cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alessio Soldano <>
Subject Re: [WS-Security] JAXWS webservice client without using cxf specific apis
Date Fri, 29 May 2009 08:49:38 GMT
Hi  Rahul,

rahul.soa wrote:
> Is there any way if I can develop the jaxws client with ws-security support
> without using cxf specific apis like org.apache.cxf.endpoint.Client and
> org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
> ws-security jars in CXF)
You could try defining a custom bus in an xml descriptor and specifying 
the security configuration there (using jaxws:client). Then you load 
your bus in the code. Never tried setting the client for ws-security 
with username token this way personally, but I believe it works.

Otherwise you might switch the server on using WS-Security Policy, so 
that the configuration on client side is driven by the policies and you 
don't have to manually install interceptors using the API:

> Is there any sample code available for the same?
The bus specified can be loaded doing something like:

SpringBusFactory busFactory = new SpringBusFactory();
URL cxfConfig = getResourceURL("jaxws/cxf/interop/wstrust10/META-INF/" + 
scenario + "-client-config.xml");
bus = busFactory.createBus(cxfConfig);

Speaking of WS-Security Policy, instead, I've done that on top of JBoss, 
but it should basically work independently, it's a standard client after 

> I am trying the following code but it gives me a SOAPFaultException,
> //quote
> public static void main(String args[]) throws Exception
> {
> Service service=Service.create(new URL("
> http://localhost:8095/orderapp/OrderProcess?wsdl"), new QName("
> http://order.demo/", "OrderProcessImplService"));
> OrderProcess hw = service.getPort(OrderProcess.class);
> Map outProps = new HashMap();
> outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
> outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
> ((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
> "ws-client");
> ((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
> "password");
> ((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
> ((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_TYPE,
> WSConstants.PW_TEXT);
> Order order = new Order();
> System.out.println(hw.processOrder(order));
> }
> //unquote
> Exception:
> Exception in thread "main" An error
> was discovered processing the <wsse:Security> header
>     at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
>     at $Proxy34.processOrder(Unknown Source)
>     at demo.order.client.CL.main(
> Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> processing the <wsse:Security> header
>     a
I think you get this simply because the security interceptors are not 

Alessio Soldano
Web Service Lead
JBoss, a division of Red Hat

View raw message