camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem Jiang <willem.ji...@gmail.com>
Subject Re: Bean Processor cause WS Security Failure
Date Mon, 20 Jun 2011 08:14:38 GMT
I just wrote a simple test to verify it.

The Security headers is used as SOAP headers, so you can't simple remove
the the headers with the Qname.
As current camel-cxf puts the SOAP headers into the camel message by
default, and the customer may want to access it.
If you don't want to use it , you need to remove the header yourself
just like this

from(cxf:xxx).removeHeader("org.apache.cxf.headers.Header.list").xxx
or configure a customer HeaderFilterStrategy to filter the SOAP headers.


On 6/14/11 12:43 PM, ext2 wrote:
> Thanks Willem
> It's the WS-Security header;
> 
> 
> //soap 12
> QName wsseQName = new QName(WSConstants.WSSE_NS, WSConstants.WSSE_LN);
> 
> //soap 11
> QName wsse11QName = new QName(WSConstants.WSSE11_NS, WSConstants.WSSE_LN);
> 
> When security is enabled, we filter it. Then everything is ok.
> 
> 
> 
>> -----original -----
>> Sender: Willem Jiang [mailto:willem.jiang@gmail.com]
>> Date: 2011年6月14日 11:31
>> Receiver: users@camel.apache.org
>> Subject: Re: Bean Processor cause WS Security Failure
>>
>> What's request security header name ?
>> Maybe we can consider to filter the security header of the CXF message
>> in CxfHeaderFilterStrategy.
>> You can configure your own HeaderFilterStrategy by extends the
>> CxfHeaderFilterStrategy.
>>
>>
>> On 6/14/11 10:37 AM, ext2 wrote:
>>>
>>> Hi:
>>>
>>> 	Following is a simple sayHello Webservice implemented by camel.
>>> 	<from uri="cxf:endpointHello:..."/>
>>> 	<bean ref=".." method="..."/>
>>> 	The webservice's request is configured to decrypt by server
>>> certificate and response is configured to encrypt by client certificate.
>>>
>>> 	If I use a bean as following, every thing is ok
>>> 		helloBean{
>>> 			void sayHello(Exchange ex){
>>> 				ex.getOut().setBody("hello");
>>> 			}
>>> 		}
>>> 	;
>>>
>>> 	But using following bean , response encryption will failed.
>>> 	HelloBean{
>>> 		String sayHello(String greet){
>>> 			return "hello";
>>> 		}
>>> 	}
>>>
>>> 	the reason is the second bean will propagate headers(also include
>>> security header) from cxf request, it is conflicted with response
> security.
>>> But the first bean doesn't propagate headers;
>>>
>>> 	Is it issue of bean processor? cxf component? Or just a document FAQ
>>> to caution the user to filter the security header by himself?
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Willem
>> ----------------------------------
>> FuseSource
>> Web: http://www.fusesource.com
>> Blog:    http://willemjiang.blogspot.com (English)
>>            http://jnn.javaeye.com (Chinese)
>> Twitter: willemjiang
>> Weibo: willemjiang
> 
> 
> 


-- 
Willem
----------------------------------
FuseSource
Web: http://www.fusesource.com
Blog:    http://willemjiang.blogspot.com (English)
         http://jnn.javaeye.com (Chinese)
Twitter: willemjiang
Weibo: willemjiang

Mime
View raw message