cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Issue with CXF-2.5.2 regarding UsernameToken
Date Fri, 03 Feb 2012 17:17:21 GMT
Hi Francois,

In the code you have that works, you are (correctly) setting the
username via the tag "ws-security.username". This is defined in the
following documentation "Configuring the extra properties":

http://cxf.apache.org/docs/ws-securitypolicy.html

However in the code that does not work, you are setting the username
via the tag WSHandlerConstants.USER. This is a configuration tag used
by WSS4J and it works with CXF for the non-WS-SecurityPolicy use-case.
As you are using WS-SecurityPolicy (TransportBindingHandler), it does
not work.

Colm.

On Fri, Feb 3, 2012 at 5:10 PM, COURTAULT Francois
<Francois.COURTAULT@gemalto.com> wrote:
> Hello everybody,
>
> For UsernameToken, in my client code I have used the following code which is:
>                  Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
>                  ctx.put("ws-security.username", "myusername");
>                  ctx.put("ws-security.password", "mypassword");
> It works :)
>
> But if I replace this one with:
>            Map<String, Object> outProps = new HashMap<String, Object>();
>            outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
>            outProps.put(WSHandlerConstants.USER, "myusername");
>            outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
>            outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCB.class.getName());
>
>            WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
>
>            Client client = org.apache.cxf.frontend.ClientProxy.getClient(port);
>            Endpoint cxfEndpoint = client.getEndpoint();
>
>            cxfEndpoint.getOutInterceptors().add(wssOut);
>
> with
> public class ClientPasswordCB implements CallbackHandler {
>
>      @Override
>      public void handle(Callback[] callbacks) throws IOException,
>                  UnsupportedCallbackException {
>            // TODO Auto-generated method stub
>            WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
>            if ("myusername".equals(pc.getIdentifier())) {
>                  pc.setPassword("mypassword");
>            }
>      }
>
> }
>
> I got the following error:
> févr. 2012 18:04:50 org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
> ATTENTION: Interceptor for {http://gemalto/test/ws/}SimpleWSEJBService#{http://gemalto/test/ws/}helloWorld
has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: No username available
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:151)
>      at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:158)
>      at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:88)
>      at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
>      at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>      at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
>      at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
>      at $Proxy27.helloWorld(Unknown Source)
>      at com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimpleWSCXFClientHttpsUsername.java:85)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No username available
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:301)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.addUsernameToken(AbstractBindingBuilder.java:804)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:475)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:462)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:144)
>      ... 11 more
> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: No username available
>      at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156)
>      at $Proxy27.helloWorld(Unknown Source)
>      at com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimpleWSCXFClientHttpsUsername.java:85)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No username available
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:301)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.addUsernameToken(AbstractBindingBuilder.java:804)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:475)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.handleSupportingTokens(AbstractBindingBuilder.java:462)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200)
>      at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:144)
>      at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:158)
>      at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:88)
>      at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
>      at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>      at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
>      at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
>      ... 2 more
>
> Any idea ? What's wrong with this code ?
>
> Best Regards.



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message