Hi I am using Service Mix 3.2.2 version, and configured the CXF-BC and SE components using the light-weight mode. And also I configured the interceptor for WS Security in the file cxfBusConfig.xml and specified the file in the cxf-bc. I attached below the servicemix.xml and cxfBusConfig.xml I wish to perform the following.. 1) Parsing the SOAP header for the UserNameToken specified as per WSSE spec. The SOAP header contains elements a) Username b)Password c) Nonce d) Created time stamp 2) Validate the user name and password in my application 3) If security header elements are not valid, interceptor fails and throws the some security exception otherwise the client request gets processed by cxf-bc and cxf-se and returns the response I am getting the following exception with current configuration. Please help on configuring the the interceptor to parse the WS security SOAP header. Thanks Jack INFO: Server startup in 14078 ms CircuitSecurityInterceptor:handleMessage()>>> ********* Invoked.. Start CircuitSecurityInterceptor:handleMessage()>>> *********Adde ValidateIntercepter .. CircuitSecurityInterceptor:handleMessage()>>> ********* END........ CircuitPasswordHandler:handle()>>> ********* Invoked.. Start CircuitPasswordHandler:handle()>>>Security details UID : CircuitUser01 Password : null Password Type : null CircuitPasswordHandler:handle()>>> Password set on WSPasswordCallback CircuitPasswordHandler:authenticated()>>>Start *********uid :CircuitUser01 Passwd : null CircuitPasswordHandler:authenticated()>>>END *********uid :CircuitUser01 Passwd : null CircuitPasswordHandler:handle()>>> ********* uid :CircuitUser01 Passwd : null authenticated .. CircuitPasswordHandler:handle()>>> ********* Invoked.. End Nov 29, 2008 6:27:14 PM org.apache.cxf.phase.PhaseInterceptorChain doIntercept INFO: Interceptor has thrown exception, unwinding now java.lang.SecurityException: Unable to locate a login configuration at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:97) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java: 39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorIm pl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at java.lang.Class.newInstance0(Class.java:350) at java.lang.Class.newInstance(Class.java:303) at javax.security.auth.login.Configuration$3.run(Configuration.java:216) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:210) at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.init(LoginContext.java:234) at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367) at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444) at org.apache.servicemix.jbi.security.auth.impl.JAASAuthenticationService.authenticate(JAASA uthenticationService.java:52) at org.apache.servicemix..cxfbc.interceptors.JbiJAASInterceptor.handleMessage(JbiJAASIntercep tor.java:77) at org.apache.servicemix.cxfbc.interceptors.JbiJAASInterceptor.handleMessage(JbiJAASIntercep tor.java:37) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:7 7) at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestinat ion.java:278) at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.j ava:252) at org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:70) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:722) at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:2 06) at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java:49) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:324) at org..mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505) at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:842) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:730) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:205) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395) at org.mortbay.thread..BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450) Caused by: java.io.IOException: Unable to locate a login configuration at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:206) at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:95) ... 34 more cxfBusConfig.xml ------------------ <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:cxf="http://cxf.apache.org/core"; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd";> <bean id="CircuitSecurityInterceptor" class="org.circuit.order.wss.CircuitSecurityInterceptor"/> <cxf:bus> <cxf:inInterceptors> <ref bean="CircuitSecurityInterceptor"/> </cxf:inInterceptors> </cxf:bus> </beans> servicemix.xml ---------------- <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:sm="http://servicemix.apache.org/config/1.0"; xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"; xmlns:cxfse="http://servicemix.apache.org/cxfse/1.0"; xmlns:ckt="http://circuit.org/order/CircuitSearch" xmlns:audit="http://servicemix.apache.org/audit/1.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";> <bean id="placeholderConfig" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> <property name="location" value="classpath:servicemix-web-console.properties" /> </bean> <!-- JMX server --> <sm:jmxServer id="server" locateExistingServerIfPossible="true" /> <!-- the JBI container --> <sm:container id="jbi" rootDir="./data/smx" MBeanServer="#server" monitorInstallationDirectory="false" monitorDeploymentDirectory="false" createJmxConnector="false"> <sm:activationSpecs> <sm:activationSpec> <sm:component> <cxfbc:component> <cxfbc:endpoints> <cxfbc:consumer wsdl="/WEB-INF/wsdl/CircuitIR.wsdl" busCfg="cxfBusConfig.xml" service="ckt:FrameRelayCircuit" interfaceName="ckt:FrameRelayCircuitPortType" targetEndpoint="CircuitPort" targetService="ckt:FrameRelayCircuit" targetInterface="ckt:FrameRelayCircuitPortType" /> </cxfbc:endpoints> </cxfbc:component> </sm:component> </sm:activationSpec> <sm:activationSpec> <sm:component> <cxfse:component> <cxfse:endpoints> <cxfse:endpoint> <cxfse:pojo> <bean class="org.circuit.order.circuitsearch.FrameRelayCircuitPortTypeImpl"/> </cxfse:pojo> </cxfse:endpoint> </cxfse:endpoints> </cxfse:component> </sm:component> </sm:activationSpec> </sm:activationSpecs> <sm:listeners> <bean class="org.apache.servicemix.web.http.HttpComponentListener" /> </sm:listeners> <sm:services> <sm:statistics statsInterval="10" dumpStats="true" /> </sm:services> </sm:container> <bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean" /> <bean id="rootDir" class="org.springframework.web.util.WebUtils" factory-method="getRealPath"> <constructor-arg ref="servletContext" /> <constructor-arg value="/data/smx" /> </bean> <sm:dotViewService container="#jbi" autoStart="true" /> </beans>
