Hi Markus,
Please try to use the latest released servicemix 3.2.2 to see you still
has the problem?
Freeman
Markus Wolf wrote:
One more question for the proxy problem:
I've created the proxy with a consumer/provider declaration and added
a UsernameToken auth-schema to our 3rd party service. But the
soap-headers are not send to the 3rd party service from smx.
Here is my configuration, maybe theres something missing. Can you take
a look at it?
<cxfbc:consumer
wsdl="http://markusw.office.nmmn.com:8080/ws/endion.wsdl";
endpoint="ws-proxy"
targetService="llynch:endionService"
targetEndpoint="FrontendWebServiceProxy"
>
<cxfbc:inInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inInterceptors>
<cxfbc:outInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outInterceptors>
<cxfbc:inFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inFaultInterceptors>
<cxfbc:outFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outFaultInterceptors>
</cxfbc:consumer>
<cxfbc:provider
wsdl="http://markusw.office.nmmn.com:8080/ws/endion.wsdl";
locationURI="http://markusw.office.nmmn.com:8080/ws/endionService";
service="llynch:endionService"
endpoint="FrontendWebServiceProxy"
>
<cxfbc:inInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inInterceptors>
<cxfbc:outInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outInterceptors>
<cxfbc:inFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inFaultInterceptors>
<cxfbc:outFaultInterceptors>
<bean
class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
</cxfbc:outFaultInterceptors>
</cxfbc:provider>
And this are the logfile infos on the smx-side:
04.08.2008 13:39:01 org.apache.cxf.interceptor.LoggingInInterceptor
handleMessage
INFO: Inbound Message
--------------------------------------
Encoding: UTF-8
Headers: {content-type=[text/xml;charset=UTF-8], Authorization=[Basic
YXNkZjphc2Rm], Host=[markusw.office.nmmn.com:8193],
Content-Length=[1032], SOAPAction=[""], User-Agent=[Jakarta
Commons-HttpClient/3.0.1]}
Message:
<soapenv:Envelope xmlns:sch="http://www.llynch.net/endion/schemas";
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<wsse:UsernameToken wsu:Id="UsernameToken-4261515"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsse:Username>asdf</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>asdf</wsse:Password>
<wsse:Nonce>kZ4rrBS5p4BBociRpNaLtA==</wsse:Nonce>
<wsu:Created>2008-08-04T11:39:01.582Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sch:profileListRequest>
<!--Optional:-->
<sch:type>Newsletter</sch:type>
</sch:profileListRequest>
</soapenv:Body>
</soapenv:Envelope>
--------------------------------------
04.08.2008 13:39:02
org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose
INFO: Outbound Message
--------------------------------------
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body
/></soap:Envelope>
--------------------------------------
javax.jbi.messaging.MessagingException: Out not supported
at
org.apache.servicemix.jbi.messaging.MessageExchangeImpl.setMessage(MessageExchangeImpl.java:357)
at
org.apache.servicemix.cxfbc.CxfBcProviderMessageObserver.onMessage(CxfBcProviderMessageObserver.java:125)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1932)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1790)
at
org.apache.servicemix.cxfbc.CxfBcProvider.process(CxfBcProvider.java:166)
at
org.apache.servicemix.common.AsyncBaseLifeCycle.doProcess(AsyncBaseLifeCycle.java:538)
at
org.apache.servicemix.common.AsyncBaseLifeCycle.processExchange(AsyncBaseLifeCycle.java:490)
at
org.apache.servicemix.common.BaseLifeCycle.onMessageExchange(BaseLifeCycle.java:46)
at
org.apache.servicemix.jbi.messaging.DeliveryChannelImpl.processInBound(DeliveryChannelImpl.java:610)
at
org.apache.servicemix.jbi.nmr.flow.AbstractFlow.doRouting(AbstractFlow.java:170)
at
org.apache.servicemix.jbi.nmr.flow.seda.SedaFlow.doRouting(SedaFlow.java:167)
at
org.apache.servicemix.jbi.nmr.flow.seda.SedaQueue$1.run(SedaQueue.java:134)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
And here is the soap part received by the 3rd-party service:
[DEBUG] 13:39:02.638
[http-8080-Processor24|127.0.0.1|||/ws/endionService]
pringframework.ws.server.endpoint.AbstractLoggingInterceptor
Request: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><sch:profileListRequest
xmlns:sch="http://www.llynch.net/endion/schemas";>
<sch:type
xmlns:sch="http://www.llynch.net/endion/schemas";>Newsletter</sch:type>
</sch:profileListRequest></soap:Body></soap:Envelope>
[DEBUG] 13:39:02.639
[http-8080-Processor24|127.0.0.1|||/ws/endionService]
ingframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor
Validating message [SaajSoapMessage
{http://www.llynch.net/endion/schemas}profileListRequest] with actions
[UsernameToken]
[WARN ] 13:39:02.649
[http-8080-Processor24|127.0.0.1|||/ws/endionService]
ringframework.ws.soap.security.AbstractWsSecurityInterceptor
Could not validate request: No WS-Security header found
Thanks for any input.
Markus
Markus Wolf schrieb:
Hi Freeman,
I'll try it with ws-security then.
Thanks for your help.
Markus
For cxf bc, it can't bridge the basic auth since basic auth is in
the http header, what we save from soap message to jbi message is
the soap header, so if your standalone client and server are using
ws-security to do the auth, it should be bridged by the cxf bc
consumer and provider.
Freeman
Markus Wolf wrote:
Hi,
thanks for your reply. Yes I missed your last reply, something was
wrong with my mailinglist subscription.
Our usecase require the authentication credentials on a pre user
base. This means we would like to proxy the authentication
information as well as the webservice. Is it possible to set the
credentials dynamically from the consumer to the provider? The
busCfg seems to be static with exactly one username/password pair.
Thanks
Markus
You can add busCfg attribute (let's say busCfg="basic_auth.xml")
for your cxf bc provider xbean,
and your basic_auth.xml should be like
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:sec="http://cxf.apache.org/configuration/security";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:jaxws="http://java.sun.com/xml/ns/jaxws";
xsi:schemaLocation="
http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";>
<http:conduit
name="{your_name_space}your_endpoint_name.http-conduit">
<http:authorization>
<sec:UserName>Betty</sec:UserName>
<sec:Password>password</sec:Password>
</http:authorization>
</http:conduit>
</beans>
You can get more details about the http transport configuration
from [1]
[1]http://cwiki.apache.org/CXF20DOC/client-http-transport-including-ssl-support.html
btw, I think you miss my reply for this issue during weekend
Regards
Freeman
Markus Wolf wrote:
Hi,
we need to proxy a webservice with smx. No problem with this, since
enough examples are given. :)
But our 3rd party webservice requires http-basic auth and we are
struggeling in configuring smx to proxy the authentication. Is
there a
way to do so? If not, is it possible to proxy ws-security headers?
We tried to use cxf and http based provider/consumer setup and
both failed.
Thanks for any hint
Markus Wolf
