This is now fixed: https://issues.apache.org/jira/browse/CXF-7220
Colm. On Thu, Jan 19, 2017 at 10:04 AM, martijn.list <[email protected]> wrote: > On 01/16/2017 03:32 PM, Colm O hEigeartaigh wrote: > > It's a bug...either in CXF or WSS4J. It manifests when there is > whitespace > > between the SOAP Body tag and the first Element in the Body itself. For a > > workaround, you can just use the DOM WSS4JInInterceptor instead. > > Enabling "strip whitespace" in SoapUI also works. > > Kind regards, > > Martijn Brinkers > > > >> I have CXF configured server side with spring and enabled UsernameToken > >> authentication: > >> > >> <bean id="publicWebServicePasswordInterceptor" > >> class="org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor"> > >> <constructor-arg> > >> <map> > >> <entry key="action" value="UsernameToken" /> > >> <entry key="passwordType" value="PasswordText" /> > >> <entry key="passwordCallbackRef"> > >> <ref bean="publicWebServicePasswordHandler"/> > >> </entry> > >> </map> > >> </constructor-arg> > >> </bean> > >> > >> <jaxws:inInterceptors> > >> <ref bean="publicWebServicePasswordInterceptor"/> > >> </jaxws:inInterceptors> > >> > >> This works when the SOAP client is created with CXF. However when I use > >> SoapUI to test the web service I always get the following error in the > >> SOAP server: > >> > >> "Security processing failed (actions mismatch)" > >> > >> With some debugging I noticed that the "incomingSecurityEventList" is > >> empty when > >> > >> From StaxActionInInterceptor: > >> > >> public void handleMessage(SoapMessage soapMessage) > >> { > >> [SNIP] > >> ... > >> List<SecurityEvent> incomingSecurityEventList = > >> (List)soapMessage.get(SecurityEvent.class.getName() + ".in"); > >> ... > >> > >> This is why a few lines later a SoapFault exception is thrown because > >> the incomingSecurityEventList should not be empty. > >> > >> If I use the CXF SOAP client (which works), the > >> incomingSecurityEventList contains the following object: > >> > >> org.apache.wss4j.stax.securityEvent.UsernameTokenSecurityEvent > >> > >> It might be that the SOAP call from SoapUI is incorrect or that > >> something is missing but I have not figured out why this is not working. > >> > >> I hope someone can tell me what's not correct with the SOAP call from > >> SoapUI: > >> > >> SOAP call from SoapUI (from tcpdump): > >> > >> POST /usersws HTTP/1.1 > >> > >> Content-Type: text/xml;charset=UTF-8 > >> > >> SOAPAction: "" > >> > >> Content-Length: 829 > >> > >> Host: 127.0.0.1:9009 > >> > >> Connection: Keep-Alive > >> > >> User-Agent: Apache-HttpClient/4.1.1 (java 1.5) > >> > >> > >> > >> <soapenv:Envelope > >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > >> xmlns:ws="http://ws.djigzo.application.mitm/";> > >> <soapenv:Header><wsse:Security soapenv:mustUnderstand="1" > >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- > >> 200401-wss-wssecurity-secext-1.0.xsd" > >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- > >> 200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken > >> wsu:Id="UsernameToken-A74ECD7A71C7695F3D148438453965 > >> 395"><wsse:Username>admin</wsse:Username><wsse:Password > >> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401- > >> wss-username-token-profile-1.0#PasswordText">password</ > >> wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header> > >> <soapenv:Body> > >> <ws:isUser> > >> <!--Optional:--> > >> <email>?</email> > >> </ws:isUser> > >> </soapenv:Body> > >> </soapenv:Envelope> > >> > >> I have tested it with CXF 3.0.9 and with 3.0.12 > >> > >> Any idea why this is not working? > >> > >> Kind regards, > >> > >> Martijn Brinkers > >> > > > > > > > > > -- > CipherMail email encryption > > Email encryption with support for S/MIME, OpenPGP, PDF encryption and > secure webmail pull. > > https://www.ciphermail.com > > Twitter: http://twitter.com/CipherMail > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
