cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alessio Soldano <asold...@redhat.com>
Subject Re: [WS-Security] JAXWS webservice client without using cxf specific apis
Date Fri, 29 May 2009 08:49:38 GMT
Hi  Rahul,

rahul.soa wrote:
> Is there any way if I can develop the jaxws client with ws-security support
> without using cxf specific apis like org.apache.cxf.endpoint.Client and
> org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
> ws-security jars in CXF)
>   
You could try defining a custom bus in an xml descriptor and specifying 
the security configuration there (using jaxws:client). Then you load 
your bus in the code. Never tried setting the client for ws-security 
with username token this way personally, but I believe it works.

Otherwise you might switch the server on using WS-Security Policy, so 
that the configuration on client side is driven by the policies and you 
don't have to manually install interceptors using the API: 
http://cwiki.apache.org/CXF20DOC/ws-securitypolicy.html

> Is there any sample code available for the same?
>   
The bus specified can be loaded doing something like:

SpringBusFactory busFactory = new SpringBusFactory();
URL cxfConfig = getResourceURL("jaxws/cxf/interop/wstrust10/META-INF/" + 
scenario + "-client-config.xml");
bus = busFactory.createBus(cxfConfig);
BusFactory.setDefaultBus(bus);


Speaking of WS-Security Policy, instead, I've done that on top of JBoss, 
but it should basically work independently, it's a standard client after 
all: 
http://anonsvn.jboss.org/repos/jbossws/stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wssePolicy/UsernameTestCase.java

> I am trying the following code but it gives me a SOAPFaultException,
>
>
> //quote
>
> public static void main(String args[]) throws Exception
> {
> Service service=Service.create(new URL("
> http://localhost:8095/orderapp/OrderProcess?wsdl"), new QName("
> http://order.demo/", "OrderProcessImplService"));
> OrderProcess hw = service.getPort(OrderProcess.class);
>
> Map outProps = new HashMap();
>
> outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
> outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
>
> ((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
> "ws-client");
> ((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
> "password");
> ((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
> ((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_TYPE,
> WSConstants.PW_TEXT);
>
> Order order = new Order();
> System.out.println(hw.processOrder(order));
>
> }
>
> //unquote
>
> Exception:
>
> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: An error
> was discovered processing the <wsse:Security> header
>     at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
>     at $Proxy34.processOrder(Unknown Source)
>     at demo.order.client.CL.main(CL.java:74)
> Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> processing the <wsse:Security> header
>     a
I think you get this simply because the security interceptors are not 
installed.
Cheers
Alessio

-- 
Alessio Soldano
Web Service Lead
JBoss, a division of Red Hat


Mime
View raw message