cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From difrad76 <difra...@gmail.com>
Subject Help with custom user credential validator
Date Tue, 08 Oct 2013 01:06:02 GMT
Hello,

Let me start by saying I am new to CXF . I am trying to implement
WS-Security using latest and greatest release of CXF which is 2.7.7. Also, I
don't use spring framework.

In my wsdl I have  the following code for WS-Security

<wsp:Policy wsu:Id="DoubleItDigestPolicy">
	  
	  <sp:ProtectionToken>
	    <wsp:Policy>
	      <sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
			<wsp:Policy>
			  
			  <sp:NoPassword/>
			</wsp:Policy>
	      </sp:UsernameToken>
	    </wsp:Policy>
	  
	  </sp:ProtectionToken>
  </wsp:Policy>


In cxf-beans.xml bellow I have defined custom CallbackHandler

<jaxws:inInterceptors>
            <bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
                <constructor-arg>
                    <map>
                        <entry key="action" value="UsernameToken" />
                        <entry key="passwordType" value="PasswordDigest" />
                        <entry key="passwordCallbackClass"
value="com.security.ServerPasswordCallback" />
                    </map>
                </constructor-arg>
            </bean>     
        </jaxws:inInterceptors>

However I am getting the following exceptions

Oct 07, 2013 7:58:19 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
handleMessage
WARNING: 
org.apache.ws.security.WSSecurityException: The security token could not be
authenticated or authorized
	at
org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:199)
	at
org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:97)
	at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:172)
	at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:67)
	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:279)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:95)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
	at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
	at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
	at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153)
	at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:167)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
	at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
	at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164)
	at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
	at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
	at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
	at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:562)
	at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
	at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:395)
	at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:250)
	at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
	at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:166)
	at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
	at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:724)

Oct 07, 2013 7:58:19 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for {http://ws.security.com/}ManagerService has thrown
exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: The security token could not be
authenticated or authorized
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:788)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:336)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:95)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
	at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
	at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
	at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153)
	at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:167)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
	at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
	at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164)
	at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
	at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
	at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
	at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:562)
	at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
	at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:395)
	at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:250)
	at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
	at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:166)
	at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
	at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:724)
Caused by: org.apache.ws.security.WSSecurityException: The security token
could not be authenticated or authorized
	at
org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:199)
	at
org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:97)
	at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:172)
	at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:67)
	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:279)
	... 29 more


I think I need to add a custom validator but I am not sure neither how to 
bind it nor which interface to implement. I am sure people had this issue
before but unfortunately I can't find a good example to send me on my way.

Thank you for your help.



--
View this message in context: http://cxf.547215.n5.nabble.com/Help-with-custom-user-credential-validator-tp5734798.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message