Hi, > > I've debugged the PlicyAnnotationListener at the recommended > position, but no > > result. Both methods in case ENDPOINT_SELECTED (addPolicies(...) and > > addEndpointImplPolicies(...)) do not add a policy since the policylists are > > always empty (null). The reason for this is probably that the > PropertyMap of the > > endpoint interface is also null. In summray, no policies (policy > annotations) are > > found. > > Did you see @Policies annotations for the implClass in > addEndpointImplPolicies(...) in debugger variables explorer? > Is the implementation class correct one?
I'm not sure if I understood your question correctly, but in Variables Explorer, I see that other annotation properties I've made for WS-Security, like encryption properties, username, etc., are loaded correctly (the implementation class is JaxWsEndpointImpl). I think this shows that the correct class is loaded. > > > > Do you have any idea/recommendation how to proceed? Do you think the > > reason might be that I missed some important configuration, e.g., > a namespace > > in the policy file or something else (I don't think so since the > examples don't use > > any custom namespaces)? > > > > In which environment did you run your sample projects? Maybe I'll > give it a try > > to switch... > > I don't see obvious problem in your code. > Try to run following CXF system test: https://github.com/apache/cxf/ > blob/master/systests/ws-security/src/test/java/org/apache/cxf/ > systest/ws/policy/JavaFirstPolicyServiceTest.java > It uses service class with very similar @Policy annotation: https:// > github.com/apache/cxf/blob/master/systests/ws-security/src/test/ > java/org/apache/cxf/systest/ws/policy/javafirst/BindingSimpleServiceImpl.java > > What is the difference in your case? The test can be executed and I don't see a difference to the BindingSimpleServiceImpl. What I can do is try to reuse your policy... Regards Niko > > Regards, > Andrei. > > > > > Thanks > > Niko > > > > > > > > Thanks > > > Niko > > > > > > > > > > > Regards, > > > > Andrei. > > > > > > > > > -----Original Message----- > > > > > From: [email protected] > > > > > [mailto:[email protected]] > > > > > Sent: Dienstag, 21. April 2015 12:46 > > > > > To: [email protected] > > > > > Subject: Antwort: RE: Custom WS-Security Policy for Webservice > > > > > > > > > > Hi, > > > > > > > > > > thanks for the link to the examples. I'm using a similar > > > > configuration now, but > > > > > without success. > > > > > > > > > > Concerning your questions: What I want to achieve is basically the > > > policy > > > > > described here ( > > > > > > > > > > http://docs.oasis-open.org/ws-sx/security-policy/examples/ws-sp-usecases- > > > > > examples.html#_Toc274723250 > > > > > ). The only difference is that I want to use Basic128 as the > > > > Algorithm Suite. This > > > > > is the requirement of our customer. Thus, I do not register an > > > interceptor > > > > > provider. The policy assertions I use should be standard, right? > > > > > > > > > > Thanks > > > > > Niko > > > > > > > > > > Andrei Shakirin <[email protected]> schrieb am 20.04.2015 > > 21:06:03: > > > > > > > > > > > Von: Andrei Shakirin <[email protected]> > > > > > > An: "[email protected]" <[email protected]> > > > > > > Datum: 20.04.2015 21:07 > > > > > > Betreff: RE: Custom WS-Security Policy for Webservice > > > > > > > > > > > > Hi, > > > > > > > > > > > > Take a look in following system tests: > > > > > > > > https://github.com/apache/cxf/blob/master/systests/ws-security/src/ > > > > > > > > > test/java/org/apache/cxf/systest/ws/policy/JavaFirstPolicyService.java > > > > > > > > https://github.com/apache/cxf/blob/master/systests/ws-security/src/ > > > > > > test/java/org/apache/cxf/systest/ws/policy/javafirst/ > > > > > > OperationSimpleServiceImpl.java > > > > > > > > > > > > One possible issue is that uri attribute in @Policy annotation > > > > > > can > > > > > be > > > > > > required to be in URI form (classpath:/xxx, file:///xxx). > > > > > > Do you register interceptor provider for the custom policy > > assertion > > > > > > or it contains standard assertions? What is your expectation > > > > > > from activating of custom policy? > > > > > > > > > > > > Regards, > > > > > > Andrei. > > > > > > > > > > > > > -----Original Message----- > > > > > > > From: [email protected] > > > > > > > [mailto:[email protected]] > > > > > > > Sent: Montag, 20. April 2015 12:24 > > > > > > > To: [email protected] > > > > > > > Subject: Custom WS-Security Policy for Webservice > > > > > > > > > > > > > > Hi all, > > > > > > > > > > > > > > I'm trying to apply a custom WS-Security policy to a web > > service. > > > > > > > I'm > > > > > using > > > > > > > wsimport from the jaxws-maven-plugin to generate the SEI. The > > > > > > > implementation of the SEI looks like this: > > > > > > > > > > > > > > > > > > > > > import javax.jws.WebService; > > > > > > > import org.apache.cxf.annotations.Policy; > > > > > > > import org.jboss.ws.api.annotation.EndpointConfig; > > > > > > > > > > > > > > @WebService( > > > > > > > portName = "VehicleOrderRetailDelivery", > > > > > > > serviceName = "VehicleOrderRetailDelivery", > > > > > > > targetNamespace = "some/namespace", > > > > > > > wsdlLocation = > > > > > > > "/WEB-INF/wsdl/VehicleOrderRetailDelivery.wsdl", > > > > > > > endpointInterface = > > > > > > > "mypackage.IVehicleOrderRetailDelivery" > > > > > > > ) > > > > > > > @Policies({@Policy(placement = > > > > > > > Policy.Placement.BINDING, > > > > > uri > > > > > > > = "CustomPolicy.xml", includeInWSDL=true)}) > > > > > > > @EndpointConfig(configFile = > > > > > "WEB-INF/jaxws-endpoint-config.xml" > > > > > > > , configName = "Custom WS-Security Endpoint") > > > > > > > public class VehicleOrderRetailDelivery implements > > > > > > > IVehicleOrderRetailDelivery { > > > > > > > > > > > > > > public void report(@XmlElement(required = > > > > > > > true) > > > > > > ReportRequestType > > > > > > > reportRequest) { ... } > > > > > > > } > > > > > > > > > > > > > > > > > > > > > The problem is that the custom WS-Security policy is not active. > > > > > If > > > > > > > I > > > > > send > > > > > > > requests to the endpoint using SoapUI, I get a soap fault > > telling > > > me > > > > > that > > > > > > > the message contains encrypted data. I'm using Wildfly 8.1.0 > > > > > > > and I've already set the log level to DEBUG but there is no > > > information > > > > > > > in the > > > > > log > > > > > > > what goes wrong or why the policy is not active. This part of > > the > > > > > > > log makes me believe that there is some kind of policy that it > > is > > > > > > > loaded > > > > > > > > > > > > > > 21:43:17,813 FINE > > > > > > > [org.apache.cxf.phase.PhaseInterceptorChain] > > > > > (default > > > > > > > task-5) Chain > > org.apache.cxf.phase.PhaseInterceptorChain@3aa6c815 > > > > > > > was modified. `Current flow:` receive [PolicyInInterceptor, > > > > > > > EndpointAssociationInterceptor, AttachmentInInterceptor] > > > > > > > pre-stream [CertConstraintsInterceptor] > > > > > > > post-stream [StaxInInterceptor] > > > > > > > read [WSDLGetInterceptor, ReadHeadersInterceptor, > > > > > > > SoapActionInInterceptor, StartBodyInterceptor] > > > > > > > pre-protocol [EnableDecoupledFaultInterceptor, > > MEXInInterceptor, > > > > > > > MustUnderstandInterceptor] > > > > > > > pre-protocol-frontend [HandlerAuthInterceptor] > > > > > > > post-protocol [CheckFaultInterceptor, > > > > > JAXBAttachmentSchemaValidationHack > > > > > > > ] > > > > > > > unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor] > > > > > > > pre-logical [NsCtxSelectorStoreInterceptor, > > > > > OneWayProcessorInterceptor, > > > > > > > MustUnderstandEndingInterceptor] > > > > > > > post-logical [WrapperClassInInterceptor] > > > > > > > pre-invoke [SwAInInterceptor, HolderInInterceptor] > > > > > > > invoke [ServiceInvokerInterceptor, > > > > > > > UltimateReceiverMustUnderstandInterceptor] > > > > > > > post-invoke [OutgoingChainInterceptor, > > StaxInEndingInterceptor] > > > > > > > > > > > > > > but why is it not active? Does anybody have an idea why the > > custom > > > > > policy > > > > > > > is not loaded? Any hints are highly appreciated. > > > > > > > > > > > > > > Cheers > > > > > > > Nik
