Hi Stefan,Use Cxf bc provider to connect a https server, you need configure the cxf http conduit to enable https. You can write a file, let's say named cxf-http-conduit.xml, looks like
<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:sec="http://cxf.apache.org/configuration/security"; xmlns:http="http://cxf.apache.org/transports/http/configuration"; xmlns:jaxws="http://java.sun.com/xml/ns/jaxws"; xsi:schemaLocation=" http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd";>
<http:conduit name="{YouEndpointNameSpace}YouEndpointName.http-conduit">
<http:tlsClientParameters disableCNCheck="true">
<sec:trustManagers>
<sec:keyStore type="JKS" password="password"
file="src/test/resources/org/apache/servicemix/cxfbc/ws/security/provider/certs/truststore.jks"/>
</sec:trustManagers>
<sec:keyManagers keyPassword="password">
<sec:keyStore type="JKS" password="password"
file="src/test/resources/org/apache/servicemix/cxfbc/ws/security/provider/certs/wibble.jks"/>
</sec:keyManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
<bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl">
</bean>
</beans>
In this file you can add <http:tlsClientParameters
disableCNCheck="true">, also in this file you configure trustManager and
keyManager stuff for https transport connection.
Then you need add busCfg="cxf-http-conduit.xml" attribute for your cxf
bc provider configuration.
We have a testcase[1] which shows how cxf bc provider connect to external webservice based on https transport.
[1]http://svn.apache.org/repos/asf/servicemix/smx3/branches/servicemix-3.2/deployables/bindingcomponents/servicemix-cxf-bc/src/test/java/org/apache/servicemix/cxfbc/ws/security/CxfBcProviderHttpsTest.java Regards Freman stlecho wrote:
Freeman, I've changed the http:endpoint with http:consumer. The documentation still uses the "old" http:endpoint. Is this a modification done in v3.2.2 ? Now I'm receiving the following error: "The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true." How can this property be defined in ServiceMix ? Details11:50:59,178 | DEBUG | pool-flow.seda.servicemix-cxf-bc-thread-2 | SedaQueue | .jbi.nmr.flow.seda.SedaQueue$1 132 |[EMAIL PROTECTED] dequeued exchange: InOut[ id: ID:192.168.13.175-11bfdefca69-10:0 status: Active role: consumer service: {http://www.ehealth.be/webservices/cod}Codage endpoint: CodageSOAP operation: {http://www.ehealth.be/webservices/cod}encode in: <?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:bean="http://beans.codage.ehealth.smals.be/";><soapenv:Header/><soapenv:Body><bean:encodeRequest><applicationName>?</applicationName><originalData><id>?</id><randomize>?</randomize><inputData>?</inputData></originalData></bean:encodeRequest></soapenv:Body></soapenv:Envelope> fault: <?xml version="1.0" encoding="UTF-8"?><JBIFault xmlns="http://cxf.apache.org/bindings/jbi";><detail xmlns="">The https URL hostname does not match the Common Name (CN) on the server certificate. To disable this check (NOT recommended for production) set the CXF client TLS configuration property "disableCNCheck" to true.</detail></JBIFault> ] Regards, Stefan Lecho. Freeman Fang wrote:Hi Stefan, You should try with the new http endpoint, for http consumer, something like <http:consumer> ... </http:consumer> Regards Freeman stlecho wrote:Hi, I've added the targetOperation attribute on the http:endpoint definition, but now I'm receiving a "Caused by: org.springframework.beans.InvalidPropertyException: Invalid property 'targetOperation' of bean class [org.apache.servicemix.http.HttpEndpoint]:No property 'targetOperation' found" error message.I've noticed that this attribute is supported on the HttpSoapConsumerEndpoint class, so I've added the soap="true" attribute, but that does not solve the issue. http:endpoint <beans xmlns:http="http://servicemix.apache.org/http/1.0"; xmlns:dummy2="http://www.dummy.com/Codage"; xmlns:encode="http://www.ehealth.be/webservices/cod";><http:endpoint service="dummy2:http-encode"targetService="encode:Codage" endpoint="CodageSOAP"role="consumer" locationURI="http://0.0.0.0:8193/Encode/";defaultMep="http://www.w3.org/2004/08/wsdl/in-out"; soap="true" targetOperation="encode:encode" /> </beans> Regards, Stefan. Freeman Fang wrote:stlecho wrote:You needn't specify targetOperation for cxfbc:provider, only specify it in http:endpoint is fine.Hi, I will try this out, but I have some additional questions: -Is there a way to avoid the duplicated definition of the targetOperation on the http:endpoint and cxfbc:provider ?-Are the schemas you mentioned somewhere available ? -Can/should a reference to these schemas be included in the xbean.xml files ? Regards, Stefan. Edell Nolan wrote:Its also a QNAME so you will need to give it the prefix as well. targetOperation="encode:????" Edell. On Mon, Aug 25, 2008 at 4:54 PM, Edell Nolan <[EMAIL PROTECTED]> wrote:Hi, Sorry you need to specify "targetOperation" and not OperationName - it is not documented but I see from the schemas that are gernerated for http and cxfbc that you can specify this. Just place this in your xbean.xml files. HTTP endpoint <http:endpoint service="dummy:http-encode" targetService="encode:Codage" endpoint="CodageSOAP" role="consumer" targetOperation="OPERATION_NAME" locationURI="http://0.0.0.0:8192/Encode/"; defaultMep="http://www.w3.org/2004/08/wsdl/in-out"; /> CXFBC provider <cxfbc:provider wsdl="classpath:codage.wsdl" locationURI=" https://wwwacc.behealth.smals-mvm.be:443/codage_1_0/codage<https://wwwacc.behealth.smals-mvm.be/codage_1_0/codage> " service="encode:Codage" endpoint="CodageSOAP" targetOperation="OPERATION_NAME" useJBIWrapper="false" /> Let me know how it works. Edell. On Mon, Aug 25, 2008 at 3:50 PM, stlecho <[EMAIL PROTECTED]> wrote:The SOAPAction was wrongly configured at client side :o(. I've corrected this and now the SOAPAction is correct, but I'm still receiving the same "Operation not bound on this MessageExchange" error message. stlecho wrote:I've created 1 http su that contains 2 http:endpoints. The 1stendpoint isrunning on http://0.0.0.0:8192/PersonQuery/ and the 2nd one on http://0.0.0.0:8192/Encode/. With a client I'm sending the XML requesttohttp://0.0.0.0:8192/Encode/ but after inspecting the log files, I've remarked that the soapAction of my 2nd endpoint is the one defined forthe1st endpoint :o(. Receiving HTTP request: POST /Encode/ HTTP/1.1 Content-Type: text/xml;charset=UTF-8 SOAPAction: urn://fsb.belgium.be/fphp/v3_0/findPerson User-Agent: Jakarta Commons-HttpClient/3.0.1 Host: localhost:8192 Content-Length: 356 Regards, Stefan. stlecho wrote:Edell, I've been looking at the documentation pages of the http and cxfbc components, but I haven't found a reference to "operationName". Where should this parameter be specified ? Regards, Stefan. Edell Nolan wrote:Hi, You need to specify the operation name if there is more than one operation defined for that PortType. Have you tried to specify the "operationName" Edell. On Mon, Aug 25, 2008 at 12:59 PM, stlecho <[EMAIL PROTECTED]> wrote:Hi, I've configured an http:endpoint and a cxfbc:provider. The WSDL contains 2 operations "encode" and "decode". When sending an XML request to the specified http:endpoint, I'm receiving the following error message: "Operation not bound on this MessageExchange". I suppose that this is linked to the fact that the WSDL contains 2 operations, but I have not find a way to configure this. Namespace definition xmlns:encode="http://www.ehealth.be/webservices/cod"; HTTP endpoint <http:endpoint service="dummy:http-encode" targetService="encode:Codage" endpoint="CodageSOAP" role="consumer" locationURI="http://0.0.0.0:8192/Encode/";defaultMep="http://www.w3.org/2004/08/wsdl/in-out";/>CXFBC provider <cxfbc:provider wsdl="classpath:codage.wsdl" locationURI=" https://wwwacc.behealth.smals-mvm.be:443/codage_1_0/codage"; service="encode:Codage" endpoint="CodageSOAP" useJBIWrapper="false" /> Stacktrace 12:47:50,289 | DEBUG | pool-flow.seda.servicemix-cxf-bc-thread-15 | SedaQueue | .jbi.nmr.flow.seda.SedaQueue$1 132 | [EMAIL PROTECTED] dequeued exchange: InOut[ id: ID:192.168.13.175-11bf8ae14e1-10:5 status: Active role: provider service:{http://www.ehealth.be/webservices/cod}Codage<http://www.ehealth.be/webservices/cod%7DCodage> <http://www.ehealth.be/webservices/cod%7DCodage>endpoint: CodageSOAP in: <?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:bean="http://beans.codage.ehealth.smals.be/"><soapenv:Header/><soapenv:Body><bean:encodeRequest><applicationName>?</applicationName><originalData><id>?</id><randomize>?</randomize><inputData>?</inputData></originalData></bean:encodeRequest></soapenv:Body></soapenv:Envelope>] 12:47:50,305 | DEBUG | pool-flow.seda.servicemix-cxf-bc-thread-15 | CxfBcComponent | emix.common.AsyncBaseLifeCycle 468 | Received exchange: status: Active, role: provider 12:47:50,305 | DEBUG | pool-flow.seda.servicemix-cxf-bc-thread-15 | CxfBcComponent | emix.common.AsyncBaseLifeCycle 536 | Retrieved correlation id: ID:192.168.13.175-11bf8ae14e1-10:5 12:47:50,305 | ERROR | pool-flow.seda.servicemix-cxf-bc-thread-15 | CxfBcComponent | ervicemix.common.BaseLifeCycle 48 |Errorprocessing exchange InOut[ id: ID:192.168.13.175-11bf8ae14e1-10:5 status: Active role: provider service:{http://www.ehealth.be/webservices/cod}Codage<http://www.ehealth.be/webservices/cod%7DCodage> <http://www.ehealth.be/webservices/cod%7DCodage>endpoint: CodageSOAP in: <?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:bean="http://beans.codage.ehealth.smals.be/"><soapenv:Header/><soapenv:Body><bean:encodeRequest><applicationName>?</applicationName><originalData><id>?</id><randomize>?</randomize><inputData>?</inputData></originalData></bean:encodeRequest></soapenv:Body></soapenv:Envelope>] org.apache.cxf.interceptor.Fault: Operation not bound on this MessageExchange atorg.apache.servicemix.cxfbc.CxfBcProvider.process(CxfBcProvider.java:163)atorg.apache.servicemix.common.AsyncBaseLifeCycle.doProcess(AsyncBaseLifeCycle.java:538)atorg.apache.servicemix.common.AsyncBaseLifeCycle.processExchange(AsyncBaseLifeCycle.java:490)atorg.apache.servicemix.common.BaseLifeCycle.onMessageExchange(BaseLifeCycle.java:46)atorg.apache.servicemix.jbi.messaging.DeliveryChannelImpl.processInBound(DeliveryChannelImpl.java:610)atorg.apache.servicemix.jbi.nmr.flow.AbstractFlow.doRouting(AbstractFlow.java:172)atorg.apache.servicemix.jbi.nmr.flow.seda.SedaFlow.doRouting(SedaFlow.java:167)atorg.apache.servicemix.jbi.nmr.flow.seda.SedaQueue$1.run(SedaQueue.java:134)atjava.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)atjava.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)at java.lang.Thread.run(Thread.java:595) Caused by: java.lang.Exception: Operation not bound on this MessageExchange ... 11 more -- View this message in context:http://www.nabble.com/Operation-not-bound-on-this-MessageExchange-tp19142533p19142533.htmlSent from the ServiceMix - User mailing list archive at Nabble.com.-- View this message in context: http://www.nabble.com/Operation-not-bound-on-this-MessageExchange-tp19142533p19145299.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
