My understanding was that if i deploy a smx3/JBI artifacts on SMX4, the dependent libs (like saaj-impl) are converted to bundles. Looks like this is not the case, atleast from the errors I get when i do/dont copy the bundle version of saaj impl.
This behavior is consistent when I deploy 3.3.1.17 cxf-ws-security example on SMX4, ie, a) deploy ws-security SA b) run client test --> error: Problems creating SAAJ object model c) copy the saaj impl bundle on deploy folder --> error: An error was discovered processing the <wsse:Security> header I am not sure now: if at all JBI packaging is a good idea and thinking of switching to osgi bundles! I appreciate your thoughts/comments. Thanks! http://www.nabble.com/file/p23071318/org.apache.servicemix.samples.cxf_ws_security.ClientSecurityTest.t%3Cnabble_a%20href%3D TEST-org.apache.servicemix.samples.cxf_ws_security.ClientSecurityTest.xml xt">org.apache.servicemix.samples.cxf_ws_security.ClientSecurityTest.txt Freeman Fang wrote: > > saravanan.t wrote: >> Ok, thanks, I will use 3.3 example client to test the service on SMX4. >> >> My understanding about the wss4j interceptor is that it does include >> SAAJInInterceptor implicitly, in the version included in SMX4. correct me >> if >> i am wrong. >> > I just check the cxf code, yeah, after cxf 2.1, the SAAJInInterceptor is > added by WSS4JInInterceptor, so you needn't add it explicitly. Sorry, my > fault. >> Another question I had is why I needed to copy the bundle version of the >> saaj impl while the lib version is already included in the SA/SU >> packaging. >> >> > Because SMX4 is osgi cantainer, all libs should be installed as osgi > bundle, so that the class is available in osgi env. >> Thanks! >> >> >> Freeman Fang wrote: >> >>> Some more questions >>> May I ask how would you know the request message is correct one? Do you >>> ever test it in SMX 3.x? >>> If not, what I can suggest here first is >>> write your testcase based on cxf-ws-security demo shipped with FUSE >>> ESB(which is based on Apache Servicemix, you can find the latest >>> releasedkit from [1]) >>> write a java client which can work with SAs you deployed in SMX3, like >>> we do in cxf-ws-security, and dump the onwire soap request message, so >>> that you know the request message is correct. >>> Ensure the testcase working in SMX3 is a good start to porting it in >>> SMX4 >>> Btw, your testcase seems miss >>> org.apache.cxf.binding.soap.saaj.SAAJInInterceptor, which is necessary >>> when use ws-security >>> [1]http://repo.open.iona.com/maven2/org/apache/servicemix/apache-servicemix/3.3.1.17-fuse/ >>> >>> Thanks >>> Freeman >>> >>> saravanan.t wrote: >>> >>>> Please see attached. I have upated the readme file to reflect the >>>> changes >>>> I >>>> made, added the saaj-impl bundle. >>>> >>>> >>>> >>>> Freeman Fang wrote: >>>> >>>> >>>>> Hi, >>>>> I assume your test is based on the cxf-ws-security demo from FUSE ESB >>>>> kit, right? >>>>> Would you please send your testcase(with a README) to me and I can do >>>>> a >>>>> quick test. >>>>> Freeman >>>>> >>>>> saravanan.t wrote: >>>>> >>>>> >>>>>> This is my client request: >>>>>> >>>>>> <soapenv:Envelope >>>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; >>>>>> xmlns:typ="http://servicemix.apache.org/samples/wsdl-first/types";> >>>>>> <soapenv:Header> >>>>>> <wsse:Security soapenv:mustUnderstand="1" >>>>>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> >>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-21566635" >>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> >>>>>> <wsse:Username>smx</wsse:Username> >>>>>> <wsse:Password >>>>>> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>nLk0R9C8jmaHBMwFq74GuweJbQs=</wsse:Password> >>>>>> </wsse:UsernameToken> >>>>>> </wsse:Security> >>>>>> </soapenv:Header> >>>>>> <soapenv:Body> >>>>>> <typ:GetPerson> >>>>>> <typ:personId>1</typ:personId> >>>>>> </typ:GetPerson> >>>>>> </soapenv:Body> >>>>>> </soapenv:Envelope> >>>>>> >>>>>> The password is the same as the one on users.properties file. Is this >>>>>> correct? >>>>>> >>>>>> I also noticed this: >>>>>> >>>>>> java.lang.NoClassDefFoundError: org/opensaml/SAMLException >>>>>> >>>>>> only on the console! >>>>>> >>>>>> I also realised that wss4j bundle imports org.opensaml optionally. Do >>>>>> i >>>>>> need >>>>>> this saml bundle..? I cannot seem to find that bundle from smx repo >>>>>> though. >>>>>> >>>>>> >>>>>> Freeman Fang wrote: >>>>>> >>>>>> >>>>>> >>>>>>> The error shows client request can't be authenticated correctly. >>>>>>> How you send client request? >>>>>>> >>>>>>> saravanan.t wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> packaging the saaj.impl jar inside the cxf-bc su didn't help. when >>>>>>>> i >>>>>>>> tried >>>>>>>> copying the org.apache.servicemix.bundles.saaj-impl-1.3_1.jar >>>>>>>> bundle >>>>>>>> into >>>>>>>> the deploy folder, i got this fault: >>>>>>>> >>>>>>>> <soap:Envelope >>>>>>>> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> >>>>>>>> <soap:Body> >>>>>>>> <soap:Fault> >>>>>>>> <faultcode >>>>>>>> xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>ns1:InvalidSecurity</faultcode> >>>>>>>> <faultstring>An error was discovered processing the >>>>>>>> <wsse:Security> header</faultstring> >>>>>>>> </soap:Fault> >>>>>>>> </soap:Body> >>>>>>>> </soap:Envelope> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Freeman Fang wrote: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> quick question: >>>>>>>>> Do you have saaj-impl bundle installed already? >>>>>>>>> Freeman >>>>>>>>> saravanan.t wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> Thanks for your quick response! >>>>>>>>>> >>>>>>>>>> I did try adding the dependency on saaj in cxfbc-su pom like >>>>>>>>>> this: >>>>>>>>>> >>>>>>>>>> <dependency> >>>>>>>>>> <groupId>com.sun.xml</groupId> >>>>>>>>>> <artifactId>saaj-impl</artifactId> >>>>>>>>>> <version>1.3</version> >>>>>>>>>> </dependency> >>>>>>>>>> >>>>>>>>>> I could see the saaj-impl jar file in that su zip file. >>>>>>>>>> >>>>>>>>>> But, i still seem to get the same error. is it with the version? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Freeman Fang wrote: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> Seems your consumer su miss saaj-impl dependency. >>>>>>>>>>> Freeman >>>>>>>>>>> >>>>>>>>>>> saravanan.t wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> Hello, >>>>>>>>>>>> >>>>>>>>>>>> I have been playing with SMX4 for few days now and I started >>>>>>>>>>>> liking >>>>>>>>>>>> it >>>>>>>>>>>> already, as it nicely integrates the best 3 things: spring, >>>>>>>>>>>> osgi >>>>>>>>>>>> & >>>>>>>>>>>> JBI >>>>>>>>>>>> (in >>>>>>>>>>>> addition to Camel/AMQ/CXF and others). >>>>>>>>>>>> >>>>>>>>>>>> Thanks to you guys for a great job! >>>>>>>>>>>> >>>>>>>>>>>> The question I had is related to enabling ws-security to a >>>>>>>>>>>> service >>>>>>>>>>>> on >>>>>>>>>>>> CXF. >>>>>>>>>>>> To understand this, I thought it is good to take the shipped >>>>>>>>>>>> cxf-wsdl-first >>>>>>>>>>>> example and try to make it ws-security enabled by: >>>>>>>>>>>> >>>>>>>>>>>> adding WSS4J interceptor on cxf-bc su: >>>>>>>>>>>> >>>>>>>>>>>> <code> >>>>>>>>>>>> <beans xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"; >>>>>>>>>>>> >>>>>>>>>>>> xmlns:person="http://servicemix.apache.org/samples/wsdl-first";> >>>>>>>>>>>> >>>>>>>>>>>> <cxfbc:consumer wsdl="classpath:person.wsdl" >>>>>>>>>>>> targetService="person:PersonService" >>>>>>>>>>>> targetInterface="person:Person"> >>>>>>>>>>>> <!-- WS-Security interceptors --> >>>>>>>>>>>> <cxfbc:inInterceptors> >>>>>>>>>>>> <ref bean="wss4jin"/> >>>>>>>>>>>> </cxfbc:inInterceptors> >>>>>>>>>>>> </cxfbc:consumer> >>>>>>>>>>>> >>>>>>>>>>>> <bean >>>>>>>>>>>> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor" >>>>>>>>>>>> id="wss4jin"> >>>>>>>>>>>> <constructor-arg> >>>>>>>>>>>> <map> >>>>>>>>>>>> <entry key="action" value="UsernameToken"/> >>>>>>>>>>>> >>>>>>>>>>>> <entry key="passwordType" >>>>>>>>>>>> value="PasswordDigest" /> >>>>>>>>>>>> <entry key="passwordCallbackClass" >>>>>>>>>>>> >>>>>>>>>>>> value="org.apache.servicemix.samples.wsdl_first.ServerPasswordCallback"/> >>>>>>>>>>>> </map> >>>>>>>>>>>> </constructor-arg> >>>>>>>>>>>> </bean> >>>>>>>>>>>> >>>>>>>>>>>> </beans> >>>>>>>>>>>> </code> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> and then testing it on soap-ui client with: >>>>>>>>>>>> >>>>>>>>>>>> <code> >>>>>>>>>>>> <soapenv:Envelope >>>>>>>>>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; >>>>>>>>>>>> xmlns:typ="http://servicemix.apache.org/samples/wsdl-first/types";> >>>>>>>>>>>> <soapenv:Header><wsse:Security >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:UsernameToken >>>>>>>>>>>> wsu:Id="UsernameToken-2956574" >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsse:Username>smx</wsse:Username><wsse:Password >>>>>>>>>>>> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>7vBUrC3FJYywtWp2S9t6RKgT0GQ=</wsse:Password><wsse:Nonce>XCTIgEZbX0l9qJQl2nXEkg==</wsse:Nonce><wsu:Created>2009-04-14T11:03:09.342Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header> >>>>>>>>>>>> <soapenv:Body> >>>>>>>>>>>> <typ:GetPerson> >>>>>>>>>>>> <typ:personId>1</typ:personId> >>>>>>>>>>>> </typ:GetPerson> >>>>>>>>>>>> </soapenv:Body> >>>>>>>>>>>> </soapenv:Envelope> >>>>>>>>>>>> </code> >>>>>>>>>>>> >>>>>>>>>>>> but the response is: >>>>>>>>>>>> >>>>>>>>>>>> <code> >>>>>>>>>>>> <faultcode>soap:Client</faultcode> >>>>>>>>>>>> <faultstring>Problems creating SAAJ object >>>>>>>>>>>> model</faultstring> >>>>>>>>>>>> </code> >>>>>>>>>>>> >>>>>>>>>>>> Any idea what i am missing...? >>>>>>>>>>>> >>>>>>>>>>>> Thanks! >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Freeman Fang >>>>>>>>>>> ------------------------ >>>>>>>>>>> Open Source SOA: http://fusesource.com >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> -- >>>>>>>>> Freeman Fang >>>>>>>>> ------------------------ >>>>>>>>> Open Source SOA: http://fusesource.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> -- >>>>>>> Freeman Fang >>>>>>> ------------------------ >>>>>>> Open Source SOA: http://fusesource.com >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>> -- >>>>> Freeman Fang >>>>> ------------------------ >>>>> Open Source SOA: http://fusesource.com >>>>> >>>>> >>>>> >>>>> >>>>> >>>> http://www.nabble.com/file/p23055692/cxf-wsdl-first.rar >>>> cxf-wsdl-first.rar >>>> >>>> >>> -- >>> Freeman Fang >>> ------------------------ >>> Open Source SOA: http://fusesource.com >>> >>> >>> >>> >> >> > > > -- > Freeman Fang > ------------------------ > Open Source SOA: http://fusesource.com > > > -- View this message in context: http://www.nabble.com/SMX4-and-WS-Security-tp23037639p23071318.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
