cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Beyer, Doug" <doug.be...@troppussoftware.com>
Subject Configuration for https
Date Thu, 13 Oct 2011 14:34:31 GMT
I'm trying to connect to our own .Net web services using java. I need to use HTTPS. http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html
is a bit confusing as the configuration examples shown don't seem to align correctly with
the data in the CXF 2.4.2 samples\wsdl_first_https\wsdl\hello_world.wsdl file.

I am not an expert in Spring or CXF and am just trying to get my java web service client configured
as quickly as possible.

Below is a snippet containing the pertinent (I hope) sections from our wsdl:

<wsdl:definitions name="ClientService" targetNamespace="http://www.troppussoftware.com/service/2010/12/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:tns="http://www.troppussoftware.com/service/2010/12/"
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">
   <wsp:Policy wsu:Id="CustomBinding_IClientService_policy">
      <wsp:ExactlyOne>
         <wsp:All>
            <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
               <wsp:Policy>
                  <sp:TransportToken>
                     <wsp:Policy>
                        <sp:HttpToken/>
                     </wsp:Policy>
                  </sp:TransportToken>
                  <sp:AlgorithmSuite>
                     <wsp:Policy>
                        <sp:Basic256/>
                     </wsp:Policy>
                  </sp:AlgorithmSuite>
                  <sp:Layout>
                     <wsp:Policy>
                        <sp:Strict/>
                     </wsp:Policy>
                  </sp:Layout>
              </wsp:Policy>
            </sp:TransportBinding>
            <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
               <wsp:Policy>
                  <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                     <wsp:Policy>
                        <sp:WssUsernameToken10/>
                     </wsp:Policy>
                  </sp:UsernameToken>
               </wsp:Policy>
            </sp:SignedSupportingTokens>
            <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
               <wsp:Policy/>
            </sp:Wss11>
            <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
               <wsp:Policy>
                  <sp:MustSupportIssuedTokens/>
                  <sp:RequireClientEntropy/>
                  <sp:RequireServerEntropy/>
               </wsp:Policy>
            </sp:Trust10>
            <wsaw:UsingAddressing/>
         </wsp:All>
      </wsp:ExactlyOne>
   </wsp:Policy>

...

   <wsdl:service name="ClientService">
      <wsdl:port name="CustomBinding_IClientService" binding="tns:CustomBinding_IClientService">
         <soap12:address location="http://dev.socsuite.com/Services/ClientService.svc/ClientService"/>
         <wsa10:EndpointReference>
            <wsa10:Address>http://dev.socsuite.com/Services/ClientService.svc/ClientService</wsa10:Address>
            <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
               <Dns>localhost</Dns>
            </Identity>
         </wsa10:EndpointReference>
      </wsdl:port>
   </wsdl:service>
</wsdl:definitions>


>From http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html , I decided
to use the following shorthand since all our clients will need the same https conduit for
all our services:
Another option for the name attribute is a reg-ex expression for the ORIGINAL URL of the endpoint.
The configuration is matched at conduit creation so the address used in the WSDL or used for
the JAX-WS Service.create(...) call can be used for the name. For example, you can do:
   <http:conduit name="http://localhost:8080/.*">
       ......
   </http:conduit>
to configure a conduit for all interactions on localhost:8080. If you have multiple clients
interacting with different services on the same server, this is probably the easiest way to
configure it.
That same CXF web page references a blog entry at http://techpolesen.blogspot.com/2007/08/using-ssl-with-xfirecxf-battling.html
. Using the info from that blog entry, the CXF web page, and my wsdl, I decided to use the
following conduit configuration in my cxf.xml:

    <http:conduit name="http://dev.socsuite.com/Services/.*">

        <http:authorization>

            <sec:UserName><the user name></sec:UserName>

            <sec:Password><the password></sec:Password>

        </http:authorization>

        <http:tlsClientParameters secureSocketProtocol="SSL"></http:tlsClientParameters>

    </http:conduit>
When I attempt to execute a method of our web service, I get the following from the CXF debug
logging (with log level = INFO):
Oct 13, 2011 7:28:46 AM org.springframework.context.support.AbstractApplicationContext prepareRefresh
INFO: Refreshing org.apache.cxf.bus.spring.BusApplicationContext@11a01dd: startup date [Thu
Oct 13 07:28:46 PDT 2011]; root of context hierarchy
Oct 13, 2011 7:28:46 AM org.apache.cxf.bus.spring.BusApplicationContext getConfigResources
INFO: Loaded configuration file cxf.xml.
Oct 13, 2011 7:28:46 AM org.springframework.beans.factory.xml.XmlBeanDefinitionReader loadBeanDefinitions
INFO: Loading XML bean definitions from file [D:\Dev\phoenix_git\protocolprototype2\CxfWebServices\cxf.xml]
Oct 13, 2011 7:28:47 AM org.springframework.beans.factory.support.DefaultListableBeanFactory
preInstantiateSingletons
INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@1abcd9b:
defining beans [cxf,org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanPostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.cxf.wstx_msv_validation.WoodstoxValidationImpl,LoggingInInterceptor,LoggingOutInterceptor,cxf.config0,http://dev.socsuite.com/Services/.*];
root of factory hierarchy
Oct 13, 2011 7:28:47 AM org.apache.cxf.service.factory.ReflectionServiceFactoryBean buildServiceFromWSDL
INFO: Creating Service {http://www.troppussoftware.com/service/2010/12/}ClientService from
WSDL: file:wsdl/ClientService.svc.wsdl
Oct 13, 2011 7:28:48 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}HttpToken
registered.
Oct 13, 2011 7:28:48 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
getElementPolicy
WARNING: Failed to build the policy 'CustomBinding_IClientService_policy':org.apache.neethi.builders.PrimitiveAssertion
cannot be cast to org.apache.cxf.ws.security.policy.model.Token
ERROR - login_1() - javax.xml.ws.soap.SOAPFaultException: org.apache.neethi.builders.PrimitiveAssertion
cannot be cast to org.apache.cxf.ws.security.policy.model.Token
Is the problem simple like mis-matched jars or does it have to do with my configuration?
Thanks in advance for your help.



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message