profile with plain password, and running in to > following issues. Appreciate if you could help in resolving these issues. > > > > 1) The client with WSS4JStaxOutInterceptor (WSS4J-2.0.0) is not > working. It is throwing the exception. > > a. Exception using Oracle JDK 7 on Windows 7 desktop in the > attached file “OracleJDK7WSS4J-2.0.0-ClientException on Win7.txt” > > b. Exception using IBM JDK 7 on AIX in the attached file > “IBMJDK7-WSS4j-2.0.0ClientException on AIX.txt” > > > > 2) I replaced the WSS4J 2.0.0 jar’s with WSS4J 2.0.1 jar and the > client side works fine. However with 2.0.0 and 2.0.1 the server side code > was not getting the User Name in password callback handler when > WSS4JStaxInInterceptor used, basically “getIdentifier” method returns an > empty string. Everything works fine with old WSS4J interceptors as well as > WS-SecurityPolicy. > > 3) WSS4JStaxOutInterceptor does not log the outbound message when > the logging enabled. > > > > The server configuration: > > <jaxws:endpoint name="…" createdFromAPI="true"> > > <jaxws:inInterceptors> > > > > <bean class=" > org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor"> > > < > constructor-arg> > > > <map> > > > <entry key="action" value="UsernameToken"/> > > > <entry key="passwordType" value="PasswordText"/> > > > <entry key="passwordCallbackClass" value="...ServerPasswordCallback"/> > > > </map> > > </ > constructor-arg> > > </bean> > > </jaxws:inInterceptors> > > </jaxws:endpoint> > > > > Thanks, > > Venkat > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > >
