I am trying to consume WSO2 admin services, specifically in the Identity Server. I want create a new tenant. I consume TenantMgtAdminService (https://127.0.0.1:9443/services/TenantMgtAdminService?wsdl), function addTenant. For consume this service I am using jaggery. This is my code:
<%
function tenant() {
var log = new Log();
var ws = require('ws');
var version = new ws.WSRequest();
var options = new Array();
options.useSOAP = 1.2;
options.useWSA = 1.0;
options.action = "urn:addTenant";
var payload = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.mgt.tenant.carbon.wso2.org" xmlns:xsd="http://beans.common.stratos.carbon.wso2.org/xsd">
<soapenv:Header/>
<soapenv:Body>
<ser:addTenant>
<ser:tenantInfoBean>
<xsd:active>true</xsd:active>
<xsd:admin>admin</xsd:admin>
<xsd:adminPassword>admin</xsd:adminPassword>
<xsd:createdDate>2016-01-11T11:15:04-04:00</xsd:createdDate>
<xsd:email>maikelf#mymail.com</xsd:email>
<xsd:firstname>Manuel</xsd:firstname>
<xsd:lastname>Fdez</xsd:lastname>
<xsd:originatedService>mymail.com</xsd:originatedService>
<xsd:successKey>test</xsd:successKey>
<xsd:tenantDomain>mymail.com</xsd:tenantDomain>
<xsd:tenantId>4</xsd:tenantId>
<xsd:usagePlan>demo</xsd:usagePlan>
</ser:tenantInfoBean>
</ser:addTenant>
</soapenv:Body>
</soapenv:Envelope>';
var result;
try {
version.open(options, "https://127.0.0.1:9443/services/TenantMgtAdminService", false, "admin", "admin");
version.send(payload);
} catch (e) {
log.error(e.toString());
return e.toString();
}
return result;
}
print(tenant());
%>
The value of payload is taked of SOAPUI
In soapui
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.mgt.tenant.carbon.wso2.org" xmlns:xsd="http://beans.common.stratos.carbon.wso2.org/xsd">
<soapenv:Header/>
<soapenv:Body>
<ser:addTenant>
<!--Optional:-->
<ser:tenantInfoBean>
<!--Optional:-->
<xsd:active>true</xsd:active>
<!--Optional:-->
<xsd:admin>admin</xsd:admin>
<!--Optional:-->
<xsd:adminPassword>admin</xsd:adminPassword>
<!--Optional:-->
<xsd:createdDate>2016-01-11T11:15:04-04:00</xsd:createdDate>
<!--Optional:-->
<xsd:email>maikelf#mymail.com</xsd:email>
<!--Optional:-->
<xsd:firstname>Manuel</xsd:firstname>
<!--Optional:-->
<xsd:lastname>Fdez</xsd:lastname>
<!--Optional:-->
<xsd:originatedService>mymail.com</xsd:originatedService>
<!--Optional:-->
<xsd:successKey>test</xsd:successKey>
<!--Optional:-->
<xsd:tenantDomain>mymail.com</xsd:tenantDomain>
<!--Optional:-->
<xsd:tenantId>4</xsd:tenantId>
<!--Optional:-->
<xsd:usagePlan>demo</xsd:usagePlan>
</ser:tenantInfoBean>
</ser:addTenant>
</soapenv:Body>
</soapenv:Envelope>
The result that I get is this error:
JavaException: org.jaggeryjs.scriptengine.exceptions.ScriptException: Error occured while invoking the service
In Identity Server console
[2016-01-13 15:16:10,848] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'admin#carbon.super [-1234]' logged in at [2016-01-13 15:16:10, 847-0500]
[2016-01-13 15:16:17,275] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'admin#carbon.super [-1234]' logged in at [2016-01-13 15:16:17, 275-0500]
In the Jaggery console
[2016-01-13 15:28:05,052] ERROR {org.jaggeryjs.hostobjects.ws.WSRequestHostObject} - Error occured while invoking the serviceorg.apache.axis2.AxisFault: namespace mismatch require http://services.mgt.tenant.carbon.wso2.org found http://schemas.xmlsoap.org/soap/envelope/
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:367)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:413)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:224)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554)
at org.jaggeryjs.hostobjects.ws.WSRequestHostObject.jsFunction_send(WSRequestHostObject.java:362)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
at org.jaggeryjs.rhino.jtest.c32._c_tenant_1(/jtest//index.jag:16)
at org.jaggeryjs.rhino.jtest.c32.call(/jtest//index.jag)
at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:74)
at org.jaggeryjs.rhino.jtest.c32._c_script_0(/jtest//index.jag:24)
at org.jaggeryjs.rhino.jtest.c32.call(/jtest//index.jag)
at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
at org.jaggeryjs.rhino.jtest.c32.call(/jtest//index.jag)
at org.jaggeryjs.rhino.jtest.c32.exec(/jtest//index.jag)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:577)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:280)
at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:298)
at org.jaggeryjs.jaggery.core.JaggeryServlet.doGet(JaggeryServlet.java:24)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:690)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:477)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:369)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:329)
at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:172)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
[2016-01-13 15:28:05,058] ERROR {JAGGERY.index:jag} - JavaException: org.jaggeryjs.scriptengine.exceptions.ScriptException: Error occured while invoking the service
The recommended approach to utilize admin services is to utilize the Jaggery WSStub [1].
Sample WSStub Code
<%
var ws = require('ws');
var stub = new ws.WSStub('https://localhost:9443/services/OAuth2TokenValidationService?wsdl');
var tokenValidator = stub.services['OAuth2TokenValidationService'].operations['findOAuthConsumerIfTokenIsValid'];
var validationResult = tokenValidatorrequest(accsessToken);
%>
Since the above service is an admin service, a valid user name and
password needs to be provided in order to consume the service.
Please follow the recommended approach to access admin services.
[1].http://jaggeryjs.org/documentation.jag?api=wsstub
Related
and need to know few things as I am getting Internal error from server and I think it is related how am I generating Header port of SOAP.
Here is how it should look like:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-CA07017CE54cDFC14720230904344">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">******</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">xgy3s2Owe4zUNGc/2t3twA==</wsse:Nonce>
<wsu:Created>2016-08-24T07:18:10.434Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
ok, so:
- username is username :)
- password is cleardText from what I can see
- Nonce I am generating like this:
var nonce = new Date().getTime() * 1000;
nonce = new Buffer(nonce.toString()).toString('base64'); (Nodejs)
- And date is generated like below in sample.
My questions:
- UsernameToken ID: how this is generated? Must this be presented?
If my SOAP request looks like this, is this ok:
<soap:Header>
<wsse:UsernameToken>
<wsse:Password>1231231</<wsse:Password>
<wsse:Nonce>1232132131</wsse:Nonce>
<wsu:Created>2016-08-24T07:18:10.434Z</wsu:Created>
</wsse:UsernameToken>
</soap:Header>
Or must I put all http stuff end etc?
thank you very much!
MIha
We are having a problem in a Data Service on WSO2 DSS 3.0.0. If I execute directly the query on the database I get no error. The database is a Sybase version 12.
DBS
<data name="DSProgram" serviceNamespace="http://myschema.org.br">
<config id="ProgramDS">
<property name="carbon_datasource_name">ProgramDS</property>
</config>
<query id="updateProgram" useConfig="ProgramDS">
<sql>update aca..program set name = :name, endingdate = (case when :endingdate = '' then null else :endingdate) where course = :course</sql>
<param name="name" sqlType="STRING"/>
<param name="endingdate" sqlType="STRING"/>
<param name="course" sqlType="INTEGER"/>
</query>
<operation name="updateProgram">
<call-query href="updateProgram">
<with-param name="name" query-param="name"/>
<with-param name="endingdate" query-param="endingdate"/>
<with-param name="course" query-param="course"/>
</call-query>
</operation>
</data>
SOAP Envelope
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:int="http://myschema.org.br">
<soapenv:Header/>
<soapenv:Body>
<int:updateProgram>
<int:name>Course name</int:name>
<int:endingdate></int:endingdate>
<int:course>999</int:course>
</int:updateProgram>
</soapenv:Body>
</soapenv:Envelope>
SOAP Fault
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault xmlns:axis2ns1820="http://ws.wso2.org/dataservice">
<faultcode>axis2ns1820:DATABASE_ERROR</faultcode>
<faultstring>DS Fault Message: Error in DS non result invoke.
DS Code: DATABASE_ERROR
Nested Exception:-
javax.xml.stream.XMLStreamException: DS Fault Message: Error in 'SQLQuery.processNormalQuery'
DS Code: DATABASE_ERROR
Source Data Service:-
Name: DSProgram
Location: /DSProgram.dbs
Description: N/A
Default Namespace: http://myschema.org.br
Current Request Name: updateProgram
Current Params: {endingdate=, course=999, name=Course name}
Nested Exception:-
java.lang.NullPointerException</faultstring>
<detail>
<axis2ns1819:DataServiceFault xmlns:axis2ns1819="http://ws.wso2.org/dataservice">DS Fault Message: Error in DS non result invoke.
DS Code: DATABASE_ERROR
Nested Exception:-
javax.xml.stream.XMLStreamException: DS Fault Message: Error in 'SQLQuery.processNormalQuery'
DS Code: DATABASE_ERROR
Source Data Service:-
Name: DSProgram
Location: /DSProgram.dbs
Description: N/A
Default Namespace: http://myschema.org.br
Current Request Name: updateProgram
Current Params: {endingdate=, course=999, name=Course name}
Nested Exception:-
java.lang.NullPointerException</axis2ns1819:DataServiceFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
* Data changed for confidenciality
WSO2 DSS System Log
TID[-1234] [DSS] [2015-05-12 10:51:30,156] ERROR {org.wso2.carbon.dataservices.core.engine.DataService} - DS Fault Message: Error in 'SQLQuery.processNormalQuery' DS Code: DATABASE_ERROR Source Data Service:- Name: DSProgram Location: /DSProgram.dbs Description: N/A Default Namespace: http://myschema.org.br Current Request Name: updateProgram Current Params: {endingdate=, course=999, nome=Course name} Nested Exception:- java.lang.NullPointerException org.wso2.carbon.dataservices.core.description.query.SQLQuery.processNormalQuery(SQLQuery.java:808) org.wso2.carbon.dataservices.core.description.query.SQLQuery.runQuery(SQLQuery.java:2098) org.wso2.carbon.dataservices.core.description.query.Query.execute(Query.java:252) org.wso2.carbon.dataservices.core.engine.CallQuery.executeElement(CallQuery.java:179) org.wso2.carbon.dataservices.core.engine.CallQueryGroup.executeElement(CallQueryGroup.java:111) org.wso2.carbon.dataservices.core.engine.OutputElement.execute(OutputElement.java:89) org.wso2.carbon.dataservices.core.description.operation.Operation.execute(Operation.java:71) org.wso2.carbon.dataservices.core.engine.DataService.invoke(DataService.java:569) org.wso2.carbon.dataservices.core.engine.DSOMDataSource.execute(DSOMDataSource.java:99) org.wso2.carbon.dataservices.core.engine.DSOMDataSource.serialize(DSOMDataSource.java:110) org.wso2.carbon.dataservices.core.engine.DSOMDataSource.executeInOnly(DSOMDataSource.java:80) org.wso2.carbon.dataservices.core.dispatch.SingleDataServiceRequest.processSingleRequest(SingleDataServiceRequest.java:127) org.wso2.carbon.dataservices.core.dispatch.SingleDataServiceRequest.processRequest(SingleDataServiceRequest.java:76) org.wso2.carbon.dataservices.core.dispatch.DataServiceRequest.dispatch(DataServiceRequest.java:282) org.wso2.carbon.dataservices.core.DataServiceProcessor.dispatch(DataServiceProcessor.java:39) org.wso2.carbon.dataservices.core.DBInOnlyMessageReceiver.invokeBusinessLogic(DBInOnlyMessageReceiver.java:48) org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181) org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) javax.servlet.http.HttpServlet.service(HttpServlet.java:641) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) javax.servlet.http.HttpServlet.service(HttpServlet.java:722) org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:172) org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001) org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) java.lang.Thread.run(Unknown Source)
I think you have a SQL sintax error:
<sql>update aca..program (...)</sql>
Two dots at schema.table?
I am trying to consume a WS-Security protected webservice but I am facing some problems. It is a CMDBuild webservice. I have read the CMDBuild Webservices Manual, but I had no success consuming it yet.
I used two ways to try to consume the webservices: SoapUI and Java using Apache CXF. I will describe what I have done to try to consume the webservice with both methods.
First of all, I installed the CMDB application successfully and I can access the WSDL normally. If you need to take a look into WSDL, you can see it here. I know that I have to send a username token, but what I don't know is where I have to put the username token and how I do that.
All methods provided in the webservice can be used upon authentication
in the CMDBuild system. The authentication is performed upon the WSS
Username Token profile 1.0 specification with digest password.
Other question is how I can obtain this username token and the digest password. What I have is the application username and password which I use to access the application GUI.
SoapUI
When I try to consume any method of webservice using SoapUI, the response is always the same:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Body>
<soap:Fault>
<soap:Code>
<soap:Value>soap:Sender</soap:Value>
<soap:Subcode>
<soap:Value xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</soap:Value>
</soap:Subcode>
</soap:Code>
<soap:Reason>
<soap:Text xml:lang="en">An error was discovered processing the <wsse:Security> header</soap:Text>
</soap:Reason>
</soap:Fault>
</soap:Body>
</soap:Envelope>
Here, the XML request (generated by SoapUI):
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:soap1="http://soap.services.cmdbuild.org">
<soap:Header/>
<soap:Body>
<soap1:getCardList>
<!--Optional:-->
<soap1:className></soap1:className>
<!--Zero or more repetitions:-->
<soap1:attributeList>
<!--Optional:-->
<soap1:code></soap1:code>
<!--Optional:-->
<soap1:name></soap1:name>
<!--Optional:-->
<soap1:value></soap1:value>
</soap1:attributeList>
<!--Optional:-->
<soap1:queryType>
<!--Optional:-->
<soap1:filter>
<!--Optional:-->
<soap1:name></soap1:name>
<!--Optional:-->
<soap1:operator>?</soap1:operator>
<!--Zero or more repetitions:-->
<soap1:value></soap1:value>
</soap1:filter>
<!--Optional:-->
<soap1:filterOperator>
<!--Optional:-->
<soap1:operator></soap1:operator>
<!--Zero or more repetitions:-->
<soap1:subquery/>
</soap1:filterOperator>
</soap1:queryType>
<!--Zero or more repetitions:-->
<soap1:orderType>
<!--Optional:-->
<soap1:columnName></soap1:columnName>
<!--Optional:-->
<soap1:type></soap1:type>
</soap1:orderType>
<!--Optional:-->
<soap1:limit></soap1:limit>
<!--Optional:-->
<soap1:offset></soap1:offset>
<!--Optional:-->
<soap1:fullTextQuery></soap1:fullTextQuery>
</soap1:getCardList>
</soap:Body>
</soap:Envelope>
Apache CXF
Using Java, I tried with Apache CXF and I generated the classes automatically (wsdl2java). After that, I code a little bit:
public class Main {
public static void main(String[] args) throws MalformedURLException {
Map<String, Object> inProps = new HashMap<String, Object>();
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
inProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
Proxy315Service srv = new Proxy315Service(new URL("http://example.com.br:8080/cmdbuild/services/soap/Webservices?wsdl"));
Webservices services = srv.getProxy315Port();
EndpointImpl jaxWsEndpoint = (EndpointImpl) EndpointImpl.publish("http://example.com.br:8080/cmdbuild/services/soap/Webservices", services);
Endpoint cxfEndpoint = jaxWsEndpoint.getServer().getEndpoint();
WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
cxfEndpoint.getInInterceptors().add(wssIn);
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, "gchaves");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
MenuSchema menu = services.getMenuSchema();
System.out.println(menu.getDescription());
}
}
Output:
Exception in thread "main" javax.xml.ws.WebServiceException: Could not find service named {http://proxy.sun.com/}Proxy315Service in wsdl http://example.com.br:8080/cmdbuild/services/soap/Webservices?wsdl
at org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:161)
at org.apache.cxf.jaxws.ServiceImpl.<init>(ServiceImpl.java:149)
at org.apache.cxf.jaxws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:101)
at javax.xml.ws.Service.<init>(Unknown Source)
at com.sun.proxy.Proxy315Service.<init>(Proxy315Service.java:40)
at com.example.main.Main.main(Main.java:26)
Here is example that works for me:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:soap1="http://soap.services.cmdbuild.org">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-2">
<wsse:Username>admin</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">admin</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<soap1:getCardList>
<!--Optional:-->
<soap1:className>Monitor</soap1:className>
<!--Zero or more repetitions:-->
<soap1:attributeList>
<!--Optional:-->
<!--Optional:-->
</soap1:attributeList>
<!--Optional:-->
<soap1:queryType>
<!--Optional:-->
<soap1:filter>
<!--Optional:-->
<soap1:name>Brand</soap1:name>
<!--Optional:-->
<soap1:operator>EQUALS</soap1:operator>
<!--Zero or more repetitions:-->
<soap1:value>HP</soap1:value>
</soap1:filter>
<!--Optional:-->
</soap1:queryType>
<!--Zero or more repetitions:-->
<soap1:orderType>
<!--Optional:-->
<soap1:columnName>Code</soap1:columnName>
<!--Optional:-->
<soap1:type>ASC</soap1:type>
</soap1:orderType>
<!--Optional:-->
<soap1:limit>0</soap1:limit>
<!--Optional:-->
<soap1:offset>0</soap1:offset>
<!--Optional:-->
<soap1:fullTextQuery>*</soap1:fullTextQuery>
</soap1:getCardList>
</soap:Body>
</soap:Envelope>
Although it is too late, this answer may help others.
See this link that explains how to use soapUI to consume ws-security enabled web services. You should just double click on the project (In soapUI) and configure outgoing wss. And in soap message (xml part) you should add wss header as it is described in the above link.
I'm getting a cryptic error message - Wrong element order encountred at Reason
Here's a summary of what I am doing:
I’ve applied the UsernameToken security policy to the Security Token
Service.
I've added my app (http://localhost:3000/) as a trusted service.
I attempt to invoke the IssueToken operation at
https://localhost:9443/services/wso2carbon-sts.wso2carbon-stsHttpsSoap12Endpoint/
Using this message:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</a:Action>
<a:To s:mustUnderstand="1">https://localhost:9443/services/wso2carbon-sts.wso2carbon-stsHttpsSoap12Endpoint/</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken u:Id="uuid-6a13a244-dac6-42c1-84c5-cbb345b0c4c4-1">
<o:Username>user1</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<trust:RequestSecurityToken xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<a:EndpointReference>
<a:Address>http://localhost:3000/</a:Address>
</a:EndpointReference>
</wsp:AppliesTo>
<trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
<trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
<trust:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</trust:TokenType>
</trust:RequestSecurityToken>
</s:Body>
</s:Envelope>
I get this error:
<html><head><title>Apache Tomcat/7.0.34 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - Wrong element order encountred at Reason</h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u>Wrong element order encountred at Reason</u></p><p><b>description</b> <u>The server encountered an internal error that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>org.apache.axiom.om.impl.exception.OMBuilderException: Wrong element order encountred at Reason
org.apache.axiom.soap.impl.builder.SOAP12BuilderHelper.handleEvent(SOAP12BuilderHelper.java:94)
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.constructNode(StAXSOAPModelBuilder.java:429)
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.createOMElement(StAXSOAPModelBuilder.java:273)
org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.createNextOMElement(StAXSOAPModelBuilder.java:234)
org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:249)
org.apache.axiom.om.impl.dom.NodeImpl.build(NodeImpl.java:447)
org.apache.axiom.om.impl.dom.ParentNode.getChildNodes(ParentNode.java:168)
org.apache.ws.security.util.WSSecurityUtil.findChildElement(WSSecurityUtil.java:596)
org.apache.ws.security.util.WSSecurityUtil.findWsseSecurityHeaderBlock(WSSecurityUtil.java:717)
org.apache.ws.security.message.WSSecHeader.insertSecurityHeader(WSSecHeader.java:145)
org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:406)
org.apache.rampart.MessageBuilder.build(MessageBuilder.java:61)
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
org.apache.axis2.engine.Phase.invoke(Phase.java:313)
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat/7.0.34 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.34</h3></body></html>
Any ideas on what I am doing wrong?
I am not sure about the exact error that you mentioned. But, if i just look, i could see that timestamp has been missed in the security header. However i would copy the request message that i tried out...I use this message with SOAPUI to get the SAML Assertion from the STS service.. I guess this may help you.. If you are using this message, Please consider about timestamp value.. you can change it as it is not signed.
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-1">
<wsu:Created>2014-03-04T17:53:57.033Z</wsu:Created>
<wsu:Expires>2014-03-04T17:58:57.033Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-2">
<wsse:Username>admin</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">admin</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<wsa:To>https://localhost:9443/services/wso2carbon-sts</wsa:To>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:MessageID>urn:uuid:258de3bc-c053-4b41-93d5-5d292a896b3a</wsa:MessageID>
<wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action>
</soapenv:Header>
<soapenv:Body>
<wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
<wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>
<wst:Lifetime>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-03-04T17:53:56.768Z</wsu:Created>
<wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-03-04T17:58:56.768Z</wsu:Expires>
</wst:Lifetime>
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:KeyType>http://schemas.xmlsoap.org/ws/2005/02/trust/Bearer</wst:KeyType>
<wst:Claims xmlns:wsp="http://schemas.xmlsoap.org/ws/2005/02/trust" wsp:Dialect="http://wso2.org/claims">
<wsid:ClaimType xmlns:wsid="http://schemas.xmlsoap.org/ws/2005/05/identity" Uri="http://wso2.org/claims/emailaddress"></wsid:ClaimType>
<wsid:ClaimType xmlns:wsid="http://schemas.xmlsoap.org/ws/2005/05/identity" Uri="http://wso2.org/claims/givenname"></wsid:ClaimType>
</wst:Claims>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope>
I'm using SOAPUI tool to access JAX-WS web services deployed in Weblogic 10.3.2
Request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ws="http://ws.pc3.polk.com/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsu:Timestamp wsu:Id="Timestamp-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2010-12-03T21:10:43Z</wsu:Created>
<wsu:Expires>2010-12-03T21:44:03Z</wsu:Expires>
</wsu:Timestamp>
<wsu:Timestamp wsu:Id="Timestamp-60" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2010-12-03T20:10:39Z</wsu:Created>
<wsu:Expires>2010-12-03T20:43:59Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-59" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>rwerqre</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">ewrqwrwerqer</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">Nmw0ksmiOX+hkiSoWb2Rjg==</wsse:Nonce>
<wsu:Created>2010-12-03T20:10:39.649Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ws:getMetadata/>
</soapenv:Body>
</soapenv:Envelope>
Response:
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<SOAP-ENV:Fault xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<faultcode>SOAP-ENV:MustUnderstand</faultcode>
<faultstring>MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood</faultstring>
</SOAP-ENV:Fault>
</S:Body>
</S:Envelope>
You can configure a dummy SOAPHandler for {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security that would mark this header as 'understood'.
Or you could change the SOAP request (on the caller side) to set mustUnderstand="0" in the security header.
Example security SOAP header with mustUnderstand="0":
<S:Header xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security S:mustUnderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>USERNAME</wsse:Username>
<wsse:Password wsse:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
After much research, this article solves this issue.
http://dwuysan.wordpress.com/2012/04/02/jax-ws-wsimport-and-the-error-mustunderstand-headers-not-understood/#comment-215
As per WS security specification:
The processor MUST, after decrypting the encrypted header block, process the decrypted header block according to the SOAP processing guidelines. The receiver MUST raise a fault if any content required to adequately process the header block remains encrypted or if the decrypted SOAP header is not understood and the value of the S12:mustUnderstand or S11:mustUnderstand attribute on the decrypted header block is true. Note that in order to comply with SOAP processing rules in this case, the processor must roll back any persistent effects of processing the security header, such as storing a received token.
So please check Configuration of CallbackHandlers.
Issue is with the Handlers. You need to add following in handler implementation
public Set<QName> getHeaders() {
final QName securityHeader = new QName(
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"Security",
"wsse");
final HashSet headers = new HashSet();
headers.add(securityHeader);
return headers;
}
In SOAP UI Navigator,
right-click your project->Show Project View->WS-Security Configurations->Outgoing WS-Security Configurations
Uncheck Must Understand, and then send request.