cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Shakirin <ashaki...@talend.com>
Subject RE: Antwort: RE: Antwort: RE: Antwort: RE: Custom WS-Security Policy for Webservice
Date Wed, 06 May 2015 14:12:02 GMT
Hi,

> -----Original Message-----
> From: Nikolaus.Huber@cargarantie.com
> [mailto:Nikolaus.Huber@cargarantie.com]
> Sent: Dienstag, 5. Mai 2015 16:16
> To: users@cxf.apache.org
> Subject: Antwort: RE: Antwort: RE: Antwort: RE: Custom WS-Security Policy for
> Webservice
> 
> Hi,
> 
> > > I've debugged the PlicyAnnotationListener at the recommended
> > position, but no
> > > result. Both methods in case ENDPOINT_SELECTED (addPolicies(...) and
> > > addEndpointImplPolicies(...)) do not add a policy since the
> policylists are
> > > always empty (null). The reason for this is probably that the
> > PropertyMap of the
> > > endpoint interface is also null. In summray, no policies (policy
> > annotations) are
> > > found.
> >
> > Did you see @Policies annotations for the implClass in
> > addEndpointImplPolicies(...) in debugger variables explorer?
> > Is the implementation class correct one?
> 
> I'm not sure if I understood your question correctly, but in Variables Explorer, I
> see that other annotation properties I've made for WS-Security, like encryption
> properties, username, etc., are loaded correctly (the implementation class is
> JaxWsEndpointImpl). I think this shows that the correct class is loaded.

I mean just to verify in debugger inside addEndpointImplPolicies() method that cls (implementation
class) has all declared annotations (including @Policies).
You can add cls.getAnnotations() in debugger expressions window and see what is declared on
class level.

Was the following check inside addEndpointImplPolicies() unsuccessful or you go inside?:
        Policy p = cls.getAnnotation(Policy.class);
        Policies ps = cls.getAnnotation(Policies.class);
        if (p != null || ps != null) { 
...

> 
> > >
> > > Do you have any idea/recommendation how to proceed? Do you think the
> > > reason might be that I missed some important configuration, e.g.,
> > a namespace
> > > in the policy file or something else (I don't think so since the
> > examples don't use
> > > any custom namespaces)?
> > >
> > > In which environment did you run your sample projects? Maybe I'll
> > give it a try
> > > to switch...
> >
> > I don't see obvious problem in your code.
> > Try to run following CXF system test: https://github.com/apache/cxf/
> > blob/master/systests/ws-security/src/test/java/org/apache/cxf/
> > systest/ws/policy/JavaFirstPolicyServiceTest.java
> > It uses service class with very similar @Policy annotation: https://
> > github.com/apache/cxf/blob/master/systests/ws-security/src/test/
> >
> java/org/apache/cxf/systest/ws/policy/javafirst/BindingSimpleServiceImpl.java
> >
> > What is the difference in your case?
> 
> The test can be executed and I don't see a difference to the
> BindingSimpleServiceImpl. What I can do is try to reuse your policy...

Could you try to start you class standalone, without application server and see if the problem
persists?

Regards,
Andrei.

> 
> Regards
> Niko
> 
> >
> > Regards,
> > Andrei.
> >
> > >
> > > Thanks
> > > Niko
> > >
> > > >
> > > > Thanks
> > > > Niko
> > > >
> > > > >
> > > > > Regards,
> > > > > Andrei.
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Nikolaus.Huber@cargarantie.com
> > > > > > [mailto:Nikolaus.Huber@cargarantie.com]
> > > > > > Sent: Dienstag, 21. April 2015 12:46
> > > > > > To: users@cxf.apache.org
> > > > > > Subject: Antwort: RE: Custom WS-Security Policy for Webservice
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > thanks for the link to the examples. I'm using a similar
> > > > > configuration now, but
> > > > > > without success.
> > > > > >
> > > > > > Concerning your questions: What I want to achieve is basically
> the
> > > > policy
> > > > > > described here (
> > > > > >
> > > >
> > >
> http://docs.oasis-open.org/ws-sx/security-policy/examples/ws-sp-usecases-
> > > > > > examples.html#_Toc274723250
> > > > > > ). The only difference is that I want to use Basic128 as the
> > > > > Algorithm Suite. This
> > > > > > is the requirement of our customer. Thus, I do not register
an
> > > > interceptor
> > > > > > provider. The policy assertions I use should be standard, right?
> > > > > >
> > > > > > Thanks
> > > > > > Niko
> > > > > >
> > > > > > Andrei Shakirin <ashakirin@talend.com> schrieb am 20.04.2015
> > > 21:06:03:
> > > > > >
> > > > > > > Von: Andrei Shakirin <ashakirin@talend.com>
> > > > > > > An: "users@cxf.apache.org" <users@cxf.apache.org>
> > > > > > > Datum: 20.04.2015 21:07
> > > > > > > Betreff: RE: Custom WS-Security Policy for Webservice
> > > > > > >
> > > > > > > Hi,
> > > > > > >
> > > > > > > Take a look in following system tests:
> > > > > > >
> > > https://github.com/apache/cxf/blob/master/systests/ws-security/src/
> > > > > > >
> > > >
> test/java/org/apache/cxf/systest/ws/policy/JavaFirstPolicyService.java
> > > > > > >
> > > https://github.com/apache/cxf/blob/master/systests/ws-security/src/
> > > > > > > test/java/org/apache/cxf/systest/ws/policy/javafirst/
> > > > > > > OperationSimpleServiceImpl.java
> > > > > > >
> > > > > > > One possible issue is that uri attribute in @Policy
> > > > > > > annotation can
> > >
> > > > be
> > > > > > > required to be in URI form (classpath:/xxx, file:///xxx).
> > > > > > > Do you register interceptor provider for the custom policy
> > > assertion
> > > > > > > or it contains standard assertions? What is your expectation
> > > > > > > from activating of custom policy?
> > > > > > >
> > > > > > > Regards,
> > > > > > > Andrei.
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Nikolaus.Huber@cargarantie.com
> > > > > > > > [mailto:Nikolaus.Huber@cargarantie.com]
> > > > > > > > Sent: Montag, 20. April 2015 12:24
> > > > > > > > To: users@cxf.apache.org
> > > > > > > > Subject: Custom WS-Security Policy for Webservice
> > > > > > > >
> > > > > > > > Hi all,
> > > > > > > >
> > > > > > > > I'm trying to apply a custom WS-Security policy to
a web
> > > service.
> > > > > > > > I'm
> > > > > > using
> > > > > > > > wsimport from the jaxws-maven-plugin to generate the
SEI.
> The
> > > > > > > > implementation of the SEI looks like this:
> > > > > > > >
> > > > > > > >
> > > > > > > >         import javax.jws.WebService;
> > > > > > > >         import org.apache.cxf.annotations.Policy;
> > > > > > > >         import org.jboss.ws.api.annotation.EndpointConfig;
> > > > > > > >
> > > > > > > >         @WebService(
> > > > > > > >                 portName = "VehicleOrderRetailDelivery",
> > > > > > > >                 serviceName = "VehicleOrderRetailDelivery",
> > > > > > > >                 targetNamespace = "some/namespace",
> > > > > > > >                 wsdlLocation =
> > > > > > > > "/WEB-INF/wsdl/VehicleOrderRetailDelivery.wsdl",
> > > > > > > >                 endpointInterface =
> > > > > > > > "mypackage.IVehicleOrderRetailDelivery"
> > > > > > > >         )
> > > > > > > >         @Policies({@Policy(placement =
> > > > > > > > Policy.Placement.BINDING,
> > >
> > > > uri
> > > > > > > > = "CustomPolicy.xml", includeInWSDL=true)})
> > > > > > > >         @EndpointConfig(configFile =
> > > > > > "WEB-INF/jaxws-endpoint-config.xml"
> > > > > > > > , configName = "Custom WS-Security Endpoint")
> > > > > > > >         public class VehicleOrderRetailDelivery implements
> > > > > > > > IVehicleOrderRetailDelivery {
> > > > > > > >
> > > > > > > >                 public void report(@XmlElement(required
=
> > > > > > > > true)
> > > > > > > ReportRequestType
> > > > > > > > reportRequest) { ... }
> > > > > > > >         }
> > > > > > > >
> > > > > > > >
> > > > > > > > The problem is that the custom WS-Security policy
is not
> active.
> > >
> > > > If
> > > > > > > > I
> > > > > > send
> > > > > > > > requests to the endpoint using SoapUI, I get a soap
fault
> > > telling
> > > > me
> > > > > > that
> > > > > > > > the message contains encrypted data. I'm using Wildfly
> > > > > > > > 8.1.0 and I've already set the log level to DEBUG
but
> > > > > > > > there is no
> > > > information
> > > > > > > > in the
> > > > > > log
> > > > > > > > what goes wrong or why the policy is not active. This
part
> of
> > > the
> > > > > > > > log makes me believe that there is some kind of policy
> > > > > > > > that
> it
> > > is
> > > > > > > > loaded
> > > > > > > >
> > > > > > > > 21:43:17,813 FINE
> > > > > > > > [org.apache.cxf.phase.PhaseInterceptorChain]
> > > > > > (default
> > > > > > > >  task-5) Chain
> > > org.apache.cxf.phase.PhaseInterceptorChain@3aa6c815
> > > > > > > > was modified. `Current flow:` receive
> > > > > > > > [PolicyInInterceptor, EndpointAssociationInterceptor,
> AttachmentInInterceptor]
> > > > > > > >   pre-stream [CertConstraintsInterceptor]
> > > > > > > >   post-stream [StaxInInterceptor]
> > > > > > > >   read [WSDLGetInterceptor, ReadHeadersInterceptor,
> > > > > > > > SoapActionInInterceptor, StartBodyInterceptor]
> > > > > > > >   pre-protocol [EnableDecoupledFaultInterceptor,
> > > MEXInInterceptor,
> > > > > > > > MustUnderstandInterceptor]
> > > > > > > >   pre-protocol-frontend [HandlerAuthInterceptor]
> > > > > > > >   post-protocol [CheckFaultInterceptor,
> > > > > > JAXBAttachmentSchemaValidationHack
> > > > > > > > ]
> > > > > > > >   unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor]
> > > > > > > >   pre-logical [NsCtxSelectorStoreInterceptor,
> > > > > > OneWayProcessorInterceptor,
> > > > > > > > MustUnderstandEndingInterceptor]
> > > > > > > >   post-logical [WrapperClassInInterceptor]
> > > > > > > >   pre-invoke [SwAInInterceptor, HolderInInterceptor]
> > > > > > > >   invoke [ServiceInvokerInterceptor,
> > > > > > > > UltimateReceiverMustUnderstandInterceptor]
> > > > > > > >   post-invoke [OutgoingChainInterceptor,
> > > StaxInEndingInterceptor]
> > > > > > > >
> > > > > > > > but why is it not active? Does anybody have an idea
why
> > > > > > > > the
> > > custom
> > > > > > policy
> > > > > > > > is not loaded? Any hints are highly appreciated.
> > > > > > > >
> > > > > > > > Cheers
> > > > > > > > Nik

Mime
View raw message