On Mon, Feb 19, 2018 at 4:42 PM, Ujjwal Gulecha <ujjwal.gule...@gmail.com> wrote:
> > *I am not quite sure if I understand that correctly. Is there some > documentation or example you could point me through? Thank You* > What I meant was you could use CXF to create a JAX-WS endpoint using the WSDL and some test credentials (instead of mocking the endpoint). To see how to do it you could take a look at the example test: https://github.com/apache/cxf/blob/master/systests/ws-security-examples/src/test/java/org/apache/cxf/systest/wssec/examples/secconv/SecureConversationTest.java https://github.com/apache/cxf/tree/master/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/secconv > > *The STS and external server are the same. In my mocked version I used > WireMock to create a localhost port and just made a mock response that when > the mocked server expects a request ending with certain url, respond with a > mock response. The issue here is that before the request even hits the > server, the stub requests the mock server for security token and it fails. > How can I mock the security token response from mock server?* > If you enable "INFO" logging (in logging.properties) you can see how the normal flow works with the SecureConversationTest above. The first message the client sends uses the SOAP Action " http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT"; and contains a WS-Trust RequestSecurityToken in the SOAP Body. This is intercepted by the WS-SecureConversation interceptors in CXF to process the request and return a token to the client, which the client then uses to secure the actual service request. Colm. > > Thanks again! > > > ᐧ > > On 19 February 2018 at 08:36, Colm O hEigeartaigh <cohei...@apache.org> > wrote: > >> >> You could just create a fully-fledged CXF endpoint using the WSDL of the >> service and some test credentials? That would definately be easier than >> mocking the service endpoint, as WS-SecureConversation complicates things. >> >> If you are getting an error in SecureConversationInInterceptor about a >> SecurityToken then it sounds like you are not first invoking on the secure >> conversation endpoint that is co-located with the service. You could try >> invoking on a mocked version of this first and then passing the generated >> SecurityToken through to the mocked endpoint. >> >> Colm. >> >> >> On Mon, Feb 19, 2018 at 4:29 PM, Ujjwal Gulecha <ujjwal.gule...@gmail.com >> > wrote: >> >>> Hi Colm, >>> Thanks for replying. Yes, I had that but I guess I had other >>> dependencies too which somehow caused this issue. I removed them all and >>> then just added cxf-bundle and it worked. >>> >>> I had another question: >>> Is there a way to test the cxf generated client while mocking a server? >>> The issue with the regular way of setting a mock server and testing is >>> that the stub interceptors, specially SecurityConversationInterceptor >>> expects a Security Token even though its a mock server. Since its a mock >>> server, it cannot send a security token, hence the test fails. >>> >>> Is there any other way to test it? I have no idea about the server side >>> implementation as it is external >>> >>> Thanks! >>> >>> ᐧ >>> >>> On 19 February 2018 at 02:11, Colm O hEigeartaigh <cohei...@apache.org> >>> wrote: >>> >>>> What CXF dependencies do you have on the classpath? Do you have >>>> "cxf-rt-frontend-jaxws" included? >>>> >>>> Colm. >>>> >>>> On Fri, Feb 16, 2018 at 7:37 PM, Ujjwal Gulecha < >>>> ujjwal.gule...@gmail.com> >>>> wrote: >>>> >>>> > Hi everyone, >>>> > I am new to this group. I have used cxf to generate classes from a >>>> wsdl >>>> > which has some security policy. >>>> > >>>> > Here is the link to the security policy part: >>>> > >>>> > https://gist.github.com/ujjwalgulecha/9edc9538ca4484997cd0bd >>>> 4cfca93501 >>>> > >>>> > From whatever I could gather from the internet and documentations, I >>>> > created an instance of the service generated by cxf and then injected >>>> > username and password into it : >>>> > >>>> > final Map ctx = ((BindingProvider)stub).getRequestContext(); >>>> > >>>> > ctx.put(SecurityConstants.USERNAME, userName); >>>> > ctx.put(SecurityConstants.PASSWORD, password); >>>> > >>>> > >>>> > I assume that cxf will internally be able to detect the policy and do >>>> the >>>> > part where it requests for security token and gets the token and then >>>> makes >>>> > the call to whatever methods are defined in wsdl, example: >>>> getVersion(). >>>> > >>>> > However, this doesn’t seem to work. The call takes like 5 mins and >>>> then >>>> > there is an error saying: >>>> > >>>> > >>>> > If it helps, this is in the logs: >>>> > >>>> > log4j:WARN No appenders could be found for logger (org.jboss.logging). >>>> > log4j:WARN Please initialize the log4j system properly. >>>> > log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig >>>> for >>>> > more info. >>>> > 19:23:45.533 [main] INFO org.eclipse.jetty.util.log - Logging >>>> initialized >>>> > @1812ms to org.eclipse.jetty.util.log.Slf4jLog >>>> > Feb 16, 2018 7:23:46 PM >>>> > [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector] >>>> > selectAlternatives >>>> > WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ >>>> > ws-sx/ws-securitypolicy/200702}EndorsingSupportingTokens" was >>>> evaluated as >>>> > "UNKNOWN". >>>> > Feb 16, 2018 7:23:46 PM >>>> > [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector] >>>> > selectAlternatives >>>> > WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ >>>> > ws-sx/ws-securitypolicy/200702}TransportBinding" was evaluated as >>>> > "UNKNOWN". >>>> > Feb 16, 2018 7:23:46 PM >>>> > [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector] >>>> > selectAlternatives >>>> > WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ >>>> > ws-sx/ws-securitypolicy/200702}Trust13" was evaluated as "UNKNOWN". >>>> > Feb 16, 2018 7:23:46 PM >>>> > [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector] >>>> > selectAlternatives >>>> > WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ >>>> > ws-sx/ws-securitypolicy/200702}Wss11" was evaluated as "UNKNOWN". >>>> > Feb 16, 2018 7:23:46 PM >>>> > [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector] >>>> > selectAlternatives >>>> > WARNING: WSP0075: Policy assertion "{http://www.w3.org/2006/05/ >>>> > addressing/wsdl}UsingAddressing" was evaluated as "UNKNOWN". >>>> > Feb 16, 2018 7:23:46 PM >>>> > [com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector] >>>> > selectAlternatives >>>> > WARNING: WSP0019: Suboptimal policy alternative selected on the >>>> client side >>>> > with fitness "UNKNOWN”. >>>> > >>>> > >>>> > Any help would be appreciated. I have asked around quite a lot and >>>> even >>>> > searched a lot, but haven’t been able to find a solution. >>>> > >>>> > Thanks! >>>> > >>>> > -- >>>> > Ujjwal Gulecha >>>> > ᐧ >>>> > >>>> >>>> >>>> >>>> -- >>>> Colm O hEigeartaigh >>>> >>>> Talend Community Coder >>>> http://coders.talend.com >>>> >>> >>> >>> >>> -- >>> Ujjwal Gulecha >>> >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > > > > -- > Ujjwal Gulecha > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
