saravanan.t wrote:
My understanding was that if i deploy a smx3/JBI artifacts on SMX4, the
dependent libs (like saaj-impl) are converted to bundles. Looks like this is
not the case, atleast from the errors I get when i do/dont copy the bundle
version of saaj impl.
This behavior is consistent when I deploy 3.3.1.17 cxf-ws-security example
on SMX4, ie,
a) deploy ws-security SA
b) run client test
--> error: Problems creating SAAJ object model
c) copy the saaj impl bundle on deploy folder
--> error: An error was discovered processing the <wsse:Security> header
I am not sure now: if at all JBI packaging is a good idea and thinking of
switching to osgi bundles!
I appreciate your thoughts/comments. Thanks!
http://www.nabble.com/file/p23071318/org.apache.servicemix.samples.cxf_ws_security.ClientSecurityTest.t%3Cnabble_a%20href%3D
TEST-org.apache.servicemix.samples.cxf_ws_security.ClientSecurityTest.xml
xt">org.apache.servicemix.samples.cxf_ws_security.ClientSecurityTest.txt
We need install all necessary bundles first before we can run it
successfully.
We do need figure out what bundles we need for ws-security staff,
actually we already have a chat internally about verify ws-security
support in SMX4, (provide the needed bundles / features
/examples), I believe besides saaj-impl bundle , we also need opensaml
bundles (https://issues.apache.org/activemq/browse/SMX4-273).
Freeman
Freeman Fang wrote:
saravanan.t wrote:
Ok, thanks, I will use 3.3 example client to test the service on SMX4.
My understanding about the wss4j interceptor is that it does include
SAAJInInterceptor implicitly, in the version included in SMX4. correct me
if
i am wrong.
I just check the cxf code, yeah, after cxf 2.1, the SAAJInInterceptor is
added by WSS4JInInterceptor, so you needn't add it explicitly. Sorry, my
fault.
Another question I had is why I needed to copy the bundle version of the
saaj impl while the lib version is already included in the SA/SU
packaging.
Because SMX4 is osgi cantainer, all libs should be installed as osgi
bundle, so that the class is available in osgi env.
Thanks!
Freeman Fang wrote:
Some more questions
May I ask how would you know the request message is correct one? Do you
ever test it in SMX 3.x?
If not, what I can suggest here first is
write your testcase based on cxf-ws-security demo shipped with FUSE
ESB(which is based on Apache Servicemix, you can find the latest
releasedkit from [1])
write a java client which can work with SAs you deployed in SMX3, like
we do in cxf-ws-security, and dump the onwire soap request message, so
that you know the request message is correct.
Ensure the testcase working in SMX3 is a good start to porting it in
SMX4
Btw, your testcase seems miss
org.apache.cxf.binding.soap.saaj.SAAJInInterceptor, which is necessary
when use ws-security
[1]http://repo.open.iona.com/maven2/org/apache/servicemix/apache-servicemix/3.3.1.17-fuse/
Thanks
Freeman
saravanan.t wrote:
Please see attached. I have upated the readme file to reflect the
changes
I
made, added the saaj-impl bundle.
Freeman Fang wrote:
Hi,
I assume your test is based on the cxf-ws-security demo from FUSE ESB
kit, right?
Would you please send your testcase(with a README) to me and I can do
a
quick test.
Freeman
saravanan.t wrote:
This is my client request:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:typ="http://servicemix.apache.org/samples/wsdl-first/types";>
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<wsse:UsernameToken wsu:Id="UsernameToken-21566635"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsse:Username>smx</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>nLk0R9C8jmaHBMwFq74GuweJbQs=</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<typ:GetPerson>
<typ:personId>1</typ:personId>
</typ:GetPerson>
</soapenv:Body>
</soapenv:Envelope>
The password is the same as the one on users.properties file. Is this
correct?
I also noticed this:
java.lang.NoClassDefFoundError: org/opensaml/SAMLException
only on the console!
I also realised that wss4j bundle imports org.opensaml optionally. Do
i
need
this saml bundle..? I cannot seem to find that bundle from smx repo
though.
Freeman Fang wrote:
The error shows client request can't be authenticated correctly.
How you send client request?
saravanan.t wrote:
packaging the saaj.impl jar inside the cxf-bc su didn't help. when
i
tried
copying the org.apache.servicemix.bundles.saaj-impl-1.3_1.jar
bundle
into
the deploy folder, i got this fault:
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
<soap:Body>
<soap:Fault>
<faultcode
xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>ns1:InvalidSecurity</faultcode>
<faultstring>An error was discovered processing the
<wsse:Security> header</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
Freeman Fang wrote:
quick question:
Do you have saaj-impl bundle installed already?
Freeman
saravanan.t wrote:
Thanks for your quick response!
I did try adding the dependency on saaj in cxfbc-su pom like
this:
<dependency>
<groupId>com.sun.xml</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.3</version>
</dependency>
I could see the saaj-impl jar file in that su zip file.
But, i still seem to get the same error. is it with the version?
Freeman Fang wrote:
Hi,
Seems your consumer su miss saaj-impl dependency.
Freeman
saravanan.t wrote:
Hello,
I have been playing with SMX4 for few days now and I started
liking
it
already, as it nicely integrates the best 3 things: spring,
osgi
&
JBI
(in
addition to Camel/AMQ/CXF and others).
Thanks to you guys for a great job!
The question I had is related to enabling ws-security to a
service
on
CXF.
To understand this, I thought it is good to take the shipped
cxf-wsdl-first
example and try to make it ws-security enabled by:
adding WSS4J interceptor on cxf-bc su:
<code>
<beans xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0";
xmlns:person="http://servicemix.apache.org/samples/wsdl-first";>
<cxfbc:consumer wsdl="classpath:person.wsdl"
targetService="person:PersonService"
targetInterface="person:Person">
<!-- WS-Security interceptors -->
<cxfbc:inInterceptors>
<ref bean="wss4jin"/>
</cxfbc:inInterceptors>
</cxfbc:consumer>
<bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"
id="wss4jin">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordDigest" />
<entry key="passwordCallbackClass"
value="org.apache.servicemix.samples.wsdl_first.ServerPasswordCallback"/>
</map>
</constructor-arg>
</bean>
</beans>
</code>
and then testing it on soap-ui client with:
<code>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:typ="http://servicemix.apache.org/samples/wsdl-first/types";>
<soapenv:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:UsernameToken
wsu:Id="UsernameToken-2956574"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsse:Username>smx</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>7vBUrC3FJYywtWp2S9t6RKgT0GQ=</wsse:Password><wsse:Nonce>XCTIgEZbX0l9qJQl2nXEkg==</wsse:Nonce><wsu:Created>2009-04-14T11:03:09.342Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header>
<soapenv:Body>
<typ:GetPerson>
<typ:personId>1</typ:personId>
</typ:GetPerson>
</soapenv:Body>
</soapenv:Envelope>
</code>
but the response is:
<code>
<faultcode>soap:Client</faultcode>
<faultstring>Problems creating SAAJ object
model</faultstring>
</code>
Any idea what i am missing...?
Thanks!
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
http://www.nabble.com/file/p23055692/cxf-wsdl-first.rar
cxf-wsdl-first.rar
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
