Return-Path: 
 <users-return-14894-apmail-cxf-users-archive=cxf.apache.org@cxf.apache.org>
Delivered-To: apmail-cxf-users-archive@www.apache.org
Received: (qmail 41132 invoked from network); 6 May 2009 14:19:39 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 6 May 2009 14:19:39 -0000
Received: (qmail 52269 invoked by uid 500); 6 May 2009 14:19:13 -0000
Delivered-To: apmail-cxf-users-archive@cxf.apache.org
Received: (qmail 52072 invoked by uid 500); 6 May 2009 14:18:58 -0000
Mailing-List: contact users-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cxf.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cxf.apache.org>
List-Post: <mailto:users@cxf.apache.org>
List-Id: <users.cxf.apache.org>
Reply-To: users@cxf.apache.org
Delivered-To: mailing list users@cxf.apache.org
Received: (qmail 51669 invoked by uid 99); 6 May 2009 14:18:14 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 May 2009 14:17:28 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates
 216.139.236.158 as permitted sender)
Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 May 2009 14:17:17 +0000
Received: from isper.nabble.com ([192.168.236.156])
	by kuber.nabble.com with esmtp (Exim 4.63)
	(envelope-from <lists@nabble.com>)
	id 1M1hvc-0002nl-8G
	for users@cxf.apache.org; Wed, 06 May 2009 07:16:56 -0700
Message-ID: <23407586.post@talk.nabble.com>
Date: Wed, 6 May 2009 07:16:56 -0700 (PDT)
From: marcob <m.barbi@satanet.it>
To: users@cxf.apache.org
Subject: Re: CXF 2.2.x ampersand issue
In-Reply-To: <200905041258.32563.dkulp@apache.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Nabble-From: m.barbi@satanet.it
References: <23319655.post@talk.nabble.com>
 <61b5d9410904301045t423be4a8o56cecd2d5a351df6@mail.gmail.com>
 <23329440.post@talk.nabble.com> <200905041258.32563.dkulp@apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org


Hi,

I tested that the problem occurs if I enable WS-Security. Below the test
case.

Service Interface:
@WebService(name = "BatchManagerService", targetNamespace =
"http://www.satanet.it/kfi")
public interface IBatchManagerService {
  @WebResult(targetNamespace = "http://www.satanet.it/kfi")
  public String echo(@WebParam(name="text") String txt);
}

Service implementation:
@WebService(endpointInterface =
"it.satanet.karthaForInvoice.commonInterfaces.batchManager.IBatchManagerService",
serviceName = "BatchManagerService", targetNamespace =
"http://www.satanet.it/kfi")
public class BatchManagerServiceImpl implements IBatchManagerService {

  @Override
  public String echo(String txt) {
    System.out.println(txt);
    return txt;
  }

}

Service Spring cfg:
<bean id="aegisDatabinding"
class="org.apache.cxf.aegis.databinding.AegisDatabinding" scope="prototype"
/>

<bean id="myPasswordCallback"
class="it.satanet.karthaForInvoice.commonInterfaces.ws_util.ServerPasswordCallback"/>

<!-- WS -->

<bean id="wsService"
class="it.satanet.karthaForInvoice.batchManager.service.BatchManagerServiceImpl"
/>
<bean id="serviceFactory"
class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean"
scope="prototype">
  <property name="dataBinding" ref="aegisDatabinding" />
</bean>
<jaxws:server id="wsServiceEndpoint" serviceBean="#wsService"
serviceClass="it.satanet.karthaForInvoice.batchManager.service.BatchManagerServiceImpl"
address="/ws">
<jaxws:serviceFactory>
  <ref bean="serviceFactory" />
</jaxws:serviceFactory>

<jaxws:inInterceptors>
  <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
     <constructor-arg>
        <map>
           <entry key="action" value="UsernameToken"/>
           <entry key="passwordType" value="PasswordText"/>
           <entry key="passwordCallbackRef">
              <ref bean="myPasswordCallback"/>
           </entry>
        </map>
     </constructor-arg>
  </bean>
</jaxws:inInterceptors>

<jaxws:properties>
  <entry key="mtom-enabled" value="true" />
</jaxws:properties>

</jaxws:server>


Client (generic, but you can replace T with the service interface):
  @SuppressWarnings("unchecked")
  public T getClientProxy(Class<T> c) {
    JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();

    // logging
    // factory.getInInterceptors().add(new LoggingInInterceptor());
    // factory.getOutInterceptors().add(new LoggingOutInterceptor());

    Map<String, Object> outProps = new HashMap<String, Object>();
    WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
    factory.getOutInterceptors().add(wssOut);
    outProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN);
    // Specify our username
    outProps.put(WSHandlerConstants.USER,
ServerPasswordCallback.WS_SECURITY_USER);
    // Password type : plain text
    outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
    // for hashed password use:
    // properties.put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_DIGEST);
    outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordHandler.class.getName());

    // invocation
    factory.setServiceClass(c);
    AegisDatabinding dataBinding = new AegisDatabinding();
    dataBinding.setMtomEnabled(MTOM_ENABLED);
    dataBinding.setMtomUseXmime(MTOM_ENABLED);
    factory.setDataBinding(dataBinding);
    factory.setAddress(wsUrl);
    Map<String, Object> properties = factory.getProperties();
    if (properties == null) {
      properties = new HashMap<String, Object>();
      factory.setProperties(properties);
    }
    properties.put("mtom-enabled", MTOM_ENABLED);
    
    return (T) factory.create();    
  }
  
By disabling WSS4J support, everything works fine.
Right now, I think I can do without WSS4J but I'd like to know what goes
wrong.
Marco


dkulp wrote:
> 
> 
> A simple testcase for this would be great if at all possible. 
> 
> I just tested this by adding the string "john&marry" to the testString
> stuff 
> in our type tests and it passed fine.   The full string was properly
> echoed 
> back.    Thus, I'm not sure what would be going on.    A test case would 
> definitely be useful.
> 
> 
> Dan
> 
> 
> 
> On Fri May 1 2009 3:38:44 am marcob wrote:
>> That was my first reaction as well!
>> Yes, I have CXF at both ends. I don't know if it might help, but in the
>> previous post I forgot to say that my WS stack also includes a WS
>> Security
>> Interceptor. When I come back to the office (Monday), I'll test the same
>> code without WS-Security and check whether exists a more updated version
>> of
>> woodstox library.
>> In the meanwhile, any further suggestion is very welcome!
>> Marco
>>
>> bimargulies wrote:
>> > My first reaction is that I don't believe it. It is the woodstox code
>> > that handles all of this, not us. Is the CXF on both ends?
>> >
>> > On Thu, Apr 30, 2009 at 12:21 PM, marcob <m.barbi@satanet.it> wrote:
>> >> Hi,
>> >>
>> >> I've found this unexpected behaviour while using cxf 2.2.x + JaxWS +
>> >> Aegis.
>> >> If I define a method that accepts string parameters, e.g.
>> >>
>> >> public void echo(String text) {
>> >>  System.out.println(text);
>> >> }
>> >>
>> >> and I pass a string containing the ampersand character (&), e.g.
>> >> "john&lucy", the echo method only prints "john". I investigated the
>> >> problem
>> >> with an HTTP Monitor and it seems that at client side the string is
>> >> correctly escaped (the SOAP request contains the "john&amp;amp;lucy"
>> >> text)
>> >> but, at server side, the string is truncated at the & character
>> >> position.
>> >>
>> >> From my point of view, it seems to be a bug.
>> >> Any solution?
>> >> Thanks
>> >> Marco
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23319655.html
>> >> Sent from the cxf-user mailing list archive at Nabble.com.
> 
> -- 
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
> 
> 

-- 
View this message in context: http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23407586.html
Sent from the cxf-user mailing list archive at Nabble.com.