cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nidhi Sharma <jobs.ni...@gmail.com>
Subject UsernameToken Credentials not coming to Server side Wss4jInInterceptor
Date Thu, 25 Apr 2013 19:23:30 GMT
Hi,

I am trying to apply UsernameToken Security to my cxf webservice using
WSS4jInIterceptor.Here is my endpoint declaration:
<jaxws:endpoint id="ibis-webservice"
mplementor="org.ets.skm.oasys.webservice.event.EventNotificationBean"
                                               
address="/eventNotification">
                        <jaxws:inInterceptors>                       
                                <bean id="saajIn"
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
                        <bean id="wss4jIn"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
                                        <constructor-arg>
                                                <map>
                                                        <entry key="action"
value="UsernameToken"/>
                                                        <entry
key="passwordType" value="PasswordText"/>
                                                        <entry
key="passwordCallbackRef">
                                                                <ref
bean="myPasswordCallback" />
                                                        </entry>
                                                </map>
                                        </constructor-arg>
                                </bean>
<bean id="saajOut"
class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
                        </jaxws:inInterceptors>
                        <jaxws:properties>
                                <entry key="ws-security.enable.nonce.cache"
value="false" />
                                <entry
key="ws-security.enable.timestamp.cache" value="false" />
                               <entry key="ws-security.is-bsp-compliant"
value="false"/>
                        </jaxws:properties> 
                </jaxws:endpoint>

I am invoking this webservice fron java client:
        EventNotificationService ss = new EventNotificationService(wsdlURL,
SERVICE_NAME);
                HeaderHandlerResolver handlerResolver = new
HeaderHandlerResolver();
               
ss.setHandlerResolver(handlerResolver);ss.setHandlerResolver(handlerResolver);
      EventNotificationEndPoint port =
ss.getEventNotificationEndPointPort();  
               
                final Client proxy = ClientProxy.getClient(port);
                        final HTTPConduit conduit = (HTTPConduit)
proxy.getConduit();
                        HTTPClientPolicy httpClientPolicy = new
HTTPClientPolicy();
                        httpClientPolicy.setConnectionTimeout(1800000);
                        httpClientPolicy.setReceiveTimeout(1800000);
                        TLSClientParameters param = new
TLSClientParameters();
                        param.setDisableCNCheck(true);
                        conduit.setTlsClientParameters(param);
                        conduit.setClient(httpClientPolicy);
        org.ets.skm.oasys.webservice.event.Status _sendNotification__return
= port.sendNotification(info);

Using handlerResolver to create my SOAP message:
private static final String AUTH_NS =
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

                private static final String AUTH_PREFIX="wsse";

SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope();
                SOAPHeader header = envelope.getHeader();
QName security = new QName(AUTH_NS, "Security", AUTH_PREFIX);
                        SOAPHeaderElement securitynHeader =
header.addHeaderElement(security);
                        securitynHeader.setMustUnderstand(true);
                                SOAPFactory soapFactory =
SOAPFactory.newInstance();
SOAPElement userNameTokenElm = soapFactory.createElement("UsernameToken",
                                                AUTH_PREFIX,
                                                AUTH_NS);
                                SOAPElement userNameElm =
soapFactory.createElement("Username",
                                                AUTH_PREFIX,
                                                AUTH_NS);
                                userNameElm.addTextNode("TestUser");
                                SOAPElement passwdElm =
soapFactory.createElement("Password",
                                                AUTH_PREFIX,
                                                AUTH_NS);
                                passwdElm.addTextNode("TestPassword");
                                userNameTokenElm.addChildElement(passwdElm);
                               
userNameTokenElm.addChildElement(userNameElm);
                               
securitynHeader.addChildElement(userNameTokenElm);


BUT my call come to WSS4jInInterceptor at server side and internally when it
is calling WSSecurityEngine.processSecurityHeader() it didn't find any
UsernameToken and related nodes so while calling Node node =
securityHeader.getFirstChild(); in this method it is returning null.

As I am adding UsernameToken in my request why at server side it cannot find
it and its throwing ActionMismatch WebService Exception.

Any help is appreciated, I am not able to understand the problem.

Nidhi 



--
View this message in context: http://cxf.547215.n5.nabble.com/UsernameToken-Credentials-not-coming-to-Server-side-Wss4jInInterceptor-tp5726797.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message