cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From DfCode <francesco.dam...@gmail.com>
Subject Re: Ws-Security client [newbie]
Date Wed, 15 Jul 2015 15:17:45 GMT
Hi all...

I'm back to ws-security trouble.

In order to overcame header issues, I changed my client:

This is my server configuration (CXF + Spring)


	<jaxws:endpoint address="/soapservice" implementor="#soapservice">

		<jaxws:inInterceptors>

			<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

			<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
				<constructor-arg>
					<map>
						<entry key="action" value="UsernameToken" />
						<entry key="passwordType" value="PasswordText" />
						<entry key="passwordCallbackRef">
							<ref bean="passwordCallback" />
						</entry>
					</map>
				</constructor-arg>
			</bean>
		</jaxws:inInterceptors>


	</jaxws:endpoint>


	<bean id="passwordCallback"
		class="org.uario.seaworkengine.web.services.security.PasswordCallback">
	</bean>




And this is how I configure my client:

                final Client client = ClientProxy.getClient(service);

		final Map<String, Object> outProps = new HashMap<String, Object>();
		outProps.put("action", "UsernameToken");
		outProps.put("passwordType", "PasswordText");
		outProps.put("user", "joe");
		outProps.put("passwordCallbackClass",
"org.cnriia.soapgen.UTPasswordCallback");

		final Map<String, Object> inProps = new HashMap<String, Object>();
		inProps.put("action", "UsernameToken");
		inProps.put("passwordType", "PasswordText");
		inProps.put("passwordCallbackClass",
"org.cnriia.soapgen.UTPasswordCallback");

		client.getInInterceptors().add(new WSS4JInInterceptor(inProps));
		client.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));


At server side, I can follow the call on debug mode using Eclipse.  The
callback is executed and username and password are correct...


The error is always the same, on client:

An error was discovered processing the <wsse:Security> header


Any Idea....??? Is very important for me.  


P.S.
It is very disappointing that a so conceptually easy task as to secure a WS
client appears to be so hard.












--
View this message in context: http://cxf.547215.n5.nabble.com/Ws-Security-client-newbie-tp5756790p5759202.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message