One more question for the proxy problem:
I've created the proxy with a consumer/provider declaration and added a
UsernameToken auth-schema to our 3rd party service. But the soap-headers
are not send to the 3rd party service from smx.
Here is my configuration, maybe theres something missing. Can you take a
look at it?
<cxfbc:consumer
wsdl="http://markusw.office.nmmn.com:8080/ws/endion.wsdl";
endpoint="ws-proxy"
targetService="llynch:endionService"
targetEndpoint="FrontendWebServiceProxy"
>
<cxfbc:inInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inInterceptors>
<cxfbc:outInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outInterceptors>
<cxfbc:inFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inFaultInterceptors>
<cxfbc:outFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outFaultInterceptors>
</cxfbc:consumer>
<cxfbc:provider
wsdl="http://markusw.office.nmmn.com:8080/ws/endion.wsdl";
locationURI="http://markusw.office.nmmn.com:8080/ws/endionService";
service="llynch:endionService"
endpoint="FrontendWebServiceProxy"
>
<cxfbc:inInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inInterceptors>
<cxfbc:outInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outInterceptors>
<cxfbc:inFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inFaultInterceptors>
<cxfbc:outFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outFaultInterceptors>
</cxfbc:provider>
And this are the logfile infos on the smx-side:
04.08.2008 13:39:01 org.apache.cxf.interceptor.LoggingInInterceptor
handleMessage
INFO: Inbound Message
--------------------------------------
Encoding: UTF-8
Headers: {content-type=[text/xml;charset=UTF-8], Authorization=[Basic
YXNkZjphc2Rm], Host=[markusw.office.nmmn.com:8193],
Content-Length=[1032], SOAPAction=[""], User-Agent=[Jakarta
Commons-HttpClient/3.0.1]}
Message:
<soapenv:Envelope xmlns:sch="http://www.llynch.net/endion/schemas";
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<wsse:UsernameToken wsu:Id="UsernameToken-4261515"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsse:Username>asdf</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>asdf</wsse:Password>
<wsse:Nonce>kZ4rrBS5p4BBociRpNaLtA==</wsse:Nonce>
<wsu:Created>2008-08-04T11:39:01.582Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sch:profileListRequest>
<!--Optional:-->
<sch:type>Newsletter</sch:type>
</sch:profileListRequest>
</soapenv:Body>
</soapenv:Envelope>
--------------------------------------
04.08.2008 13:39:02
org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose
INFO: Outbound Message
--------------------------------------
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body
/></soap:Envelope>
--------------------------------------
javax.jbi.messaging.MessagingException: Out not supported
at
org.apache.servicemix.jbi.messaging.MessageExchangeImpl.setMessage(MessageExchangeImpl.java:357)
at
org.apache.servicemix.cxfbc.CxfBcProviderMessageObserver.onMessage(CxfBcProviderMessageObserver.java:125)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1932)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1790)
at
org.apache.servicemix.cxfbc.CxfBcProvider.process(CxfBcProvider.java:166)
at
org.apache.servicemix.common.AsyncBaseLifeCycle.doProcess(AsyncBaseLifeCycle.java:538)
at
org.apache.servicemix.common.AsyncBaseLifeCycle.processExchange(AsyncBaseLifeCycle.java:490)
at
org.apache.servicemix.common.BaseLifeCycle.onMessageExchange(BaseLifeCycle.java:46)
at
org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.processInBound(DeliveryChannelImpl.java:610)
at
org.apache.servicemix.jbi.nmr.flow.AbstractFlow.doRouting(AbstractFlow.java:170)
at
org.apache.servicemix.jbi.nmr.flow.seda.SedaFlow.doRouting(SedaFlow.java:167)
at
org.apache.servicemix.jbi.nmr.flow.seda.SedaQueue$1.run(SedaQueue.java:134)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
And here is the soap part received by the 3rd-party service:
[DEBUG] 13:39:02.638
[http-8080-Processor24|127.0.0.1|||/ws/endionService]
pringframework.ws.server.endpoint.AbstractLoggingInterceptor
Request: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><sch:profileListRequest
xmlns:sch="http://www.llynch.net/endion/schemas";>
<sch:type
xmlns:sch="http://www.llynch.net/endion/schemas";>Newsletter</sch:type>
</sch:profileListRequest></soap:Body></soap:Envelope>
[DEBUG] 13:39:02.639
[http-8080-Processor24|127.0.0.1|||/ws/endionService]
ingframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor
Validating message [SaajSoapMessage
{http://www.llynch.net/endion/schemas}profileListRequest] with actions
[UsernameToken]
[WARN ] 13:39:02.649
[http-8080-Processor24|127.0.0.1|||/ws/endionService]
ringframework.ws.soap.security.AbstractWsSecurityInterceptor
Could not validate request: No WS-Security header found
Thanks for any input.
Markus
Markus Wolf schrieb:
Hi Freeman,
I'll try it with ws-security then.
Thanks for your help.
Markus
For cxf bc, it can't bridge the basic auth since basic auth is in the
http header, what we save from soap message to jbi message is the soap
header, so if your standalone client and server are using ws-security
to do the auth, it should be bridged by the cxf bc consumer and provider.
Freeman
Markus Wolf wrote:
Hi,
thanks for your reply. Yes I missed your last reply, something was
wrong with my mailinglist subscription.
Our usecase require the authentication credentials on a pre user
base. This means we would like to proxy the authentication
information as well as the webservice. Is it possible to set the
credentials dynamically from the consumer to the provider? The busCfg
seems to be static with exactly one username/password pair.
Thanks
Markus
You can add busCfg attribute (let's say busCfg="basic_auth.xml") for
your cxf bc provider xbean,
and your basic_auth.xml should be like
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:jaxws="http://java.sun.com/xml/ns/jaxws";
xsi:schemaLocation="
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";>
<http:conduit name="{your_name_space}your_endpoint_name.http-conduit">
<http:authorization>
<sec:UserName>Betty</sec:UserName>
<sec:Password>password</sec:Password>
</http:authorization>
</http:conduit>
</beans>
You can get more details about the http transport configuration from
[1]
[1]http://cwiki.apache.org/CXF20DOC/client-http-transport-including-ssl-support.html
btw, I think you miss my reply for this issue during weekend
Regards
Freeman
Markus Wolf wrote:
Hi,
we need to proxy a webservice with smx. No problem with this, since
enough examples are given. :)
But our 3rd party webservice requires http-basic auth and we are
struggeling in configuring smx to proxy the authentication. Is there a
way to do so? If not, is it possible to proxy ws-security headers?
We tried to use cxf and http based provider/consumer setup and both
failed.
Thanks for any hint
Markus Wolf
--
NMMN - New Media Markets & Networks GmbH
Geschäftsführung: Kfm. Michael Schütt
Finanzamt HH-Altona UStID DE 812 699 852 HRB 71102 Hamburg
HypoVereinsbank - BLZ 200 300 00 - Konto-Nr. 156 29 82
http://www.nmmn.com Tel.: +49 40 284 118 -0
Langbehnstrasse 6 Entwicklung: -720
22761 Hamburg Fax: -999
Rufen Sie uns kostenlos an: http://www.nmmn.com/call/software
