cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Ws-Security client [newbie]
Date Wed, 15 Jul 2015 15:37:04 GMT
What does the client request + service response messages look like? Do you
really mean to require a UsernameToken on the service response? e.g.

client.getInInterceptors().add(new WSS4JInInterceptor(inProps));

There is no corresponding WSS4JOutInterceptor configured in the service
configuration.

Colm.

On Wed, Jul 15, 2015 at 4:17 PM, DfCode <francesco.damore@gmail.com> wrote:

> Hi all...
>
> I'm back to ws-security trouble.
>
> In order to overcame header issues, I changed my client:
>
> This is my server configuration (CXF + Spring)
>
>
>         <jaxws:endpoint address="/soapservice" implementor="#soapservice">
>
>                 <jaxws:inInterceptors>
>
>                         <bean
> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
>
>                         <bean
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>                                 <constructor-arg>
>                                         <map>
>                                                 <entry key="action"
> value="UsernameToken" />
>                                                 <entry key="passwordType"
> value="PasswordText" />
>                                                 <entry
> key="passwordCallbackRef">
>                                                         <ref
> bean="passwordCallback" />
>                                                 </entry>
>                                         </map>
>                                 </constructor-arg>
>                         </bean>
>                 </jaxws:inInterceptors>
>
>
>         </jaxws:endpoint>
>
>
>         <bean id="passwordCallback"
>
> class="org.uario.seaworkengine.web.services.security.PasswordCallback">
>         </bean>
>
>
>
>
> And this is how I configure my client:
>
>                 final Client client = ClientProxy.getClient(service);
>
>                 final Map<String, Object> outProps = new HashMap<String,
> Object>();
>                 outProps.put("action", "UsernameToken");
>                 outProps.put("passwordType", "PasswordText");
>                 outProps.put("user", "joe");
>                 outProps.put("passwordCallbackClass",
> "org.cnriia.soapgen.UTPasswordCallback");
>
>                 final Map<String, Object> inProps = new HashMap<String,
> Object>();
>                 inProps.put("action", "UsernameToken");
>                 inProps.put("passwordType", "PasswordText");
>                 inProps.put("passwordCallbackClass",
> "org.cnriia.soapgen.UTPasswordCallback");
>
>                 client.getInInterceptors().add(new
> WSS4JInInterceptor(inProps));
>                 client.getOutInterceptors().add(new
> WSS4JOutInterceptor(outProps));
>
>
> At server side, I can follow the call on debug mode using Eclipse.  The
> callback is executed and username and password are correct...
>
>
> The error is always the same, on client:
>
> An error was discovered processing the <wsse:Security> header
>
>
> Any Idea....??? Is very important for me.
>
>
> P.S.
> It is very disappointing that a so conceptually easy task as to secure a WS
> client appears to be so hard.
>
>
>
>
>
>
>
>
>
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Ws-Security-client-newbie-tp5756790p5759202.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message