cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject Re: UsernameToken JBoss Integration
Date Thu, 07 Apr 2011 12:01:35 GMT
May be  you need to clean up a local maven repo ?

I'm building the trunk like this regularly...

Cheers, Sergey



On Thu, Apr 7, 2011 at 11:46 AM, David Zhang <zhngdvd@hotmail.com> wrote:

> Yes, i will try to build cxf. But there are still some problems.
> Maybe i have to configure something else. Is there some more
> documentation about the build process?
>
> If i do:
> mvn install -Pfastinstall,jaxws22
> the build fails like this:
>
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Reactor Summary:
> [INFO]
> [INFO] Apache CXF ........................................ SUCCESS [0.110s]
> [INFO] Apache CXF Parent ................................. SUCCESS [0.405s]
> [INFO] Apache CXF Common Utilities ....................... SUCCESS [1.451s]
> [INFO] Apache CXF Common Schemas ......................... SUCCESS [0.125s]
> [INFO] Apache CXF API .................................... SUCCESS [1.841s]
> [INFO] Apache CXF Woodstox/MSV Schema Validation ......... SUCCESS [0.296s]
> [INFO] Apache CXF XML Schema Validation with Xerces ...... SUCCESS [0.187s]
> [INFO] Apache CXF Common ................................. SUCCESS [0.016s]
> [INFO] Apache CXF Runtime Core ........................... SUCCESS [1.092s]
> [INFO] Apache CXF Command Line Tools Common .............. SUCCESS [0.530s]
> [INFO] Apache CXF Command Line Tools Validator ........... SUCCESS [0.328s]
> [INFO] Apache CXF Command Line Tools WSDLTo Core ......... SUCCESS [0.312s]
> [INFO] Apache CXF Command Line Tools WSDLTo JAXWS Frontend  SUCCESS
> [0.593s]
> [INFO] Apache CXF WSDL Validator Maven2 Plugin ........... SUCCESS [1.263s]
> [INFO] Apache CXF Command Line Tools WSDLTo JAXB Databinding  SUCCESS
> [0.297s]
> [INFO] Apache CXF Code Generation Maven2 Plugins ......... SUCCESS [0.717s]
> [INFO] Apache CXF Test Utilities ......................... FAILURE
> [38.454s]
> [INFO] Apache CXF Runtime JAXB DataBinding ............... SKIPPED
> [INFO] Apache CXF Runtime XML Binding .................... SKIPPED
> [INFO] Apache CXF Runtime SOAP Binding ................... SKIPPED
> [INFO] Apache CXF Runtime Local Transport ................ SKIPPED
> [INFO] Apache CXF Runtime Simple Frontend ................ SKIPPED
> [INFO] Apache CXF Runtime Transport Common Used Classes .. SKIPPED
> [INFO] Apache CXF Runtime HTTP Transport ................. SKIPPED
> [INFO] Apache CXF Runtime HTTP Jetty Transport ........... SKIPPED
> [INFO] Apache CXF Runtime WS Addressing .................. SKIPPED
> [INFO] Apache CXF Runtime JAX-WS Frontend ................ SKIPPED
> [INFO] Apache CXF Test Case Support ...................... SKIPPED
> [INFO] Apache CXF Runtime Aegis Databinding .............. SKIPPED
> [INFO] Apache CXF Runtime JavaScript Client Generator .... SKIPPED
> [INFO] Apache CXF Command Line Tools WSDL to JavaScript Front End  SKIPPED
> [INFO] Apache CXF Runtime Management ..................... SKIPPED
> [INFO] Apache CXF Runtime JMS Transport .................. SKIPPED
> [INFO] Apache CXF Runtime XmlBeans DataBinding ........... SKIPPED
> [INFO] Apache CXF Command Line Tools WSDLTo Test ......... SKIPPED
> [INFO] Apache CXF Command Line Tools WSDLTo Misctools .... SKIPPED
> [INFO] Apache CXF Command Line Tools ..................... SKIPPED
> [INFO] Apache CXF Command Line Tools WSDLTo .............. SKIPPED
> [INFO] Apache CXF Command Line Tools JavaTo WS ........... SKIPPED
> [INFO] Apache CXF Command Line Tools JavaTo .............. SKIPPED
> [INFO] Apache CXF Runtime CORBA Binding .................. SKIPPED
> [INFO] Apache CXF Command Line Tools CORBA ............... SKIPPED
> [INFO] Apache CXF Runtime SDO DataBinding ................ SKIPPED
> [INFO] Apache CXF Runtime HTTP Binding ................... SKIPPED
> [INFO] Apache CXF Runtime Object Binding ................. SKIPPED
> [INFO] Apache CXF Runtime Colocated Binding .............. SKIPPED
> [INFO] Apache CXF Runtime JBI Binding .................... SKIPPED
> [INFO] Apache CXF Runtime ................................ SKIPPED
> [INFO] Apache CXF Runtime Bindings ....................... SKIPPED
> [INFO] Apache CXF Runtime JAX-RS Frontend ................ SKIPPED
> [INFO] Apache CXF Runtime JavaScript Frontend ............ SKIPPED
> [INFO] Apache CXF HTTP Transport for OSGi ................ SKIPPED
> [INFO] Apache CXF Runtime JBI Transport .................. SKIPPED
> [INFO] Apache CXF Runtime WS Policy ...................... SKIPPED
> [INFO] Apache CXF Runtime WS Reliable Messaging .......... SKIPPED
> [INFO] Apache CXF Runtime WS Security .................... SKIPPED
> [INFO] Apache CXF Runtime Web Management ................. SKIPPED
> [INFO] Apache CXF JBI Integration ........................ SKIPPED
> [INFO] Apache CXF JCA Connection ......................... SKIPPED
> [INFO] Apache CXF Integration ............................ SKIPPED
> [INFO] Apache CXF Java2WS Maven2 Plugin .................. SKIPPED
> [INFO] Apache CXF CORBA Tools Maven2 Plugins ............. SKIPPED
> [INFO] Apache CXF Archetype - Simple JAX-WS Java First ... SKIPPED
> [INFO] Apache CXF Maven Archetypes ....................... SKIPPED
> [INFO] Apache CXF Maven Plugins .......................... SKIPPED
> [INFO] Apache CXF Container Integration System Tests ..... SKIPPED
> [INFO] Apache CXF Container Integration Test Webapp ...... SKIPPED
> [INFO] Apache CXF Container Integration Test Grizzly ..... SKIPPED
> [INFO] Apache CXF Uncategorized System Tests ............. SKIPPED
> [INFO] Apache CXF Transport System Tests ................. SKIPPED
> [INFO] Apache CXF JAX-WS System Tests .................... SKIPPED
> [INFO] Apache CXF Databinding System Tests ............... SKIPPED
> [INFO] Apache CXF JAX-RS System Tests .................... SKIPPED
> [INFO] Apache CXF WS-* Specifications System Tests ....... SKIPPED
> [INFO] Test for writing wsdl to repo ..................... SKIPPED
> [INFO] Test for generating code from wsdl in repo ........ SKIPPED
> [INFO] Apache CXF System Tests ........................... SKIPPED
> [INFO] Apache CXF System Tests for Maven Plugins ......... SKIPPED
> [INFO]
> ------------------------------------------------------------------------
> [INFO] BUILD FAILURE
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Total time: 49.530s
> [INFO] Finished at: Thu Apr 07 12:42:45 CEST 2011
> [INFO] Final Memory: 40M/159M
> [INFO]
> ------------------------------------------------------------------------
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-compiler-plugin:2.3.2:compile
> (default-compile) on project
> cxf-testutils: Compilation failure: Compilation failure:
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\hello_wor
> ld_soap_http\any\SOAPService.java:[60,8] cannot find symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\hello_wor
> ld_soap_http\any\SOAPService.java:[67,8] cannot find symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\hello_wor
> ld_soap_http\any\SOAPService.java:[74,8] cannot find symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\cxf\anony
> mous_complex_type\AnonymousComplexTypeService.java:[60,8] cannot find
> symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\cxf\anony
> mous_complex_type\AnonymousComplexTypeService.java:[67,8] cannot find
> symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\cxf\anony
> mous_complex_type\AnonymousComplexTypeService.java:[74,8] cannot find
> symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\handlers\
> AddNumbersService.java:[60,8] cannot find symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\handlers\
> AddNumbersService.java:[67,8] cannot find symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR]
> \Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT\testutils\target\generated\src\main\java\org\apache\handlers\
> AddNumbersService.java:[74,8] cannot find symbol
> [ERROR] symbol  : constructor
> Service(java.net.URL,javax.xml.namespace.QName,javax.xml.ws.WebServiceFeature[])
> [ERROR] location: class javax.xml.ws.Service
> [ERROR] -> [Help 1]
> [ERROR]
> [ERROR] To see the full stack trace of the errors, re-run Maven with the -e
> switch.
> [ERROR] Re-run Maven using the -X switch to enable full debug logging.
> [ERROR]
> [ERROR] For more information about the errors and possible solutions,
> please read the following articles:
> [ERROR] [Help 1]
> http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
> [ERROR]
> [ERROR] After correcting the problems, you can resume the build with the
> command
> [ERROR]   mvn <goals> -rf :cxf-testutils
> c:\Users\David\Documents\projects\cxf-2.3.4-SNAPSHOT>
>
>
> -----Ursprüngliche Nachricht----- From: Sergey Beryozkin
> Sent: Thursday, April 07, 2011 11:03 AM
>
> To: users@cxf.apache.org
> Subject: Re: UsernameToken JBoss Integration
>
> Sorry, should be
>
> 'mvn install -Pfastinstall,jaxws22'
>
> Cheers, Sergey
>
> On Thu, Apr 7, 2011 at 10:01 AM, Sergey Beryozkin <sberyozkin@gmail.com
> >wrote:
>
>  Hi
>>
>> On Thu, Apr 7, 2011 at 9:53 AM, David Zhang <zhngdvd@hotmail.com> wrote:
>>
>>  Hello Sergey,
>>>
>>> i did my best to try that, but i ran into problems.
>>>
>>> First one is i cannot build the project.
>>> This documentation is not sufficient for me:
>>> http://cxf.apache.org/building.html
>>> Is there more extensive documentation somewhere?
>>>
>>> However, i downloaded the individual artifacts from Jenkins and patched
>>> my
>>> JBoss installation with them.
>>>
>>> To test the new snapshot release i changed my project to depend on the
>>> 2.3.4-SNAPSHOT version from the apache snapshots repository and rebuilt
>>> it.
>>>
>>> The second problem is the 2.3.4-SNAPSHOT is not compatible anymore with
>>> JBoss 6.0.0.Final. Cause of this is a package name changed from
>>> org.apache.cxf.jaxws22 to org.apache.cxf.jaxws.
>>> But JBoss has a class
>>> org.jboss.wsf.stack.cxf.deployment.EndpointImpl extends
>>> org.apache.cxf.jaxws22.EndpointImpl
>>>
>>> The result is i cannot deploy my project anymore. :-(
>>>
>>>
>>>  Just checkout CXF 2.3.4 using svn or git, and then do
>>
>> 'mvn install -Pfastinstall,jaxws'
>>
>> that should fix it
>>
>> Give it a try please
>>
>> Cheers, Sergey
>>
>>
>>
>>> -----Ursprüngliche Nachricht----- From: Sergey Beryozkin
>>> Sent: Wednesday, April 06, 2011 6:39 PM
>>> To: users@cxf.apache.org
>>> Subject: Re: UsernameToken JBoss Integration
>>>
>>> Hi David
>>>
>>> I did a minor update to WSS4JInInterceptor to ensure that the 'best'
>>> principal is wrapped as a SecurityContext principal, when possible. This
>>> update does not change the fact all Principals are still available on the
>>> message for subsequent interceptors to check, it simply attempts not to
>>> set
>>> a Principal representing the encryption key which was used to encrypt UT
>>> as
>>> the 'main' Principal.
>>>
>>> Hope Colm and others will be ok with this update.
>>>
>>> Can you please checkout 2.3.4-SNAPSHOT and verify it fixes the problem ?
>>>
>>> Thanks, Sergey
>>>
>>> On Tue, Apr 5, 2011 at 12:01 PM, David Zhang <zhngdvd@hotmail.com>
>>> wrote:
>>>
>>>  Hello Sergey,
>>>
>>>>
>>>> i think i found the cause of the problem. JBoss 6.0.0.Final comes with
>>>> CXF
>>>> 2.3.1. However, i checked out the 2.3.3 tag and did a little bug fix.
>>>>
>>>> What do you think of it? Please tell me, if you will make a fix for
>>>> 2.3.x,
>>>> then i would like to download the update.
>>>>
>>>> Please look at
>>>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.doResults()
>>>>
>>>> At the end of the method is a for-loop over the wssEngineResults. If
>>>> withCallbacks is false then the UsernameToken should be put in the
>>>> message.
>>>> The Problem is, the first Principal found is not the
>>>> UsernameTokenPrincipal
>>>> but the DerivedKeyPrincipal. This triggers creation of a security
>>>> context
>>>> and breakes the for-loop. The second wssEngineResult would have been the
>>>> UsernameTokenPrincipal.
>>>>
>>>> I believe this is the reason why i receive the error message:
>>>> Security Token is not available on the current message
>>>>
>>>> Here is the patch i use. It seems to work for me.
>>>>
>>>> David
>>>>
>>>> protected void doResults(SoapMessage msg, String actor, SOAPMessage doc,
>>>> Vector wsResult,
>>>>      boolean utWithCallbacks) throws SOAPException, XMLStreamException,
>>>> WSSecurityException {
>>>>      /*
>>>>       * All ok up to this point. Now construct and setup the security
>>>> result
>>>>       * structure. The service may fetch this and check it.
>>>>       */
>>>>      List<Object> results =
>>>> CastUtils.cast((List)msg.get(WSHandlerConstants.RECV_RESULTS));
>>>>      if (results == null) {
>>>>          results = new Vector<Object>();
>>>>          msg.put(WSHandlerConstants.RECV_RESULTS, results);
>>>>      }
>>>>      WSHandlerResult rResult = new WSHandlerResult(actor, wsResult);
>>>>      results.add(0, rResult);
>>>>
>>>>      SOAPBody body = doc.getSOAPBody();
>>>>
>>>>      XMLStreamReader reader = StaxUtils.createXMLStreamReader(new
>>>> DOMSource(body));
>>>>      // advance just past body
>>>>      int evt = reader.next();
>>>>      int i = 0;
>>>>      while (reader.hasNext() && i < 1
>>>>             && (evt != XMLStreamConstants.END_ELEMENT || evt !=
>>>> XMLStreamConstants.START_ELEMENT)) {
>>>>          reader.next();
>>>>          i++;
>>>>      }
>>>>      msg.setContent(XMLStreamReader.class, reader);
>>>>      String pwType = (String)getProperty(msg, "passwordType");
>>>>      if ("PasswordDigest".equals(pwType)) {
>>>>          //CXF-2150 - we need to check the UsernameTokens
>>>>          for (WSSecurityEngineResult o : CastUtils.cast(wsResult,
>>>> WSSecurityEngineResult.class)) {
>>>>              Integer actInt =
>>>> (Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
>>>>              if (actInt == WSConstants.UT) {
>>>>                  WSUsernameTokenPrincipal princ
>>>>                      =
>>>> (WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
>>>>                  if (!princ.isPasswordDigest()) {
>>>>                      LOG.warning("Non-digest UsernameToken found, but
>>>> digest required");
>>>>                      throw new
>>>> WSSecurityException(WSSecurityException.INVALID_SECURITY);
>>>>                  }
>>>>              }
>>>>          }
>>>>      }
>>>>
>>>>      if (!utWithCallbacks) {
>>>>          for (WSSecurityEngineResult o : CastUtils.cast(wsResult,
>>>> WSSecurityEngineResult.class)) {
>>>>              final Principal p =
>>>> (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
>>>>              if (p instanceof WSUsernameTokenPrincipal) {
>>>>                  msg.put(PRINCIPAL_RESULT, p);
>>>>                  WSS4JTokenConverter.convertToken(msg, p);
>>>>                  SecurityContext sc = msg.get(SecurityContext.class);
>>>>                  if (sc == null || sc.getUserPrincipal() == null) {
>>>>                      msg.put(SecurityContext.class,
>>>> createSecurityContext(p));
>>>>                  }
>>>>                  break;
>>>>              }
>>>>          }
>>>>      } else {
>>>>          for (WSSecurityEngineResult o : CastUtils.cast(wsResult,
>>>> WSSecurityEngineResult.class)) {
>>>>              final Principal p =
>>>> (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
>>>>              if (p != null) {
>>>>                  msg.put(PRINCIPAL_RESULT, p);
>>>>                  if (!utWithCallbacks) {
>>>>                      WSS4JTokenConverter.convertToken(msg, p);
>>>>                  }
>>>>                  SecurityContext sc = msg.get(SecurityContext.class);
>>>>                  if (sc == null || sc.getUserPrincipal() == null) {
>>>>                      msg.put(SecurityContext.class,
>>>> createSecurityContext(p));
>>>>                      break;
>>>>                   }
>>>>              }
>>>>          }
>>>>      }
>>>>  }
>>>>
>>>> -----Ursprüngliche Nachricht-----
>>>> From: Sergey Beryozkin
>>>> Sent: Monday, April 04, 2011 1:50 PM
>>>> To: users@cxf.apache.org
>>>> Cc: David Zhang
>>>> Subject: Re: UsernameToken JBoss Integration
>>>>
>>>> Sorry, that one is indeed needed for the encryption itself to succeed.
>>>> Can you try, for the sake of the test, send unencrypted UTs ?
>>>>
>>>> I don't recall if I had the test for the case when the body was also
>>>> encrypted, would have to check.
>>>> In meantime, you may want to try the following:
>>>>
>>>> - if UT passwords are not encrypted then simply register a CXF
>>>> interceptor,
>>>> after WSS4JInInterceptor, extract a WSS4J token and use it to create the
>>>> Subject and then replace the existing SecurityContext on the message
>>>> with
>>>> the new one - if you decide to follow this route then I can provide more
>>>> info on how existing CXF SecurityContext impls can be reused
>>>> - if it is not a WSDL-first case then  register an
>>>> AbstractUsernameTokenAuthenticatingInterceptor implementation instead of
>>>> WSS4InInterceptor but configure it as usual, just do not provide a UT
>>>> callback
>>>>
>>>> Let us know how it goes
>>>>
>>>> Sergey
>>>>
>>>> On Mon, Apr 4, 2011 at 12:33 PM, David Zhang <zhngdvd@hotmail.com>
>>>> wrote:
>>>>
>>>> > Hello,
>>>> >
>>>> > i still cannot get the AuthenticationInterceptor to work.
>>>> >
>>>> > The password callback is needed to retrieve the password for the
>>>> private
>>>> > key. Otherwise the server cannot decrypt the SOAP Request.
>>>> >
>>>> > However, when the AuthenticationInterceptor is called in the >
>>>> pre-invoke
>>>> > Phase, the security token is null.
>>>> > see AbstractSecurityContextInInterceptor.handleMessage()
>>>> >
>>>> > Any ideas?
>>>> >
>>>> > David
>>>> >
>>>> > From: zhngdvd@hotmail.com
>>>> > Sent: Friday, April 01, 2011 7:38 AM
>>>> > To: users@cxf.apache.org
>>>> > Subject: Re: UsernameToken JBoss Integration
>>>> >
>>>> > Hello Sergey,
>>>> >
>>>> > if i remove the password callback, i get another error message:
>>>> > General security error (WSSecurityEngine: Callback supplied no >
>>>> password
>>>> > for: myAlias)
>>>> >
>>>> > The keystore.properties file contains only the password for the >
>>>> keystore,
>>>> > not for the private key inside the keystore. Also i can not find a way
>>>> > to
>>>> > create a private key without password by the java keytool.
>>>> >
>>>> > Is there another way to provide the password besides the password
>>>> callback?
>>>> > Is there maybe a property in the keystore.properties file? I cannot
>>>> find
>>>> a
>>>> > suitable property in this list:
>>>> > http://cxf.apache.org/docs/ws-securitypolicy.html
>>>> >
>>>> > This is the content of the keystore.properties. The ${}-parts are
>>>> replaced
>>>> > by maven with actual values:
>>>> >
>>>> >
>>>> >
>>>> >
>>>>
>>>>
>>>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>>>> > org.apache.ws.security.crypto.merlin.keystore.type=jks
>>>> >
>>>>
>>>>
>>>> org.apache.ws.security.crypto.merlin.keystore.password=${keystore.password}
>>>> >
>>>> org.apache.ws.security.crypto.merlin.keystore.alias=${certificate.alias}
>>>> > org.apache.ws.security.crypto.merlin.file=${keystore.path}
>>>> >
>>>> >
>>>> >
>>>> > Thank you
>>>> > David
>>>> >
>>>> > -----Ursprüngliche Nachricht-----
>>>> > From: Sergey Beryozkin
>>>> > Sent: Thursday, March 31, 2011 10:21 PM
>>>> > To: users@cxf.apache.org
>>>> > Subject: Re: UsernameToken JBoss Integration
>>>> >
>>>> > Hi -
>>>> >
>>>> > You don't need a password callback in this case.
>>>> >
>>>> > Cheers, Sergey
>>>> >
>>>> > On Thu, Mar 31, 2011 at 7:42 PM, David Zhang <zhngdvd@hotmail.com>
>>>> wrote:
>>>> >
>>>> > > Hi Sergey,
>>>> > >
>>>> > > thank you very much for taking the time to help me.
>>>> > > I have set the property you mentioned. Look, this is my
>>>> configuration:
>>>> > >
>>>> > >
>>>> > > <jaxws:endpoint id="SecureServiceBean"
>>>> > >
>>>> > > address="/example-ejb/SecureService"
>>>> > >
>>>> > > implementor="com.example.SecureServiceBean">
>>>> > >
>>>> > > <jaxws:invoker>
>>>> > >
>>>> > > <bean class="org.jboss.wsf.stack.cxf.InvokerEJB3" />
>>>> > >
>>>> > > </jaxws:invoker>
>>>> > >
>>>> > > <jaxws:inInterceptors>
>>>> > >
>>>> > >
>>>> > > <bean class="com.example.AuthenticationInterceptor1"/>
>>>> > >
>>>> > > </jaxws:inInterceptors>
>>>> > >
>>>> > > <jaxws:properties>
>>>> > >
>>>> > > <entry key="ws-security.ut.no-callbacks" value="true" />
>>>> > >
>>>> > > <!--<entry key="ws-security.validate.token" value="false"
/>-->
>>>> > >
>>>> > > <entry key="ws-security.signature.properties"
>>>> value="keystore.properties"
>>>> > > />
>>>> > >
>>>> > > <entry key="ws-security.encryption.properties"
>>>> > value="keystore.properties"
>>>> > > />
>>>> > >
>>>> > > <entry key="ws-security.callback-handler"
>>>> > > value="com.example.PasswordCallback" />
>>>> > >
>>>> > > </jaxws:properties>
>>>> > >
>>>> > > </jaxws:endpoint>
>>>> > >
>>>> > > Where com.example.AuthenticationInterceptor1 extends
>>>> > > AbstractUsernameTokenInInterceptor.
>>>> > > This results in:
>>>> > > 12:01:12,770 ERROR
>>>> > >
>>>> >
>>>>
>>>>
>>>> [org.apache.cxf.interceptor.security.AbstractSecurityContextInInterceptor]
>>>> > > Security Token is not available on the current message
>>>> > >
>>>> > > Thanks
>>>> > > David
>>>> > >
>>>> > >
>>>> > > -----Ursprüngliche Nachricht-----
>>>> > > From: Sergey Beryozkin
>>>> > > Sent: Thursday, March 31, 2011 11:06 AM
>>>> > > To: users@cxf.apache.org
>>>> > > Subject: Re: UsernameToken JBoss Integration
>>>> > >
>>>> > > Hi
>>>> > >
>>>> > > Please check this section:
>>>> > >
>>>> > >
>>>> > >
>>>> >
>>>>
>>>>
>>>> http://cxf.apache.org/docs/security.html#Security-WSSecurityUsernameTokenandCustomAuthentication
>>>> > >
>>>> > > In 2.3.x you have to set a "ws-security.ut.no-callbacks" property
>
>>>> > and
>>>> > this
>>>> > > will ensure AbstractUserNameTokenInterceptor can be used.
>>>> > >
>>>> > > Setting this property results in WSS4JInInterceptor duplicating
> >
>>>> WSS4J
>>>> > > specific UT into CXF specific UsernameToken which is what
>>>> > > AbstractUserNameTokenInterceptor is checking.
>>>> > >
>>>> > > Cheers, Sergey
>>>> > >
>>>> > > On Thu, Mar 31, 2011 at 8:42 AM, David Zhang <zhngdvd@hotmail.com>
>>>> > wrote:
>>>> > >
>>>> > > >
>>>> > > > Hello,
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > i have a web service with symmetric binding and self-signed
server
>>>> > > > certificate.
>>>> > > >
>>>> > > > I implemented a password callbackhandler for the password
to the
>>>> > private
>>>> > > > key of the server.
>>>> > > >
>>>> > > > Now i want to add authentication with username token. So i
added a
>>>> > > > supporting token to the ws security policy.
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > To this point everything works fine. The server gets an encrypted
>>>> > request
>>>> > > > with a username token.
>>>> > > >
>>>> > > > My concern is that i do not want to do the authentication
in my
>>>> > > > application. I want to integrate the username token with JBoss
>>>> > Security.
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > So i followed these instructions:
>>>> > > >
>>>> > >
>>>> >
>>>>
>>>>
>>>> http://community.jboss.org/wiki/JBossWS-StackCXFUserGuide#Authentication_and_authorization
>>>> > > >
>>>> > > > However, it did not work. I used a debugger to check and i
saw the
>>>> > > > authentication interceptor was created when my app was deployed
>
>>>> > > but
>>>> it
>>>> > > was
>>>> > > > never called on a client request.
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > Later i found this:
>>>> > > >
>>>> > >
>>>> >
>>>>
>>>>
>>>> http://svn.apache.org/repos/asf/cxf/tags/cxf-2.3.3/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleSubjectCreatingInterceptor.java
>>>> > > >
>>>> > > > I implemented an interceptor following that example. I put
a
>>>> breakpoint
>>>> > > on
>>>> > > > the createSubject method. It was never called.
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > Then i followed this example:
>>>> > > >
>>>> > >
>>>> >
>>>>
>>>>
>>>> http://svn.apache.org/repos/asf/cxf/tags/cxf-2.3.3/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/SimpleUsernameTokenInterceptor.java
>>>> > > >
>>>> > > > At least i know this interceptor was called. But it produced
an >
>>>> > > >  >
>>>> > error
>>>> > > > before the createSubject method was called. The error says:
>>>> Security
>>>> > > Token
>>>> > > > is not available on the current message
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > But this can not be true. Because then i removed the interceptor
>>>> > removed
>>>> > > > the property ws-security.ut.no-callbacks and on the next request
>
>>>> > > my
>>>> > > password
>>>> > > > callbackhandler was called with the username i set on the
client.
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > Please, can anybody explain me what i am doing wrong?
>>>> > > >
>>>> > > >
>>>> > > >
>>>> > > > Thanks
>>>> > > >
>>>> > > > David
>>>>
>>>>
>>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message