cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josef.Eis...@bgs-ag.de
Subject Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: WS-Client throws Exception in WSS4JInInterceptor
Date Fri, 12 Sep 2008 14:48:23 GMT
Hi Dan,

yes sure you are right. We have probably tested everything to give it a 
try.

Do you know why the WSS4JInInterceptor is called? I configured only 
OutInterceptors for the client.

-Josef





Daniel Kulp <dkulp@apache.org> 
11.09.2008 20:55
Bitte antworten an
users@cxf.apache.org


An
users@cxf.apache.org
Kopie
Josef.Eisele@bgs-ag.de
Thema
Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: 
WS-Client throws Exception in WSS4JInInterceptor








The WSS4JOutInterceptor is pretty much useless without it being setup via 
spring config.   It requires the actions to be set, any keys, password 
callbacks, etc..... 

Dan


On Monday 08 September 2008 9:34:28 am Josef.Eisele@bgs-ag.de wrote:
> Hi Freeman,
>
> if I add the OutInterceptors directy:
>
> @OutInterceptors(interceptors={
> "org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor",
> "org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" })
> public interface MyWSIF {
>
> I get :
>
> 8.09.2008 14:57:39 org.apache.cxf.phase.PhaseInterceptorChain 
doIntercept
> INFO: Interceptor has thrown exception, unwinding now
> org.apache.cxf.binding.soap.SoapFault: NO_ACTION
>         at
> 
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4JOut
>Interceptor.java:91) at
> 
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.handleMessage(WSS4JOut
>Interceptor.java:42) at
> 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:207)
>
>
>
> -Josef
>
>
>
>
> Freeman Fang <freeman.fang@gmail.com>
> 08.09.2008 14:30
> Bitte antworten an
> users@cxf.apache.org
>
>
> An
> users@cxf.apache.org
> Kopie
>
> Thema
> Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: WS-Client throws
> Exception in WSS4JInInterceptor
>
>
>
>
>
>
> Hi Josef,
>
> Could you just add WSS4jOutInterceptor and SAAJOutInterceptor into
> @OutInterceptors?
>
> Regards
> Freeman
>
> Josef.Eisele@bgs-ag.de wrote:
> > Hi Freeman,
> >
> > The @OutInterceptors and @InInterceptors are both on the interface:
> >
> > @Stateless
> > @WebService(name="MyWS", serviceName="MyWSService", 
portName="ZielPort")
> > public class MyWSImpl implements MyWSIF {
> >
> > @WebService(name="MyWS", serviceName="MyWSService", 
portName="ZielPort")
> > @InInterceptors(interceptors={ "myPath.WSSecurityInInterceptor" })
> > @OutInterceptors(interceptors={ "myPath.WSSecurityOutInterceptor" })
> > public interface MyWSIF {
> >
> > If I put the InInterceptor only on the implementation class, it is not
> > used. I haven't tested all possibilities with Out- and 
In-Interceptors,
> > but I had better results on the interface.
> >
> > -Josef
> >
> >
> >
> >
> > Freeman Fang <freeman.fang@gmail.com>
> > 08.09.2008 12:08
> > Bitte antworten an
> > users@cxf.apache.org
> >
> >
> > An
> > users@cxf.apache.org
> > Kopie
> >
> > Thema
> > Re: Antwort: Re: Antwort: Re: Antwort: Re: WS-Client throws Exception 
in
> >
> > WSS4JInInterceptor
> >
> >
> >
> >
> >
> >
> > the error shows the messge.getContent(SOAPMessage.class) return null,
> > SAAJOutInterceptor should set this content, are you sure you add
> > SAAJOutInterceptor to the @OutInterceptors annotation of your
> > serviceImpl class?
> >
> > Regards
> > Freeman
> >
> > Josef.Eisele@bgs-ag.de wrote:
> >> Hi Freeman,
> >>
> >> thanx a lot for your fast response. I added the 2 interceptors using
>
> the
>
> >> annotation @OutInterceptors
> >>
> >> Now I get the error from the server:
> >> 05.09.2008 16:42:53
>
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor
>
> >> handleMessage
> >> WARNUNG: SAAJOutHandler must be enabled for WS-Security!
> >> 05.09.2008 16:42:53 org.apache.cxf.phase.PhaseInterceptorChain
> >
> > doIntercept
> >
> >> or in SOAP:
> >> <soap:Fault>
> >> <faultcode>soap:Server</faultcode>
> >> <faultstring>NO_SAAJ_DOC</faultstring>
> >> </soap:Fault>
> >>
> >> I created a new class WSSecurityOutInterceptor and in the
> >> handleMessage-Method I tried:
> >>
> >> 1)              message.getInterceptorChain().add(new
> >> SAAJOutInterceptor());
> >>                 message.getInterceptorChain().add(new
> >> WSS4JOutInterceptor());
> >>
> >> or 2):
> >> Map<String,Object> props = new HashMap<String,Object>();
> >>                 props.put(WSHandlerConstants.ACTION,
> >> WSHandlerConstants.USERNAME_TOKEN
> >>                                 + " " + 
WSHandlerConstants.SIGNATURE);
> >>         // TODO Anpassen, User aus DB
> >>                 props.put(WSHandlerConstants.USER, "user");
> >>                 props.put(WSHandlerConstants.PASSWORD_TYPE,
> >> WSConstants.PW_DIGEST);
> >>                 props.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> >> ClientPasswordCallback.class.getName());
> >>                 props.put(WSHandlerConstants.SIG_PROP_FILE,
> >> "client_sign.properties");
> >>
> >>                 message.getInterceptorChain().add(new
> >> SAAJOutInterceptor());
> >>                 message.getInterceptorChain().add(new
> >> WSS4JOutInterceptor(props));
> >>
> >>
> >> How can I activate the SAAJOutHandler or what do I wrong?
> >>
> >> -Josef
> >>
> >>
> >>
> >>
> >>
> >> Freeman Fang <freeman.fang@gmail.com>
> >> 05.09.2008 16:34
> >> Bitte antworten an
> >> users@cxf.apache.org
> >>
> >>
> >> An
> >> users@cxf.apache.org
> >> Kopie
> >>
> >> Thema
> >> Re: Antwort: Re: Antwort: Re: WS-Client throws Exception in
> >> WSS4JInInterceptor
> >>
> >>
> >>
> >>
> >>
> >>
> >> Hi Josef,
> >>
> >> Take a look at [1] about the interceptors in cxf.
> >>
> >> For your code, I believe add it into annotation @OutInterceptors 
should
> >>
> >> be fine, also you can find several other ways from [1] to configure 
it.
> >>
> >> But I'm not sure
> >> message.getInterceptorChain().add(new SAAJOutInterceptor());
> >> works for you, since the message here in your code is incoming 
message
> >> but you need add interceptors to process the outgoing message.
> >>
> >> Regards
> >> Freeman
> >>
> >> [1]http://cwiki.apache.org/CXF20DOC/interceptors.html
> >>
> >> Josef.Eisele@bgs-ag.de wrote:
> >>> Hi Freeman,
> >>>
> >>> o.k. I will try that. Do I have to add the OutInterceptors in the 
way:
> >>>
> >>> @OutInterceptors...
> >>>
> >>> or here:
> >>>
> >>> message.getInterceptorChain().add(new SAAJOutInterceptor());
> >>> ...
> >>> ??
> >>>
> >>> Is there any documentation on that?
> >>>
> >>> - Josef
> >>>
> >>>
> >>>
> >>>
> >>> Freeman Fang <freeman.fang@gmail.com>
> >>> 05.09.2008 11:31
> >>> Bitte antworten an
> >>> users@cxf.apache.org
> >>>
> >>>
> >>> An
> >>> users@cxf.apache.org
> >>> Kopie
> >>>
> >>> Thema
> >>> Re: Antwort: Re: WS-Client throws Exception in WSS4JInInterceptor
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> Hi Josef,
> >>> You should add WSS4JOutInterceptor and SAAJOutInterceptor for your
> >>> server side  as well.
> >>>
> >>> Regards
> >>> Freeman
> >>>
> >>> Josef.Eisele@bgs-ag.de wrote:
> >>>> Hi Freeman,
> >>>>
> >>>> no as I understand we did not add OutInterceptors on the 
ServerSide:
> >>>>
> >>>> We use EJB3.0 and the WSImpl class looks like:
> >>>>
> >>>> @Stateless
> >>>> @WebService(name="MyWS", serviceName="MyService",
>
> portName="ZielPort")
>
> >>>> @InInterceptors(interceptors={ myPath.WSSecurityInterceptor" })
> >>>> public class MyWSImpl implements MyWSInterface {
> >>>>
> >>>> The myPath.WSSecurityInterceptor class adds the Interceptors in the
> >>
> >> way:
> >>>> message.getInterceptorChain().add(new SAAJInInterceptor());
> >>>> ...
> >>>>
> >>>> Is this o.k.?
> >>>>
> >>>> -Josef
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Freeman Fang <freeman.fang@gmail.com>
> >>>> 05.09.2008 11:01
> >>>> Bitte antworten an
> >>>> users@cxf.apache.org
> >>>>
> >>>>
> >>>> An
> >>>> users@cxf.apache.org
> >>>> Kopie
> >>>>
> >>>> Thema
> >>>> Re: WS-Client throws Exception in WSS4JInInterceptor
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> One quick question, did you also add WSS4JOutInterceptor and
> >>>> SAAJOutInterceptor for your server side?
> >>>>
> >>>> Regards
> >>>> Freeman
> >>>>
> >>>> Josef.Eisele@bgs-ag.de wrote:
> >>>>> Hi,
> >>>>>
> >>>>> we use UsernameToken and Signature in our WS-Security Secenario.
> >>>>>
> >>>>> For the Client we add SAAJOutInterceptor (because of Apache CXF
> >
> > 2.0.x)
> >
> >>>> and
> >>>>
> >>>>> WSS4JOutInterceptor as additional OutInterceptors. ()
> >>>>> For the Server we add SAAJInInterceptor (because of Apache CXF
> >
> > 2.0.x),
> >
> >>>>> WSS4JInInterceptor and ValidateUserTokenInterceptor(own
> >>
> >> Implementation)
> >>
> >>>> as
> >>>>
> >>>>> InInterceptors.
> >>>>>
> >>>>> The client puts all necessary information into the request, as far
>
> as
>
> >> I
> >>
> >>>>> understand the data in my TCP/IP Monitor. The server processes the
> >>>>
> >>>> Request
> >>>>
> >>>>> and I see no errors in WSSecurityEngine, WSS4jInInterceptor etc.

The
> >>>>>
> >>>>> server sends a HTTP/1.1 200 OK back to the client. And now the
>
> client
>
> >>>>> throws an error:
> >>>>>
> >>>>> INFO: Interceptor has thrown exception, unwinding now
> >>>>> org.apache.cxf.binding.soap.SoapFault: Request does not contain
> >>>
> >>> required
> >>>
> >>>>> Security header.
> >>>>>         at
>
> 
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInIn
>terceptor.java:150)
>
> >>>>>         at
>
> 
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInIn
>terceptor.java:60)
>
> >>>>>         at
>
> 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:207)
>
> >>>>>         at
> >>>>> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:395)
> >>>>>         at
>
> 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>e(HTTPConduit.java:1932)
>
> >>>>>         at
>
> 
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
>duit.java:1790)
>
> >>>>>         at
> >>
> >> 
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> >>
> >>>>>         at
>
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:576)
>
> >>>>>         at
>
> 
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
>rceptor.handleMessage(MessageSenderInterceptor.java:62)
>
> >>>>>         at
>
> 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:207)
>
> >>>>>         at
> >>>>
> >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
> >>>>
> >>>>>         at
> >>>>
> >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
> >>>>
> >>>>>         at
> >>>>> 
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> >>>>>         at
> >>
> >> 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
> >>
> >>>>> I checked the code of WSS4JInInterceptor and I see wsResult == 
null,
> >>>>>
> >>>>> because
> >>>>>                 wsResult =
> >>>>> secEngine.processSecurityHeader(doc.getSOAPPart(), actor, 
cbHandler,
> >>>>>
> >>>>> reqData
> >>>>>                     .getSigCrypto(), reqData.getDecCrypto());
> >>>>> is null as well.
> >>>>>
> >>>>> I don't understand why the client calls this InInterceptor ???
> >>>>>
> >>>>> -Josef
> >>>>> BGS Beratungsgesellschaft
> >>>>> Software Systemplanung AG         Niederlassung Rhein/Main
> >>>>> Robert-Koch-Straße 41
> >>>>> 55129 Mainz
> >>>>> Fon: +49 (0) 6131 / 914-0
> >>>>> Fax: +49 (0) 6131 / 914-400
> >>>>> www.bgs-ag.de Geschäftssitz Mainz
> >>>>> Registergericht
> >>>>> Amtsgericht Mainz
> >>>>> HRB 62 50
> >>>>>   Aufsichtsratsvorsitzender
> >>>>> Klaus Hellwig
> >>>>> Vorstand
> >>>>> Hanspeter Gau
> >>>>> Hermann Kiefer
> >>>>> Nils Manegold
> >>>>
> >>>> BGS Beratungsgesellschaft
> >>>> Software Systemplanung AG
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Niederlassung Rhein/Main
> >>>> Robert-Koch-Straße 41
> >>>> 55129 Mainz
> >>>> Fon: +49 (0) 6131 / 914-0
> >>>> Fax: +49 (0) 6131 / 914-400
> >>>> www.bgs-ag.de
> >>>> Geschäftssitz Mainz
> >>>> Registergericht
> >>>> Amtsgericht Mainz
> >>>> HRB 62 50
> >>>>
> >>>> Aufsichtsratsvorsitzender
> >>>> Klaus Hellwig
> >>>> Vorstand
> >>>> Hanspeter Gau
> >>>> Hermann Kiefer
> >>>> Nils Manegold
> >>>
> >>> BGS Beratungsgesellschaft
> >>> Software Systemplanung AG         Niederlassung Rhein/Main
> >>> Robert-Koch-Straße 41
> >>> 55129 Mainz
> >>> Fon: +49 (0) 6131 / 914-0
> >>> Fax: +49 (0) 6131 / 914-400
> >>> www.bgs-ag.de Geschäftssitz Mainz
> >>> Registergericht
> >>> Amtsgericht Mainz
> >>> HRB 62 50
> >>>   Aufsichtsratsvorsitzender
> >>> Klaus Hellwig
> >>> Vorstand
> >>> Hanspeter Gau
> >>> Hermann Kiefer
> >>> Nils Manegold
> >>
> >> BGS Beratungsgesellschaft
> >> Software Systemplanung AG         Niederlassung Rhein/Main
> >> Robert-Koch-Straße 41
> >> 55129 Mainz
> >> Fon: +49 (0) 6131 / 914-0
> >> Fax: +49 (0) 6131 / 914-400
> >> www.bgs-ag.de Geschäftssitz Mainz
> >> Registergericht
> >> Amtsgericht Mainz
> >> HRB 62 50
> >>   Aufsichtsratsvorsitzender
> >> Klaus Hellwig
> >> Vorstand
> >> Hanspeter Gau
> >> Hermann Kiefer
> >> Nils Manegold
> >
> > BGS Beratungsgesellschaft
> > Software Systemplanung AG         Niederlassung Rhein/Main
> > Robert-Koch-Straße 41
> > 55129 Mainz
> > Fon: +49 (0) 6131 / 914-0
> > Fax: +49 (0) 6131 / 914-400
> > www.bgs-ag.de Geschäftssitz Mainz
> > Registergericht
> > Amtsgericht Mainz
> > HRB 62 50
> >   Aufsichtsratsvorsitzender
> > Klaus Hellwig
> > Vorstand
> > Hanspeter Gau
> > Hermann Kiefer
> > Nils Manegold
>
> BGS Beratungsgesellschaft
> Software Systemplanung AG         Niederlassung Rhein/Main
> Robert-Koch-Straße 41
> 55129 Mainz
> Fon: +49 (0) 6131 / 914-0
> Fax: +49 (0) 6131 / 914-400
> www.bgs-ag.de Geschäftssitz Mainz
> Registergericht
> Amtsgericht Mainz
> HRB 62 50
>   Aufsichtsratsvorsitzender
> Klaus Hellwig
> Vorstand
> Hanspeter Gau
> Hermann Kiefer
> Nils Manegold



-- 
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog


BGS Beratungsgesellschaft 
Software Systemplanung AG         Niederlassung Rhein/Main 
Robert-Koch-Straße 41 
55129 Mainz 
Fon: +49 (0) 6131 / 914-0 
Fax: +49 (0) 6131 / 914-400 
www.bgs-ag.de Geschäftssitz Mainz 
Registergericht 
Amtsgericht Mainz 
HRB 62 50 
  Aufsichtsratsvorsitzender 
Klaus Hellwig 
Vorstand 
Hanspeter Gau 
Hermann Kiefer 
Nils Manegold 

  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message