cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Mazza <gma...@talend.com>
Subject Re: Configuration for https
Date Thu, 13 Oct 2011 15:04:23 GMT
Might this help you:  
http://www.jroller.com/gmazza/entry/ssl_for_web_services ?  It may be 
easier to just hardcode the use of SSL rather than rely on WS-Policy 
statements implementing it.

Glen

On 10/13/2011 10:34 AM, Beyer, Doug wrote:
> I'm trying to connect to our own .Net web services using java. I need to use HTTPS. http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
is a bit confusing as the configuration examples shown don't seem to align correctly with
the data in the CXF 2.4.2 samples\wsdl_first_https\wsdl\hello_world.wsdl file.
>
> I am not an expert in Spring or CXF and am just trying to get my java web service client
configured as quickly as possible.
>
> Below is a snippet containing the pertinent (I hope) sections from our wsdl:
>
> <wsdl:definitions name="ClientService" targetNamespace="http://www.troppussoftware.com/service/2010/12/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:tns="http://www.troppussoftware.com/service/2010/12/"
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">
>     <wsp:Policy wsu:Id="CustomBinding_IClientService_policy">
>        <wsp:ExactlyOne>
>           <wsp:All>
>              <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                 <wsp:Policy>
>                    <sp:TransportToken>
>                       <wsp:Policy>
>                          <sp:HttpToken/>
>                       </wsp:Policy>
>                    </sp:TransportToken>
>                    <sp:AlgorithmSuite>
>                       <wsp:Policy>
>                          <sp:Basic256/>
>                       </wsp:Policy>
>                    </sp:AlgorithmSuite>
>                    <sp:Layout>
>                       <wsp:Policy>
>                          <sp:Strict/>
>                       </wsp:Policy>
>                    </sp:Layout>
>                </wsp:Policy>
>              </sp:TransportBinding>
>              <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                 <wsp:Policy>
>                    <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
>                       <wsp:Policy>
>                          <sp:WssUsernameToken10/>
>                       </wsp:Policy>
>                    </sp:UsernameToken>
>                 </wsp:Policy>
>              </sp:SignedSupportingTokens>
>              <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                 <wsp:Policy/>
>              </sp:Wss11>
>              <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                 <wsp:Policy>
>                    <sp:MustSupportIssuedTokens/>
>                    <sp:RequireClientEntropy/>
>                    <sp:RequireServerEntropy/>
>                 </wsp:Policy>
>              </sp:Trust10>
>              <wsaw:UsingAddressing/>
>           </wsp:All>
>        </wsp:ExactlyOne>
>     </wsp:Policy>
>
> ...
>
>     <wsdl:service name="ClientService">
>        <wsdl:port name="CustomBinding_IClientService" binding="tns:CustomBinding_IClientService">
>           <soap12:address location="http://dev.socsuite.com/Services/ClientService.svc/ClientService"/>
>           <wsa10:EndpointReference>
>              <wsa10:Address>http://dev.socsuite.com/Services/ClientService.svc/ClientService</wsa10:Address>
>              <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
>                 <Dns>localhost</Dns>
>              </Identity>
>           </wsa10:EndpointReference>
>        </wsdl:port>
>     </wsdl:service>
> </wsdl:definitions>
>
>
>  From http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html , I
decided to use the following shorthand since all our clients will need the same https conduit
for all our services:
> Another option for the name attribute is a reg-ex expression for the ORIGINAL URL of
the endpoint. The configuration is matched at conduit creation so the address used in the
WSDL or used for the JAX-WS Service.create(...) call can be used for the name. For example,
you can do:
>     <http:conduit name="http://localhost:8080/.*">
>         ......
>     </http:conduit>
> to configure a conduit for all interactions on localhost:8080. If you have multiple clients
interacting with different services on the same server, this is probably the easiest way to
configure it.
> That same CXF web page references a blog entry at http://techpolesen.blogspot.com/2007/08/using-ssl-with-xfirecxf-battling.html
. Using the info from that blog entry, the CXF web page, and my wsdl, I decided to use the
following conduit configuration in my cxf.xml:
>
>      <http:conduit name="http://dev.socsuite.com/Services/.*">
>
>          <http:authorization>
>
>              <sec:UserName><the user name></sec:UserName>
>
>              <sec:Password><the password></sec:Password>
>
>          </http:authorization>
>
>          <http:tlsClientParameters secureSocketProtocol="SSL"></http:tlsClientParameters>
>
>      </http:conduit>
> When I attempt to execute a method of our web service, I get the following from the CXF
debug logging (with log level = INFO):
> Oct 13, 2011 7:28:46 AM org.springframework.context.support.AbstractApplicationContext
prepareRefresh
> INFO: Refreshing org.apache.cxf.bus.spring.BusApplicationContext@11a01dd: startup date
[Thu Oct 13 07:28:46 PDT 2011]; root of context hierarchy
> Oct 13, 2011 7:28:46 AM org.apache.cxf.bus.spring.BusApplicationContext getConfigResources
> INFO: Loaded configuration file cxf.xml.
> Oct 13, 2011 7:28:46 AM org.springframework.beans.factory.xml.XmlBeanDefinitionReader
loadBeanDefinitions
> INFO: Loading XML bean definitions from file [D:\Dev\phoenix_git\protocolprototype2\CxfWebServices\cxf.xml]
> Oct 13, 2011 7:28:47 AM org.springframework.beans.factory.support.DefaultListableBeanFactory
preInstantiateSingletons
> INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@1abcd9b:
defining beans [cxf,org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanPostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.cxf.wstx_msv_validation.WoodstoxValidationImpl,LoggingInInterceptor,LoggingOutInterceptor,cxf.config0,http://dev.socsuite.com/Services/.*];
root of factory hierarchy
> Oct 13, 2011 7:28:47 AM org.apache.cxf.service.factory.ReflectionServiceFactoryBean buildServiceFromWSDL
> INFO: Creating Service {http://www.troppussoftware.com/service/2010/12/}ClientService
from WSDL: file:wsdl/ClientService.svc.wsdl
> Oct 13, 2011 7:28:48 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
> WARNING: No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}HttpToken
registered.
> Oct 13, 2011 7:28:48 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
getElementPolicy
> WARNING: Failed to build the policy 'CustomBinding_IClientService_policy':org.apache.neethi.builders.PrimitiveAssertion
cannot be cast to org.apache.cxf.ws.security.policy.model.Token
> ERROR - login_1() - javax.xml.ws.soap.SOAPFaultException: org.apache.neethi.builders.PrimitiveAssertion
cannot be cast to org.apache.cxf.ws.security.policy.model.Token
> Is the problem simple like mis-matched jars or does it have to do with my configuration?
> Thanks in advance for your help.
>
>
>


-- 
Glen Mazza
Talend - http://www.talend.com/apache
Blog - http://www.jroller.com/gmazza
Twitter - glenmazza



Mime
View raw message