cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "bharath thippireddy" <bharath.thippire...@oracle.com>
Subject Few Open issues using UserName Token Profile
Date Tue, 16 Jun 2009 18:45:05 GMT
1)How do we configure the interceptors at a bus level in cxf-servlet.xml along with the endpoint
declarations.

2)Once the ws-security(user name token profile/encryption) is enabled on each endpoint using
the declarative method in cxf-servlet.xml we see the following exception if the client sends
a request without user token soap header.Since we will be having other methods to authenticate
how can we make these headers optional. Is commenting the ws-security interceptor declaration
in the cxf-servlet.xml the only way?

Jun 16, 2009 1:43:28 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage
WARNING: Request does not contain required Security header
Jun 16, 2009 1:43:28 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage
WARNING:
org.apache.ws.security.WSSecurityException: An error was discovered processing the <wsse:Security>
header
        at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:200)
        at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:77)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
        at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:89)
        at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:99)
        at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:337)
        at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:182)
        at org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:163)
        at org.apache.cxf.transport.servlet.AbstractCXFServlet.doPost(AbstractCXFServlet.java:141)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)

3)Does cxf support having custom tokens under the username token header ?.I do see the methods
available on the client and server callback classes but I do not see the custom element getting
added to the UT header.

        Document doc = docBuilder.newDocument();
        Element customToken=doc.createElement("customToken");
        dbId.setTextContent("1");
		pc.setCustomToken(customToken);



thanks and regards,
Bharath


Mime
View raw message