Hello Colm, I created CXF-6968 <https://issues.apache.org/jira/browse/CXF-6968> Thanks.
Best regards, Kai 2016-07-11 11:21 GMT+02:00 Colm O hEigeartaigh <cohei...@apache.org>: > Hi Kai, > > Questions relating to CXF should go to the CXF users list. I took a quick > look and it looks like a bug in CXF, that policies placed at bus level are > not being registered (for WS-Security). Could you file a JIRA (in CXF?). > > Colm. > > On Sun, Jul 10, 2016 at 11:30 AM, Kai Rommel <krommel2...@googlemail.com> > wrote: > >> Hello Colm, >> >> I configured WSS successfully via the WSS interceptors. Now my plan was >> to switch to policies and it does not work out. >> >> I am using an .xml to configure the cxf bus (configuring WSRM via the >> .xml works fine.) >> The bus config within the .xml looks like this: >> >> <cxf:bus> >> >> <cxf:features> >> >> <cxf:logging /> >> >> <p:policies enabled="true"> >> >> <wsp:Policy wsu:Id="Asymmetric124" >> >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> >> xmlns:wsp="http://www.w3.org/ns/ws-policy";> >> >> <wsp:ExactlyOne> >> >> <wsp:All> >> >> <sp:AsymmetricBinding >> >> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> >> >> <wsp:Policy> >> >> <sp:InitiatorToken> >> >> <wsp:Policy> >> >> <sp:X509Token >> >> sp:IncludeToken=" >> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient >> "> >> >> <wsp:Policy> >> >> <sp:WssX509V3Token10 /> >> >> </wsp:Policy> >> >> </sp:X509Token> >> >> </wsp:Policy> >> >> </sp:InitiatorToken> >> >> <sp:RecipientToken> >> >> <wsp:Policy> >> >> <sp:X509Token >> >> sp:IncludeToken=" >> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never >> "> >> >> <wsp:Policy> >> >> <sp:WssX509V3Token10 /> >> >> </wsp:Policy> >> >> </sp:X509Token> >> >> </wsp:Policy> >> >> </sp:RecipientToken> >> >> <sp:Layout> >> >> <wsp:Policy> >> >> <sp:Lax /> >> >> </wsp:Policy> >> >> </sp:Layout> >> >> <sp:IncludeTimestamp /> >> >> <sp:OnlySignEntireHeadersAndBody /> >> >> <sp:AlgorithmSuite> >> >> <wsp:Policy> >> >> <sp:Basic128 /> >> >> </wsp:Policy> >> >> </sp:AlgorithmSuite> >> >> </wsp:Policy> >> >> </sp:AsymmetricBinding> >> >> <sp:SignedParts >> >> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> >> >> <sp:Body /> >> >> <sp:Header Name="To" >> >> Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"; /> >> >> <sp:Header Name="From" >> >> Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"; /> >> >> <sp:Header Name="FaultTo" >> >> Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"; /> >> >> <sp:Header Name="MessageID" >> >> Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"; /> >> >> <sp:Header Name="RelatesTo" >> >> Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"; /> >> >> <sp:Header Name="Action" >> >> Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"; /> >> >> <sp:Header Name="Timestamp" >> >> Namespace=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " /> >> >> </sp:SignedParts> >> >> <sp:EncryptedParts >> >> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; >> >> xmlns:sapsp="http://www.sap.com/webas/630/soap/features/security/policy"; >> >> xmlns:wsa="http://www.w3.org/2005/08/addressing"; xmlns:wst=" >> http://docs.oasis-open.org/ws-sx/ws-trust/200512"; >> >> xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"; >> >> xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex";> >> >> <sp:Body /> >> >> <sp:Attachments /> >> >> </sp:EncryptedParts> >> >> </wsp:All> >> >> </wsp:ExactlyOne> >> >> </wsp:Policy> >> >> </p:policies> >> >> </cxf:features> >> >> </cxf:bus> >> >> Within the .java class I am loading the config: >> >> SpringBusFactory bf = new SpringBusFactory(); >> >> URL busFile = ClientWSSviaPolicies.class.getResource( >> "clientWSSviaPoliciesWithAtt_WSRM.xml"); >> >> Bus bus = bf.createBus(busFile.toString()); >> >> >> >> BusFactory.setDefaultBus(bus); >> plus I am setting the needed properties >> >> ((BindingProvider)port).getRequestContext().put( >> "ws-security.username", "wss"); >> >> ((BindingProvider)port).getRequestContext().put( >> "ws-security.callback-handler", "demo.ws_rm.client.CallBack"); >> >> ((BindingProvider)port).getRequestContext().put( >> "ws-security.signature.username", "wss"); >> >> ((BindingProvider)port).getRequestContext().put( >> "ws-security.signature.properties", "jks/client.properties"); >> >> ((BindingProvider)port).getRequestContext().put( >> "ws-security.encryption.username", "wss"); >> >> ((BindingProvider)port).getRequestContext().put( >> "ws-security.encryption.properties", "jks/client.properties"); >> >> >> But the message which my client creates, is not signed nor encrypted. >> >> I search for samples, but I did not find a helpful one. I saw some >> examples with an wsdl containing the policies, but I wanted to set the >> policy via the bus. >> >> Can you give me a hint what I have done wrong? >> >> Thanks. >> >> Best regards >> >> Kai >> >> >> > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
