Hi Freeman, I've refractored my code to follow the wsdl-first-osgi example for smx4.2 and I'm still getting the same error. Although, my stack trace now is a little different from what I had originally. For the life of me, I tried to recreate the same stack trace but it wouldn't work. I've include a client in there also so you don't have to use SOAPUI. http://old.nabble.com/file/p28860520/ws-sec-test.zip ws-sec-test.zip
I'm starting to think this is a bug or something because I've tried everything and nothing will work and it should be relatively simple. Much appreciated, Vinh Freeman Fang wrote: > > Well, several issues I can point now > > 1. what servicemix version you are using? > Your bc and se pom.xml import > org.apache.servicemix.cxf.transport.http_osgi, which indicate you're > using very old servicemix version, as now http_osgi transport code > move to cxf codebase, and the package should be > org.apache.cxf.transport.http_osgi. Moreover, you don't need this > package at all as you are use JBI endpoint which will use http > transport underlying. > I strongly recommend you use the latest released smx4.2. > > 2. your beans.xml for bc and se isn't correct. You are using OSGi > package for JBI endpoint, we have a cxf-wsdl-first-osgi-package > example shipped with kit which is exactly same as your scenario, you > need take a look at it, especially how the pom.xml(Import-Package, > Export-Package) and beans.xml looks like. Be careful for the <import > resource="">, I don't think it's > always necessary for your case. > > 3. You testcase is lack of the client side which send out soap > message, I don't want to assume it myself as I need ensure what I do > here is exactly same as what you've done. > > 4. Could you provide a clean testcase for me which just reproduce the > callbackhandler class can't found error? If the testcase isn't so > straightforward, I need a step by step instruction which tell me how > to reproduce the exact error. For the current testcase I can't simply > deploy it, after change several part I can deploy but get different > error like > javax.net.ssl.SSLException: Unrecognized SSL message, plaintext > connection? > at > com > .sun > .net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java: > 523) > at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355) > at > com > .sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java: > 789) > at > com > .sun > .net > .ssl > .internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java: > 1112) > at > com > .sun > .net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java: > 1139) > at > com > .sun > .net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java: > 1123) > at org.mortbay.jetty.security.SslSocketConnector > $SslConnection.run(SslSocketConnector.java:675) > at org.mortbay.thread.QueuedThreadPool > $PoolThread.run(QueuedThreadPool.java:582) > > I don't want assume what you do and change your testcase myself, I > need ensure we are doing same thing. > > The simpler testcase which exactly reproduce the problem you > described, the quicker you get help. > > > Could you refactor your testcase based on cxf-wsdl-first-osgi-package > against SMX4.2, if you follow my instruction but the problem still > exist. :-) > > > Freeman > On 2010-6-4, at 上午2:54, nbdy wrote: > >> >> Hi, I was trying to make a clean project for you to play with but I >> ran out >> of time. So here's our original project with the SE and BC. >> http://old.nabble.com/file/p28771556/useracctService.zip >> useracctService.zip >> >> I had to replace the CXF-BC in my servicemix 4 w/ >> http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.jar >> servicemix-cxf-bc-2010.01.jar >> w/ a hack by replace the cxf-bc in the lib dir. Couldn't figure out >> how to >> get servicemix to get a different version of a packaged bundle. >> >> >> Thanks, >> Vinh >> >> >> >> Freeman Fang wrote: >>> >>> Hi, >>> >>> Not exactly sure what happened now. Actually we have a cxf-ws- >>> security- >>> osgi example shipped with kit and use callback handler class, this >>> class can be found. >>> Could you append your project(the one I can build and modify, not >>> only >>> the binary bundle jar), as well as your client which send out soap >>> request? I'd like to play with it when I get chance. >>> >>> Freeman >>> On 2010-6-2, at 下午9:06, nbdy wrote: >>> >>>> >>>> Hi, yes I've had with the export package only, private-package only, >>>> and both >>>> export and private package. They all resulted the same error. >>>> >>>> Vinh >>>> >>>> >>>> >>>> Freeman Fang wrote: >>>>> >>>>> Hi, >>>>> >>>>> How about you remove >>>>> >>>>> <Private-Package> >>>>> com.mycompany.useraccount >>>>> </Private-Package> >>>>> >>>>> from your pom? >>>>> >>>>> Freeman >>>>> On 2010-6-2, at 上午5:08, nbdy wrote: >>>>> >>>>>> >>>>>> I'm trying to implement authentication with SSL as a ws-security >>>>>> policy on a >>>>>> service inside of SMX4. So far I've been able to implement SSL and >>>>>> the >>>>>> transport policy, but I've not been able to get the authentication >>>>>> part to >>>>>> work. I've tried to attack this at many different angles but I'm >>>>>> just >>>>>> missing something. I was wondering if you guys can help me. I >>>>>> don't >>>>>> know how >>>>>> it cannot find my callback class since I've exported package in >>>>>> the >>>>>> cxf.bundle config in the pom. >>>>>> >>>>>> Error response: >>>>>> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/ >>>>>> envelope/"> >>>>>> <soap:Body> >>>>>> <soap:Fault> >>>>>> <faultcode>soap:Client</faultcode> >>>>>> <faultstring>com.mycompany.useraccount.ServerPasswordCallback; >>>>>> nested >>>>>> exception is: >>>>>> java.lang.ClassNotFoundException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback</faultstring> >>>>>> </soap:Fault> >>>>>> </soap:Body> >>>>>> </soap:Envelope> >>>>>> >>>>>> Client request: >>>>>> <soapenv:Envelope >>>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/ >>>>>> " >>>>>> xmlns:typ="http://www.mycompany.com/UserAccount/types";> >>>>>> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing";> >>>>>> <wsse:Security soapenv:mustUnderstand="1" >>>>>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >>>>>> "> >>>>>> <wsu:Timestamp wsu:Id="Timestamp-14" >>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>>>> "> >>>>>> <wsu:Created>2010-06-01T19:55:10.984Z</wsu:Created> >>>>>> <wsu:Expires>2010-06-01T19:56:10.984Z</wsu:Expires> >>>>>> </wsu:Timestamp> >>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-13" >>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>>>> "> >>>>>> <wsse:Username>joe</wsse:Username> >>>>>> <wsse:Password >>>>>> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText >>>>>> ">joespassword</wsse:Password> >>>>>> <wsse:Nonce >>>>>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary >>>>>> ">o6HCEhy9dHH6zkBhdp/FLw==</wsse:Nonce> >>>>>> <wsu:Created>2010-06-01T19:55:03.718Z</wsu:Created> >>>>>> </wsse:UsernameToken> >>>>>> </wsse:Security> >>>>>> <wsa:Action>http://www.mycompany.com/UserAccount/UserAccountPortType/ApproveDenyAccountRequest >>>>>> </wsa:Action> >>>>>> </soapenv:Header> >>>>>> <soapenv:Body> >>>>>> <typ:ApproveDenyUserRequest> >>>>>> <typ:pendingId>13</typ:pendingId> >>>>>> <typ:approval>1</typ:approval> >>>>>> </typ:ApproveDenyUserRequest> >>>>>> </soapenv:Body> >>>>>> </soapenv:Envelope> >>>>>> >>>>>> Servicemix log: >>>>>> 15:55:16,812 | WARN | 7...@qtp-31267377-2 | WSS4JInInterceptor | >>>>>> ecurity.wss4j.WSS4JInInterceptor 255 | >>>>>> org.apache.ws.security.WSSecurityException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback; nested exception >>>>>> is: >>>>>> java.lang.ClassNotFoundException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:477) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java: >>>>>> 195) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java: >>>>>> 78) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .phase >>>>>> .PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java: >>>>>> 243) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .ChainInitiationObserver.onMessage(ChainInitiationObserver.java: >>>>>> 109) >>>>>> at >>>>>> org.apache.servicemix.cxfbc.CxfBcConsumer >>>>>> $JbiChainInitiationObserver.onMessage(CxfBcConsumer.java:678) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .http_jetty >>>>>> .JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java: >>>>>> 312) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .http_jetty >>>>>> .JettyHTTPDestination.doService(JettyHTTPDestination.java: >>>>>> 276) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java: >>>>>> 70) >>>>>> at >>>>>> org >>>>>> .mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java: >>>>>> 765) >>>>>> at >>>>>> org >>>>>> .mortbay >>>>>> .jetty >>>>>> .handler >>>>>> .ContextHandlerCollection.handle(ContextHandlerCollection.java: >>>>>> 230) >>>>>> at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java: >>>>>> 49) >>>>>> at >>>>>> org >>>>>> .mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java: >>>>>> 152) >>>>>> at org.mortbay.jetty.Server.handle(Server.java:326) >>>>>> at >>>>>> org >>>>>> .mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java: >>>>>> 542) >>>>>> at >>>>>> org.mortbay.jetty.HttpConnection >>>>>> $RequestHandler.content(HttpConnection.java:938) >>>>>> at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755) >>>>>> at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java: >>>>>> 218) >>>>>> at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java: >>>>>> 404) >>>>>> at >>>>>> org.mortbay.jetty.bio.SocketConnector >>>>>> $Connection.run(SocketConnector.java:228) >>>>>> at >>>>>> org.mortbay.jetty.security.SslSocketConnector >>>>>> $SslConnection.run(SslSocketConnector.java:680) >>>>>> at >>>>>> org.mortbay.thread.QueuedThreadPool >>>>>> $PoolThread.run(QueuedThreadPool.java:582) >>>>>> Caused by: java.lang.ClassNotFoundException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi >>>>>> .internal.loader.BundleLoader.findClassInternal(BundleLoader.java: >>>>>> 494) >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi.internal.loader.BundleLoader.findClass(BundleLoader.java: >>>>>> 410) >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi.internal.loader.BundleLoader.findClass(BundleLoader.java: >>>>>> 398) >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi >>>>>> .internal >>>>>> .baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java: >>>>>> 105) >>>>>> at java.lang.ClassLoader.loadClass(ClassLoader.java:252) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .common >>>>>> .classloader.ClassLoaderUtils.loadClass2(ClassLoaderUtils.java: >>>>>> 236) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .common >>>>>> .classloader.ClassLoaderUtils.loadClass(ClassLoaderUtils.java: >>>>>> 222) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:475) >>>>>> ... 21 more >>>>>> 15:55:16,812 | WARN | 7...@qtp-31267377-2 | PhaseInterceptorChain | >>>>>> ache.cxf.common.logging.LogUtils 361 | Interceptor for >>>>>> {http://www.mycompany.com/UserAccount}UserAccountService has >>>>>> thrown >>>>>> exception, unwinding now >>>>>> org.apache.cxf.binding.soap.SoapFault: >>>>>> com.mycompany.useraccount.ServerPasswordCallback; nested exception >>>>>> is: >>>>>> java.lang.ClassNotFoundException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java: >>>>>> 583) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java: >>>>>> 256) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java: >>>>>> 78) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .phase >>>>>> .PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java: >>>>>> 243) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .ChainInitiationObserver.onMessage(ChainInitiationObserver.java: >>>>>> 109) >>>>>> at >>>>>> org.apache.servicemix.cxfbc.CxfBcConsumer >>>>>> $JbiChainInitiationObserver.onMessage(CxfBcConsumer.java:678) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .http_jetty >>>>>> .JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java: >>>>>> 312) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .http_jetty >>>>>> .JettyHTTPDestination.doService(JettyHTTPDestination.java: >>>>>> 276) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .transport >>>>>> .http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java: >>>>>> 70) >>>>>> at >>>>>> org >>>>>> .mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java: >>>>>> 765) >>>>>> at >>>>>> org >>>>>> .mortbay >>>>>> .jetty >>>>>> .handler >>>>>> .ContextHandlerCollection.handle(ContextHandlerCollection.java: >>>>>> 230) >>>>>> at org.mortbay.jetty.handler.HandlerList.handle(HandlerList.java: >>>>>> 49) >>>>>> at >>>>>> org >>>>>> .mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java: >>>>>> 152) >>>>>> at org.mortbay.jetty.Server.handle(Server.java:326) >>>>>> at >>>>>> org >>>>>> .mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java: >>>>>> 542) >>>>>> at >>>>>> org.mortbay.jetty.HttpConnection >>>>>> $RequestHandler.content(HttpConnection.java:938) >>>>>> at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755) >>>>>> at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java: >>>>>> 218) >>>>>> at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java: >>>>>> 404) >>>>>> at >>>>>> org.mortbay.jetty.bio.SocketConnector >>>>>> $Connection.run(SocketConnector.java:228) >>>>>> at >>>>>> org.mortbay.jetty.security.SslSocketConnector >>>>>> $SslConnection.run(SslSocketConnector.java:680) >>>>>> at >>>>>> org.mortbay.thread.QueuedThreadPool >>>>>> $PoolThread.run(QueuedThreadPool.java:582) >>>>>> Caused by: org.apache.ws.security.WSSecurityException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback; nested exception >>>>>> is: >>>>>> java.lang.ClassNotFoundException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:477) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java: >>>>>> 195) >>>>>> ... 20 more >>>>>> Caused by: java.lang.ClassNotFoundException: >>>>>> com.mycompany.useraccount.ServerPasswordCallback >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi >>>>>> .internal.loader.BundleLoader.findClassInternal(BundleLoader.java: >>>>>> 494) >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi.internal.loader.BundleLoader.findClass(BundleLoader.java: >>>>>> 410) >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi.internal.loader.BundleLoader.findClass(BundleLoader.java: >>>>>> 398) >>>>>> at >>>>>> org >>>>>> .eclipse >>>>>> .osgi >>>>>> .internal >>>>>> .baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java: >>>>>> 105) >>>>>> at java.lang.ClassLoader.loadClass(ClassLoader.java:252) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .common >>>>>> .classloader.ClassLoaderUtils.loadClass2(ClassLoaderUtils.java: >>>>>> 236) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .common >>>>>> .classloader.ClassLoaderUtils.loadClass(ClassLoaderUtils.java: >>>>>> 222) >>>>>> at >>>>>> org >>>>>> .apache >>>>>> .cxf >>>>>> .ws >>>>>> .security >>>>>> .wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:475) >>>>>> ... 21 more >>>>>> >>>>>> xbeans.xml: >>>>>> >>>>>> <beans xmlns="http://www.springframework.org/schema/beans"; >>>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>>> xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"; >>>>>> xmlns:nwec="http://www.mycompany.com/UserAccount"; >>>>>> xmlns:util="http://www.springframework.org/schema/util"; >>>>>> xmlns:httpj="http://cxf.apache.org/transports/http-jetty/ >>>>>> configuration" >>>>>> xmlns:http="http://cxf.apache.org/transports/http/configuration"; >>>>>> xmlns:sec="http://cxf.apache.org/configuration/security"; >>>>>> xsi:schemaLocation=" >>>>>> http://www.springframework.org/schema/beans >>>>>> http://www.springframework.org/schema/beans/spring-beans.xsd >>>>>> http://www.springframework.org/schema/util >>>>>> http://www.springframework.org/schema/util/spring-util.xsd >>>>>> http://servicemix.apache.org/cxfbc/1.0 >>>>>> http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd >>>>>> http://cxf.apache.org/transports/http-jetty/configuration >>>>>> http://cxf.apache.org/schemas/configuration/http-jetty.xsd >>>>>> http://cxf.apache.org/transports/http/configuration >>>>>> http://cxf.apache.org/schemas/configuration/http-conf.xsd"; > >>>>>> >>>>>> <import resource="classpath:META-INF/cxf/cxf.xml" /> >>>>>> <import resource="classpath:META-INF/cxf/cxf-extension- >>>>>> soap.xml" /> >>>>>> <import resource="classpath:META-INF/cxf/cxf-extension- >>>>>> http.xml" /> >>>>>> <import resource="classpath:META-INF/cxf/osgi/cxf-extension- >>>>>> osgi.xml" /> >>>>>> <import resource="classpath:META-INF/cxf/cxf-extension- >>>>>> policy.xml" /> >>>>>> <import resource="classpath:META-INF/cxf/cxf-extension-ws- >>>>>> security.xml" /> >>>>>> >>>>>> <cxfbc:consumer wsdl="classpath:wsdl/UserAccount.wsdl" >>>>>> targetService="nwec:UserAccountService" targetEndpoint="endpoint" >>>>>> useJBIWrapper="false" useSOAPEnvelope="false" >>>>>> properties="#properties" >>>>>> locationURI="https://localhost:9001/useraccount";> >>>>>> </cxfbc:consumer> >>>>>> >>>>>> <util:map id="properties"> >>>>>> <entry value="com.mycompany.useraccount.ServerPasswordCallback"> >>>>>> <key> >>>>>> <util:constant >>>>>> static- >>>>>> field >>>>>> ="org.apache.cxf.ws.security.SecurityConstants.CALLBACK_HANDLER" >>>>>> /> >>>>>> </key> >>>>>> </entry> >>>>>> </util:map> >>>>>> >>>>>> <httpj:engine-factory bus="cxf"> >>>>>> <httpj:engine port="9001"> >>>>>> <httpj:tlsServerParameters> >>>>>> <sec:keyManagers keyPassword="password"> >>>>>> <sec:keyStore type="JKS" password="password" resource="certs/ >>>>>> cherry.jks" /> >>>>>> </sec:keyManagers> >>>>>> <sec:cipherSuitesFilter> >>>>>> <sec:include>.*_WITH_3DES_.*</sec:include> >>>>>> <sec:include>.*_WITH_DES_.*</sec:include> >>>>>> <sec:exclude>.*_WITH_NULL_.*</sec:exclude> >>>>>> <sec:exclude>.*_DH_anon_.*</sec:exclude> >>>>>> </sec:cipherSuitesFilter> >>>>>> <sec:clientAuthentication want="false" >>>>>> required="false" /> >>>>>> </httpj:tlsServerParameters> >>>>>> </httpj:engine> >>>>>> </httpj:engine-factory> >>>>>> >>>>>> <bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl" /> >>>>>> >>>>>> <bean >>>>>> class="org.apache.servicemix.common.osgi.EndpointExporter" /> >>>>>> >>>>>> </beans> >>>>>> >>>>>> wsdl: >>>>>> <?xml version="1.0" encoding="UTF-8"?> >>>>>> <wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; >>>>>> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; >>>>>> xmlns:http="http://schemas.xmlsoap.org/wsdl/http/"; >>>>>> xmlns:xs="http://www.w3.org/2001/XMLSchema"; >>>>>> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"; >>>>>> xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/"; >>>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>>> xmlns:tns="http://www.mycompany.com/UserAccount"; >>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>>>> " >>>>>> xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service >>>>>> " >>>>>> xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service >>>>>> " >>>>>> xmlns:sc="http://schemas.sun.com/2006/03/wss/server"; >>>>>> xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"; >>>>>> xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"; >>>>>> xmlns:wsaw="http://www.w3.org/2005/08/addressing"; >>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; >>>>>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"; >>>>>> xmlns:tc="http://schemas.sun.com/ws/2006/05/trust/server"; >>>>>> xmlns:ns="http://www.mycompany.com/UserAccount/types"; >>>>>> targetNamespace="http://www.mycompany.com/UserAccount";> >>>>>> <wsdl:types> >>>>>> ... >>>>>> </wsdl:types> >>>>>> ... >>>>>> <wsdl:portType name="UserAccountPortType"> >>>>>> ... >>>>>> </wsdl:portType> >>>>>> <wsdl:binding name="UserAccountBinding" >>>>>> type="tns:UserAccountPortType"> >>>>>> <soap:binding style="document" >>>>>> transport="http://schemas.xmlsoap.org/soap/http"; /> >>>>>> <wsp:PolicyReference URI="#UserAccountBindingPolicy" /> >>>>>> ... >>>>>> </wsdl:binding> >>>>>> <wsdl:service name="UserAccountService"> >>>>>> <wsdl:port name="UserAccountPort" >>>>>> binding="tns:UserAccountBinding"> >>>>>> <soap:address location="https://localhost:9001/useraccount"; /> >>>>>> </wsdl:port> >>>>>> </wsdl:service> >>>>>> >>>>>> <wsp:Policy wsu:Id="UserAccountBindingPolicy"> >>>>>> <wsp:ExactlyOne> >>>>>> <wsp:All> >>>>>> <wsaw:UsingAddressing >>>>>> xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl >>>>>> " >>>>>> wsp:Optional="true" /> >>>>>> <sp:TransportBinding> >>>>>> <wsp:Policy> >>>>>> <sp:TransportToken> >>>>>> <wsp:Policy> >>>>>> <sp:HttpsToken RequireClientCertificate="false"/> >>>>>> </wsp:Policy> >>>>>> </sp:TransportToken> >>>>>> <sp:Layout> >>>>>> <wsp:Policy> >>>>>> <sp:Lax/> >>>>>> </wsp:Policy> >>>>>> </sp:Layout> >>>>>> <sp:IncludeTimestamp/> >>>>>> <sp:AlgorithmSuite> >>>>>> <wsp:Policy> >>>>>> <sp:Basic128/> >>>>>> </wsp:Policy> >>>>>> </sp:AlgorithmSuite> >>>>>> </wsp:Policy> >>>>>> </sp:TransportBinding> >>>>>> <sp:SupportingTokens> >>>>>> <wsp:Policy> >>>>>> <sp:UsernameToken >>>>>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient >>>>>> "> >>>>>> <wsp:Policy> >>>>>> <sp:WssUsernameToken10 /> >>>>>> </wsp:Policy> >>>>>> </sp:UsernameToken> >>>>>> </wsp:Policy> >>>>>> </sp:SupportingTokens> >>>>>> <sp:Wss11 /> >>>>>> </wsp:All> >>>>>> </wsp:ExactlyOne> >>>>>> </wsp:Policy> >>>>>> </wsdl:definitions> >>>>>> >>>>>> pom: >>>>>> <?xml version="1.0" encoding="UTF-8"?> >>>>>> <project xmlns="http://maven.apache.org/POM/4.0.0"; >>>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>>> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 >>>>>> http://maven.apache.org/maven-v4_0_0.xsd";> >>>>>> >>>>>> <!-- >>>>>> >>>>>> Licensed to the Apache Software Foundation (ASF) under one or more >>>>>> contributor license agreements. See the NOTICE file distributed >>>>>> with >>>>>> this work for additional information regarding copyright >>>>>> ownership. >>>>>> The ASF licenses this file to You under the Apache License, >>>>>> Version >>>>>> 2.0 (the "License"); you may not use this file except in >>>>>> compliance >>>>>> with the License. You may obtain a copy of the License at >>>>>> >>>>>> http://www.apache.org/licenses/LICENSE-2.0 Unless required by >>>>>> applicable law or agreed to in writing, software distributed under >>>>>> the >>>>>> License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR >>>>>> CONDITIONS OF ANY KIND, either express or implied. See the License >>>>>> for >>>>>> the specific language governing permissions and limitations under >>>>>> the >>>>>> License. >>>>>> --> >>>>>> >>>>>> <modelVersion>4.0.0</modelVersion> >>>>>> >>>>>> <groupId>com.mycompany</groupId> >>>>>> <artifactId>useraccount-bc</artifactId> >>>>>> <packaging>bundle</packaging> >>>>>> <name>User Account BC</name> >>>>>> <version>0.0.1-SNAPSHOT</version> >>>>>> <url>http://www.mycompany.com</url> >>>>>> >>>>>> <repositories> >>>>>> <repository> >>>>>> <id>open.iona.m2</id> >>>>>> <name>IONA Open Source Community Release Repository</name> >>>>>> <url>http://repo.open.iona.com/maven2</url> >>>>>> <snapshots> >>>>>> <enabled>false</enabled> >>>>>> </snapshots> >>>>>> <releases> >>>>>> <enabled>true</enabled> >>>>>> </releases> >>>>>> </repository> >>>>>> <repository> >>>>>> <id>open.iona.m2-snapshot</id> >>>>>> <name>IONA Open Source Community Snapshot Repository</name> >>>>>> <url>http://repo.open.iona.com/maven2-snapshot</url> >>>>>> <snapshots> >>>>>> <enabled>true</enabled> >>>>>> </snapshots> >>>>>> <releases> >>>>>> <enabled>false</enabled> >>>>>> </releases> >>>>>> </repository> >>>>>> </repositories> >>>>>> <pluginRepositories> >>>>>> <pluginRepository> >>>>>> <id>open.iona.m2</id> >>>>>> <name>IONA Open Source Community Release Repository</name> >>>>>> <url>http://repo.open.iona.com/maven2</url> >>>>>> <snapshots> >>>>>> <enabled>false</enabled> >>>>>> </snapshots> >>>>>> <releases> >>>>>> <enabled>true</enabled> >>>>>> </releases> >>>>>> </pluginRepository> >>>>>> <pluginRepository> >>>>>> <id>open.iona.m2-snapshot</id> >>>>>> <name>IONA Open Source Community Snapshot Repository</name> >>>>>> <url>http://repo.open.iona.com/maven2-snapshot</url> >>>>>> <snapshots> >>>>>> <enabled>true</enabled> >>>>>> </snapshots> >>>>>> <releases> >>>>>> <enabled>false</enabled> >>>>>> </releases> >>>>>> </pluginRepository> >>>>>> </pluginRepositories> >>>>>> >>>>>> <dependencies> >>>>>> <dependency> >>>>>> <groupId>org.apache.geronimo.specs</groupId> >>>>>> <artifactId>geronimo-ws-metadata_2.0_spec</artifactId> >>>>>> <version>1.1.2</version> >>>>>> </dependency> >>>>>> <dependency> >>>>>> <groupId>javax.xml.bind</groupId> >>>>>> <artifactId>jaxb-api</artifactId> >>>>>> <version>2.1</version> >>>>>> </dependency> >>>>>> <dependency> >>>>>> <groupId>javax.xml.ws</groupId> >>>>>> <artifactId>jaxws-api</artifactId> >>>>>> <version>2.1</version> >>>>>> </dependency> >>>>>> <dependency> >>>>>> <groupId>org.apache.cxf</groupId> >>>>>> <artifactId>cxf-rt-ws-security</artifactId> >>>>>> <version>${cxf.version}</version> >>>>>> </dependency> >>>>>> <dependency> >>>>>> <groupId>org.apache.cxf</groupId> >>>>>> <artifactId>cxf-rt-ws-policy</artifactId> >>>>>> <version>${cxf.version}</version> >>>>>> </dependency> >>>>>> </dependencies> >>>>>> >>>>>> <build> >>>>>> <defaultGoal>install</defaultGoal> >>>>>> <plugins> >>>>>> <plugin> >>>>>> <groupId>org.apache.maven.plugins</groupId> >>>>>> <artifactId>maven-compiler-plugin</artifactId> >>>>>> <configuration> >>>>>> <source>1.5</source> >>>>>> <target>1.5</target> >>>>>> </configuration> >>>>>> </plugin> >>>>>> <plugin> >>>>>> <groupId>org.apache.felix</groupId> >>>>>> <artifactId>maven-bundle-plugin</artifactId> >>>>>> <extensions>true</extensions> >>>>>> <configuration> >>>>>> <instructions> >>>>>> <Bundle-SymbolicName>${pom.artifactId}</Bundle-SymbolicName> >>>>>> <Import-Package> >>>>>> *, >>>>>> javax.jws, >>>>>> javax.wsdl, >>>>>> javax.xml.bind, >>>>>> javax.xml.bind.annotation, >>>>>> javax.xml.namespace, >>>>>> javax.xml.ws, >>>>>> META-INF.cxf, >>>>>> META-INF.cxf.osgi, >>>>>> org.apache.cxf.bus, >>>>>> org.apache.cxf.bus.spring, >>>>>> org.apache.cxf.bus.resource, >>>>>> org.apache.cxf.configuration.spring, >>>>>> org.apache.cxf.resource, >>>>>> org.apache.cxf.jaxws, >>>>>> org.apache.cxf.ws.security.wss4j, >>>>>> org.apache.servicemix.common.osgi, >>>>>> org.apache.servicemix.cxf.transport.http_osgi, >>>>>> org.apache.servicemix.cxfbc, >>>>>> org.springframework.beans.factory.config, >>>>>> javax.security.auth.callback, >>>>>> org.apache.ws.security >>>>>> </Import-Package> >>>>>> <Export-Package> >>>>>> com.mycompany.useraccount >>>>>> </Export-Package> >>>>>> <Private-Package> >>>>>> com.mycompany.useraccount >>>>>> </Private-Package> >>>>>> <!-- Update Private Package tag with appropriate package name --> >>>>>> <Require-Bundle>org.apache.cxf.bundle</Require-Bundle> >>>>>> </instructions> >>>>>> </configuration> >>>>>> </plugin> >>>>>> </plugins> >>>>>> </build> >>>>>> <properties> >>>>>> <cxf.version>2.2.6</cxf.version> >>>>>> </properties> >>>>>> >>>>>> </project> >>>>>> -- >>>>>> View this message in context: >>>>>> http://old.nabble.com/cxf-bc-ws-security-callback-classnotfoundexception-tp28747501p28747501.html >>>>>> Sent from the ServiceMix - User mailing list archive at >>>>>> Nabble.com. >>>>>> >>>>> >>>>> >>>>> -- >>>>> Freeman Fang >>>>> ------------------------ >>>>> Open Source SOA: http://fusesource.com >>>>> >>>>> >>>>> >>>> >>>> -- >>>> View this message in context: >>>> http://old.nabble.com/cxf-bc-ws-security-callback-classnotfoundexception-tp28747501p28754241.html >>>> Sent from the ServiceMix - User mailing list archive at Nabble.com. >>>> >>> >>> >>> -- >>> Freeman Fang >>> ------------------------ >>> Open Source SOA: http://fusesource.com >>> >>> >>> >> >> -- >> View this message in context: >> http://old.nabble.com/cxf-bc-ws-security-callback-classnotfoundexception-tp28747501p28771556.html >> Sent from the ServiceMix - User mailing list archive at Nabble.com. >> > > > -- > Freeman Fang > ------------------------ > Open Source SOA: http://fusesource.com > > > http://old.nabble.com/file/p28860520/ws-sec-test.zip ws-sec-test.zip -- View this message in context: http://old.nabble.com/cxf-bc-ws-security-callback-classnotfoundexception-tp28747501p28860520.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
