camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Moulliard <ch0...@gmail.com>
Subject Issue using camel-cxf and wss4j
Date Wed, 09 Jan 2013 16:30:56 GMT
Hi,

When I try to authenticate an HTTP request using WS-Security with camel-cxf
& wss4j interceptor, I get the following error :

org.apache.camel.spring.Main.main() INFO
[org.apache.camel.spring.SpringCamelContext] - Total 1 routes, of which 1
is started.
org.apache.camel.spring.Main.main() INFO
[org.apache.camel.spring.SpringCamelContext] - Apache Camel 2.10.0
(CamelContext: camel-1) started in 0.993 seconds
qtp370155726-26 INFO
[org.apache.cxf.services.CustomerServiceService.CustomerServicePort.CustomerService]
- Inbound Message
----------------------------
ID: 1
Address: http://127.0.0.1:9090/training/WebService
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml;charset=UTF-8
Headers: {accept-encoding=[gzip,deflate], connection=[keep-alive],
Content-Length=[1590], content-type=[text/xml;charset=UTF-8], Host=[
127.0.0.1:9090], SOAPAction=["http://training.fusesource.com/saveCustomer"],
User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
Payload: <soapenv:Envelope xmlns:soapenv="
http://schemas.xmlsoap.org/soap/envelope/" xmlns:tra="
http://training.fusesource.com/">
   <soapenv:Header>
          <wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
               soap:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1">
<wsse:Username>charles</wsse:Username>
<wsse:Password Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
">TVzWGxNvhlixNVWol8poD9DHxl8=</wsse:Password>
<wsse:Nonce EncodingType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
">WsMNSm/C4dzdPS3OhUi94Q==</wsse:Nonce>
<wsu:Created>2013-01-09T15:46:14.908Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
   </soapenv:Header>
   <soapenv:Body>
      <tra:saveCustomer>
         <customer>
            <!--Optional:-->
            <name>?</name>
            <!--Zero or more repetitions:-->
            <address>?</address>
            <numOrders>?</numOrders>
            <revenue>?</revenue>
            <!--Optional:-->
            <test>?</test>
            <!--Optional:-->
            <birthDate>?</birthDate>
            <!--Optional:-->
            <type>?</type>
         </customer>
      </tra:saveCustomer>
   </soapenv:Body>
</soapenv:Envelope>
--------------------------------------
qtp370155726-26 DEBUG [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
- WSS4JInInterceptor: enter handleMessage()
qtp370155726-26 WARN [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
- Security processing failed (actions mismatch)
qtp370155726-26 WARN [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
-
org.apache.ws.security.WSSecurityException: An error was discovered
processing the <wsse:Security> header
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:383)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:333)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:348)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:312)
at
org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:943)
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:879)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
at
org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:936)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:801)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:224)
at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51)
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:586)
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:44)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
at java.lang.Thread.run(Thread.java:722)
qtp370155726-26 WARN [org.apache.cxf.phase.PhaseInterceptorChain] -
Interceptor for {http://training.fusesource.com/}CustomerServiceService has
thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: An error was discovered processing
the <wsse:Security> header
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:804)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:357)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:348)
at
org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:312)
at
org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:943)
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:879)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:250)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at
org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
at
org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:936)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:801)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:224)
at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51)
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:586)
at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:44)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
at java.lang.Thread.run(Thread.java:722)
Caused by: org.apache.ws.security.WSSecurityException: An error was
discovered processing the <wsse:Security> header
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:383)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:333)
... 22 more

    <cxf:cxfEndpoint id="WS"
                     address="http://localhost:9090/training/WebService"
                     serviceClass="com.fusesource.training.CustomerService">
        <cxf:outInterceptors>
            <ref bean="loggingOutInterceptor"/>
        </cxf:outInterceptors>
        <cxf:inInterceptors>
            <ref bean="loggingInInterceptor"/>
            <ref bean="wss4jInInterceptor"/>
        </cxf:inInterceptors>
    </cxf:cxfEndpoint>

    <bean id="loggingOutInterceptor"
class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
    <bean id="loggingInInterceptor"
class="org.apache.cxf.interceptor.LoggingInInterceptor"/>

    <bean id="wss4jInInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
        <constructor-arg>
            <map>
                <entry key="action" value="UsernameToken"/>
                <entry key="passwordType" value="PasswordDigest"/>
                <entry key="passwordCallbackClass"
value="com.fusesource.training.camel.UTPasswordCallback"/>
            </map>
        </constructor-arg>
    </bean>

It seems that there is an action mismatch during processing of WSS4J.
Does anybody knows how to solve this issue which is perhaps a CXF or
WSS4J question?

Regards,

-- 
Charles Moulliard
Apache Committer / Sr. Enterprise Architect (RedHat)
Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message