camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Willem jiang <willem.ji...@gmail.com>
Subject Re: Issue using camel-cxf and wss4j
Date Thu, 10 Jan 2013 07:43:11 GMT
In the MESSAGE data format, camel-cxf will not let the interceptor which can build the SOAP
message from the input stream to be called.
So the WSS4JInInterceptor will not work any more.
I think that is why CXF_MESSAGE is introduced, I will dig the code to see if I see the whole
picture of it.


--  
Willem Jiang

Red Hat, Inc.
FuseSource is now part of Red Hat
Web: http://www.fusesource.com | http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
          http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang  
Weibo: 姜宁willem





On Thursday, January 10, 2013 at 7:00 AM, Charles Moulliard wrote:

> Find the issue. When we setup camel-cxf endpoint using as
> DataFormat=MESSAGE, SOAP securityHeaders are removed.
>  
>  
> On Wed, Jan 9, 2013 at 5:30 PM, Charles Moulliard <ch007m@gmail.com (mailto:ch007m@gmail.com)>
wrote:
>  
> > Hi,
> >  
> > When I try to authenticate an HTTP request using WS-Security with
> > camel-cxf & wss4j interceptor, I get the following error :
> >  
> > org.apache.camel.spring.Main.main() INFO
> > [org.apache.camel.spring.SpringCamelContext] - Total 1 routes, of which 1
> > is started.
> > org.apache.camel.spring.Main.main() INFO
> > [org.apache.camel.spring.SpringCamelContext] - Apache Camel 2.10.0
> > (CamelContext: camel-1) started in 0.993 seconds
> > qtp370155726-26 INFO
> > [org.apache.cxf.services.CustomerServiceService.CustomerServicePort.CustomerService]
> > - Inbound Message
> > ----------------------------
> > ID: 1
> > Address: http://127.0.0.1:9090/training/WebService
> > Encoding: UTF-8
> > Http-Method: POST
> > Content-Type: text/xml;charset=UTF-8
> > Headers: {accept-encoding=[gzip,deflate], connection=[keep-alive],
> > Content-Length=[1590], content-type=[text/xml;charset=UTF-8], Host=[
> > 127.0.0.1:9090], SOAPAction=["http://training.fusesource.com/saveCustomer"],
> > User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
> > Payload: <soapenv:Envelope xmlns:soapenv="
> > http://schemas.xmlsoap.org/soap/envelope/" xmlns:tra="
> > http://training.fusesource.com/">
> > <soapenv:Header>
> > <wsse:Security xmlns:wsse="
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > "
> > soap:mustUnderstand="1">
> > <wsse:UsernameToken xmlns:wsse="
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> > xmlns:wsu="
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> > wsu:Id="UsernameToken-1">
> > <wsse:Username>charles</wsse:Username>
> > <wsse:Password Type="
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> > ">TVzWGxNvhlixNVWol8poD9DHxl8=</wsse:Password>
> > <wsse:Nonce EncodingType="
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> > ">WsMNSm/C4dzdPS3OhUi94Q==</wsse:Nonce>
> > <wsu:Created>2013-01-09T15:46:14.908Z</wsu:Created>
> > </wsse:UsernameToken>
> > </wsse:Security>
> > </soapenv:Header>
> > <soapenv:Body>
> > <tra:saveCustomer>
> > <customer>
> > <!--Optional:-->
> > <name>?</name>
> > <!--Zero or more repetitions:-->
> > <address>?</address>
> > <numOrders>?</numOrders>
> > <revenue>?</revenue>
> > <!--Optional:-->
> > <test>?</test>
> > <!--Optional:-->
> > <birthDate>?</birthDate>
> > <!--Optional:-->
> > <type>?</type>
> > </customer>
> > </tra:saveCustomer>
> > </soapenv:Body>
> > </soapenv:Envelope>
> > --------------------------------------
> > qtp370155726-26 DEBUG
> > [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] - WSS4JInInterceptor:
> > enter handleMessage()
> > qtp370155726-26 WARN [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> > - Security processing failed (actions mismatch)
> > qtp370155726-26 WARN [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> > -
> > org.apache.ws.security.WSSecurityException: An error was discovered
> > processing the <wsse:Security> header
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:383)
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:333)
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
> > at
> > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> > at
> > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> > at
> > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:348)
> > at
> > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:312)
> > at
> > org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
> > at
> > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:943)
> > at
> > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:879)
> > at
> > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
> > at
> > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250)
> > at
> > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
> > at org.eclipse.jetty.server.Server.handle(Server.java:349)
> > at
> > org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
> > at
> > org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:936)
> > at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:801)
> > at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:224)
> > at
> > org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51)
> > at
> > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:586)
> > at
> > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:44)
> > at
> > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
> > at
> > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
> > at java.lang.Thread.run(Thread.java:722)
> > qtp370155726-26 WARN [org.apache.cxf.phase.PhaseInterceptorChain] -
> > Interceptor for {http://training.fusesource.com/}CustomerServiceServicehas thrown
exception, unwinding now
> > org.apache.cxf.binding.soap.SoapFault: An error was discovered processing
> > the <wsse:Security> header
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:804)
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:357)
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
> > at
> > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> > at
> > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> > at
> > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:348)
> > at
> > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:312)
> > at
> > org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
> > at
> > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:943)
> > at
> > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:879)
> > at
> > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
> > at
> > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250)
> > at
> > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
> > at org.eclipse.jetty.server.Server.handle(Server.java:349)
> > at
> > org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
> > at
> > org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:936)
> > at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:801)
> > at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:224)
> > at
> > org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51)
> > at
> > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:586)
> > at
> > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:44)
> > at
> > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
> > at
> > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
> > at java.lang.Thread.run(Thread.java:722)
> > Caused by: org.apache.ws.security.WSSecurityException: An error was
> > discovered processing the <wsse:Security> header
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:383)
> > at
> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:333)
> > ... 22 more
> >  
> > <cxf:cxfEndpoint id="WS"
> > address="http://localhost:9090/training/WebService"
> >  
> > serviceClass="com.fusesource.training.CustomerService">
> > <cxf:outInterceptors>
> > <ref bean="loggingOutInterceptor"/>
> > </cxf:outInterceptors>
> > <cxf:inInterceptors>
> > <ref bean="loggingInInterceptor"/>
> > <ref bean="wss4jInInterceptor"/>
> > </cxf:inInterceptors>
> > </cxf:cxfEndpoint>
> >  
> > <bean id="loggingOutInterceptor"
> > class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
> > <bean id="loggingInInterceptor"
> > class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
> >  
> > <bean id="wss4jInInterceptor"
> > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> > <constructor-arg>
> > <map>
> > <entry key="action" value="UsernameToken"/>
> > <entry key="passwordType" value="PasswordDigest"/>
> > <entry key="passwordCallbackClass"
> > value="com.fusesource.training.camel.UTPasswordCallback"/>
> > </map>
> > </constructor-arg>
> > </bean>
> >  
> > It seems that there is an action mismatch during processing of WSS4J.
> > Does anybody knows how to solve this issue which is perhaps a CXF or
> > WSS4J question?
> >  
> > Regards,
> >  
> > --
> > Charles Moulliard
> > Apache Committer / Sr. Enterprise Architect (RedHat)
> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com
>  
>  
>  
>  
> --  
> Charles Moulliard
> Apache Committer / Sr. Enterprise Architect (RedHat)
> Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com




Mime
View raw message