cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From marcob <m.ba...@satanet.it>
Subject Re: CXF 2.2.x ampersand issue
Date Wed, 06 May 2009 14:16:56 GMT

Hi,

I tested that the problem occurs if I enable WS-Security. Below the test
case.

Service Interface:
@WebService(name = "BatchManagerService", targetNamespace =
"http://www.satanet.it/kfi")
public interface IBatchManagerService {
  @WebResult(targetNamespace = "http://www.satanet.it/kfi")
  public String echo(@WebParam(name="text") String txt);
}

Service implementation:
@WebService(endpointInterface =
"it.satanet.karthaForInvoice.commonInterfaces.batchManager.IBatchManagerService",
serviceName = "BatchManagerService", targetNamespace =
"http://www.satanet.it/kfi")
public class BatchManagerServiceImpl implements IBatchManagerService {

  @Override
  public String echo(String txt) {
    System.out.println(txt);
    return txt;
  }

}

Service Spring cfg:
<bean id="aegisDatabinding"
class="org.apache.cxf.aegis.databinding.AegisDatabinding" scope="prototype"
/>

<bean id="myPasswordCallback"
class="it.satanet.karthaForInvoice.commonInterfaces.ws_util.ServerPasswordCallback"/>

<!-- WS -->

<bean id="wsService"
class="it.satanet.karthaForInvoice.batchManager.service.BatchManagerServiceImpl"
/>
<bean id="serviceFactory"
class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean"
scope="prototype">
  <property name="dataBinding" ref="aegisDatabinding" />
</bean>
<jaxws:server id="wsServiceEndpoint" serviceBean="#wsService"
serviceClass="it.satanet.karthaForInvoice.batchManager.service.BatchManagerServiceImpl"
address="/ws">
<jaxws:serviceFactory>
  <ref bean="serviceFactory" />
</jaxws:serviceFactory>

<jaxws:inInterceptors>
  <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
     <constructor-arg>
        <map>
           <entry key="action" value="UsernameToken"/>
           <entry key="passwordType" value="PasswordText"/>
           <entry key="passwordCallbackRef">
              <ref bean="myPasswordCallback"/>
           </entry>
        </map>
     </constructor-arg>
  </bean>
</jaxws:inInterceptors>

<jaxws:properties>
  <entry key="mtom-enabled" value="true" />
</jaxws:properties>

</jaxws:server>


Client (generic, but you can replace T with the service interface):
  @SuppressWarnings("unchecked")
  public T getClientProxy(Class<T> c) {
    JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();

    // logging
    // factory.getInInterceptors().add(new LoggingInInterceptor());
    // factory.getOutInterceptors().add(new LoggingOutInterceptor());

    Map<String, Object> outProps = new HashMap<String, Object>();
    WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
    factory.getOutInterceptors().add(wssOut);
    outProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN);
    // Specify our username
    outProps.put(WSHandlerConstants.USER,
ServerPasswordCallback.WS_SECURITY_USER);
    // Password type : plain text
    outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
    // for hashed password use:
    // properties.put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_DIGEST);
    outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordHandler.class.getName());

    // invocation
    factory.setServiceClass(c);
    AegisDatabinding dataBinding = new AegisDatabinding();
    dataBinding.setMtomEnabled(MTOM_ENABLED);
    dataBinding.setMtomUseXmime(MTOM_ENABLED);
    factory.setDataBinding(dataBinding);
    factory.setAddress(wsUrl);
    Map<String, Object> properties = factory.getProperties();
    if (properties == null) {
      properties = new HashMap<String, Object>();
      factory.setProperties(properties);
    }
    properties.put("mtom-enabled", MTOM_ENABLED);
    
    return (T) factory.create();    
  }
  
By disabling WSS4J support, everything works fine.
Right now, I think I can do without WSS4J but I'd like to know what goes
wrong.
Marco


dkulp wrote:
> 
> 
> A simple testcase for this would be great if at all possible. 
> 
> I just tested this by adding the string "john&marry" to the testString
> stuff 
> in our type tests and it passed fine.   The full string was properly
> echoed 
> back.    Thus, I'm not sure what would be going on.    A test case would 
> definitely be useful.
> 
> 
> Dan
> 
> 
> 
> On Fri May 1 2009 3:38:44 am marcob wrote:
>> That was my first reaction as well!
>> Yes, I have CXF at both ends. I don't know if it might help, but in the
>> previous post I forgot to say that my WS stack also includes a WS
>> Security
>> Interceptor. When I come back to the office (Monday), I'll test the same
>> code without WS-Security and check whether exists a more updated version
>> of
>> woodstox library.
>> In the meanwhile, any further suggestion is very welcome!
>> Marco
>>
>> bimargulies wrote:
>> > My first reaction is that I don't believe it. It is the woodstox code
>> > that handles all of this, not us. Is the CXF on both ends?
>> >
>> > On Thu, Apr 30, 2009 at 12:21 PM, marcob <m.barbi@satanet.it> wrote:
>> >> Hi,
>> >>
>> >> I've found this unexpected behaviour while using cxf 2.2.x + JaxWS +
>> >> Aegis.
>> >> If I define a method that accepts string parameters, e.g.
>> >>
>> >> public void echo(String text) {
>> >>  System.out.println(text);
>> >> }
>> >>
>> >> and I pass a string containing the ampersand character (&), e.g.
>> >> "john&lucy", the echo method only prints "john". I investigated the
>> >> problem
>> >> with an HTTP Monitor and it seems that at client side the string is
>> >> correctly escaped (the SOAP request contains the "john&amp;amp;lucy"
>> >> text)
>> >> but, at server side, the string is truncated at the & character
>> >> position.
>> >>
>> >> From my point of view, it seems to be a bug.
>> >> Any solution?
>> >> Thanks
>> >> Marco
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23319655.html
>> >> Sent from the cxf-user mailing list archive at Nabble.com.
> 
> -- 
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
> 
> 

-- 
View this message in context: http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23407586.html
Sent from the cxf-user mailing list archive at Nabble.com.


Mime
View raw message