camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Moulliard <ch0...@gmail.com>
Subject Re: Issue using camel-cxf and wss4j
Date Wed, 09 Jan 2013 19:02:27 GMT
Will test with 1.6.9.

Until now in debug mode, I see that in the class WSS4JInInterceptor, when
we handle the message (handleMessage(SoapMessage msg) throws Fault), the
element is empty (            Element elem =
WSSecurityUtil.getSecurityHeader(doc.getSOAPPart(), actor); ) even if a
SOAPHeader with usernameToken + timeStamp has been provided in the
SOAPEnveloppe


On Wed, Jan 9, 2013 at 6:53 PM, Christian Müller <
christian.mueller@gmail.com> wrote:

> Can you upgrade to wss4j 1.6.9? I had a similar issue...
> Am 09.01.2013 17:31 schrieb "Charles Moulliard" <ch007m@gmail.com>:
>
> > Hi,
> >
> > When I try to authenticate an HTTP request using WS-Security with
> camel-cxf
> > & wss4j interceptor, I get the following error :
> >
> > org.apache.camel.spring.Main.main() INFO
> > [org.apache.camel.spring.SpringCamelContext] - Total 1 routes, of which 1
> > is started.
> > org.apache.camel.spring.Main.main() INFO
> > [org.apache.camel.spring.SpringCamelContext] - Apache Camel 2.10.0
> > (CamelContext: camel-1) started in 0.993 seconds
> > qtp370155726-26 INFO
> >
> >
> [org.apache.cxf.services.CustomerServiceService.CustomerServicePort.CustomerService]
> > - Inbound Message
> > ----------------------------
> > ID: 1
> > Address: http://127.0.0.1:9090/training/WebService
> > Encoding: UTF-8
> > Http-Method: POST
> > Content-Type: text/xml;charset=UTF-8
> > Headers: {accept-encoding=[gzip,deflate], connection=[keep-alive],
> > Content-Length=[1590], content-type=[text/xml;charset=UTF-8], Host=[
> > 127.0.0.1:9090], SOAPAction=["
> http://training.fusesource.com/saveCustomer
> > "],
> > User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
> > Payload: <soapenv:Envelope xmlns:soapenv="
> > http://schemas.xmlsoap.org/soap/envelope/" xmlns:tra="
> > http://training.fusesource.com/">
> >    <soapenv:Header>
> >           <wsse:Security xmlns:wsse="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > "
> >                soap:mustUnderstand="1">
> > <wsse:UsernameToken xmlns:wsse="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > "
> > xmlns:wsu="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> > "
> > wsu:Id="UsernameToken-1">
> > <wsse:Username>charles</wsse:Username>
> > <wsse:Password Type="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> > ">TVzWGxNvhlixNVWol8poD9DHxl8=</wsse:Password>
> > <wsse:Nonce EncodingType="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> > ">WsMNSm/C4dzdPS3OhUi94Q==</wsse:Nonce>
> > <wsu:Created>2013-01-09T15:46:14.908Z</wsu:Created>
> > </wsse:UsernameToken>
> > </wsse:Security>
> >    </soapenv:Header>
> >    <soapenv:Body>
> >       <tra:saveCustomer>
> >          <customer>
> >             <!--Optional:-->
> >             <name>?</name>
> >             <!--Zero or more repetitions:-->
> >             <address>?</address>
> >             <numOrders>?</numOrders>
> >             <revenue>?</revenue>
> >             <!--Optional:-->
> >             <test>?</test>
> >             <!--Optional:-->
> >             <birthDate>?</birthDate>
> >             <!--Optional:-->
> >             <type>?</type>
> >          </customer>
> >       </tra:saveCustomer>
> >    </soapenv:Body>
> > </soapenv:Envelope>
> > --------------------------------------
> > qtp370155726-26 DEBUG
> [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> > - WSS4JInInterceptor: enter handleMessage()
> > qtp370155726-26 WARN
> [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> > - Security processing failed (actions mismatch)
> > qtp370155726-26 WARN
> [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> > -
> > org.apache.ws.security.WSSecurityException: An error was discovered
> > processing the <wsse:Security> header
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:383)
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:333)
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
> > at
> >
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> > at
> >
> >
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> > at
> >
> >
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:348)
> > at
> >
> >
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:312)
> > at
> >
> >
> org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:943)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:879)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250)
> > at
> >
> >
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
> > at org.eclipse.jetty.server.Server.handle(Server.java:349)
> > at
> >
> >
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
> > at
> >
> >
> org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:936)
> > at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:801)
> > at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:224)
> > at
> >
> >
> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51)
> > at
> >
> >
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:586)
> > at
> >
> >
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:44)
> > at
> >
> >
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
> > at
> >
> >
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
> > at java.lang.Thread.run(Thread.java:722)
> > qtp370155726-26 WARN [org.apache.cxf.phase.PhaseInterceptorChain] -
> > Interceptor for {
> http://training.fusesource.com/}CustomerServiceServicehas
> > thrown exception, unwinding now
> > org.apache.cxf.binding.soap.SoapFault: An error was discovered processing
> > the <wsse:Security> header
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:804)
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:357)
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
> > at
> >
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
> > at
> >
> >
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> > at
> >
> >
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:348)
> > at
> >
> >
> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:312)
> > at
> >
> >
> org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:943)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:879)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
> > at
> >
> >
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250)
> > at
> >
> >
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
> > at org.eclipse.jetty.server.Server.handle(Server.java:349)
> > at
> >
> >
> org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
> > at
> >
> >
> org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:936)
> > at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:801)
> > at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:224)
> > at
> >
> >
> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51)
> > at
> >
> >
> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:586)
> > at
> >
> >
> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:44)
> > at
> >
> >
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
> > at
> >
> >
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
> > at java.lang.Thread.run(Thread.java:722)
> > Caused by: org.apache.ws.security.WSSecurityException: An error was
> > discovered processing the <wsse:Security> header
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:383)
> > at
> >
> >
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:333)
> > ... 22 more
> >
> >     <cxf:cxfEndpoint id="WS"
> >                      address="http://localhost:9090/training/WebService"
> >
> >  serviceClass="com.fusesource.training.CustomerService">
> >         <cxf:outInterceptors>
> >             <ref bean="loggingOutInterceptor"/>
> >         </cxf:outInterceptors>
> >         <cxf:inInterceptors>
> >             <ref bean="loggingInInterceptor"/>
> >             <ref bean="wss4jInInterceptor"/>
> >         </cxf:inInterceptors>
> >     </cxf:cxfEndpoint>
> >
> >     <bean id="loggingOutInterceptor"
> > class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
> >     <bean id="loggingInInterceptor"
> > class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
> >
> >     <bean id="wss4jInInterceptor"
> > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
> >         <constructor-arg>
> >             <map>
> >                 <entry key="action" value="UsernameToken"/>
> >                 <entry key="passwordType" value="PasswordDigest"/>
> >                 <entry key="passwordCallbackClass"
> > value="com.fusesource.training.camel.UTPasswordCallback"/>
> >             </map>
> >         </constructor-arg>
> >     </bean>
> >
> > It seems that there is an action mismatch during processing of WSS4J.
> > Does anybody knows how to solve this issue which is perhaps a CXF or
> > WSS4J question?
> >
> > Regards,
> >
> > --
> > Charles Moulliard
> > Apache Committer / Sr. Enterprise Architect (RedHat)
> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com
> >
>



-- 
Charles Moulliard
Apache Committer / Sr. Enterprise Architect (RedHat)
Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message