I have created a proxy service using Apache camel..
Here is my camel-config.xml file :
<?xml version="1.0" encoding="UTF-8"?>
<!-- START SNIPPET: e1 -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:camel="http://camel.apache.org/schema/spring"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xmlns:cxfcore="http://cxf.apache.org/core"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
">
<cxfcore:bus/>
<httpj:engine-factory bus="cxf">
<httpj:engine port='8243'>
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="skpass">
<sec:keyStore file="D:/eclipse/tomcat-7.0.29-camel/webapps/Version.Security/WEB-INF/classes/certs/serviceKeystore.jks" password="sspass" type="JKS"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore file="D:/eclipse/tomcat-7.0.29-camel/webapps/Version.Security/WEB-INF/classes/certs/serviceKeystore.jks" password="sspass" type="JKS"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_3DES_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:exclude>.*_WITH_NULL_.*</sec:exclude>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
<sec:clientAuthentication want="true" required="false"/>
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>
<!-- bean that enriches the SOAP request -->
<bean id="enrichBean" class="org.apache.camel.example.cxf.proxy.EnrichBean"/>
<bean id="loggingOutInterceptor" class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
<bean id="loggingInInterceptor" class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
<bean id="wss4jInConfiguration" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken Timestamp"/>
<entry key="passwordType" value="PasswordText" />
<entry>
<key>
<value>passwordCallbackRef</value>
</key>
<ref bean="passwordCallback"/>
</entry>
</map>
</property>
</bean>
<bean id="passwordCallback" class="org.apache.camel.example.cxf.proxy.UTPasswordCallback"/>
<!-- this is the CXF web service we use as the front end -->
**<cxf:cxfEndpoint id="securityService"
address="http://localhost:8280/services/Version.Security"
endpointName="s:Version.SecurityHttpsSoap11Endpoint"
serviceName="s:Version.Security"
wsdlURL="etc/Version.Security.wsdl"
xmlns:s="http://axisversion.sample">
<cxf:properties>
<entry key="publishedEndpointUrl" value="https://localhost:8243/services/Version.Security.Version.SecurityHttpsSoap11Endpoint" />
</cxf:properties>**
<cxf:inInterceptors>
<ref bean="loggingInInterceptor"/>
<ref bean="wss4jInConfiguration"/>
</cxf:inInterceptors>
<cxf:outInterceptors>
<ref bean="loggingOutInterceptor"/>
</cxf:outInterceptors>
</cxf:cxfEndpoint>
<!-- this is the Camel route which proxies the real web service and forwards SOAP requests to it -->
<camelContext xmlns="http://camel.apache.org/schema/spring">
<!-- property which contains port number -->
<propertyPlaceholder id="properties" location="classpath:incident.properties,file:target/custom.properties"/>
<endpoint id="callRealWebService" uri="http://10.115.115.115:8080/axis2/services/Version.Security?throwExceptionOnFailure=false"/>
<route>
<!-- CXF consumer using MESSAGE format -->
<from uri="cxf:bean:securityService?dataFormat=PAYLOAD"/>
<!-- log input received -->
<to uri="log:input"/>
<!-- enrich the input by ensure the incidentId parameter is set -->
<to uri="bean:enrichBean"/>
<!-- opp removing headers... testing -->
<removeHeaders pattern="CamelHttp*" />
<!-- send proxied request to real web service -->
<to ref="callRealWebService"/>
<!-- log answer from real web service -->
<to uri="log:output"/>
</route>
</camelContext>
</beans>
<!-- END SNIPPET: e1 -->
Now my wsdl file is on http://localhost:8280/services/Version.Security?wsdl and my endpoint url is https://localhost:8243/services/Version.Security.Version.SecurityHttpsSoap11Endpoint
The proxy gets created without any error, but when i invoke the above service in soap UI i get an error in SOAP UI as :
Mon Dec 01 12:55:31 IST 2014:ERROR:org.apache.http.conn.HttpHostConnectException: Connection to https://localhost:8243 refused
org.apache.http.conn.HttpHostConnectException: Connection to https://localhost:8243 refused
at com.eviware.soapui.impl.wsdl.support.http.SoapUIMultiThreadedHttpConnectionManager$SoapUIClientConnectionOperator.openConnection(SoapUIMultiThreadedHttpConnectionManager.java:321)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:246)
at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:356)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:317)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:231)
at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:123)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.security.ssl.SSLSocketImpl.connect(Unknown Source)
at com.eviware.soapui.impl.wsdl.support.http.SoapUISSLSocketFactory.connectSocket(SoapUISSLSocketFactory.java:218)
at com.eviware.soapui.impl.wsdl.support.http.SoapUIMultiThreadedHttpConnectionManager$SoapUIClientConnectionOperator.openConnection(SoapUIMultiThreadedHttpConnectionManager.java:299)
... 17 more
What is the problem i am unable to figure out..
One more thing, if i remove the below part from camel-config.xml
<cxf:properties>
<entry key="publishedEndpointUrl" value="https://localhost:8243/services/Version.Security.Version.SecurityHttpsSoap11Endpoint" />
</cxf:properties>
The proxy service works perfectly whether the wsdl url is http or https..
Looking forward to your answers. Thanks in advance
If you have load balance server before your cxf services, it makes sense that you define the publishedEndpointUrl to the load balance address.
For you case, it looks like you want to SOAP UI to access other address which has on listener there.
Related
I am creating new proxy for web services in Karaf 4.4.1 with Camel 3.18.1 and cxf 3.5.3.(I've tried it on older versions too 4.4.0, 3.18.0, 3.5.2). And it works fine, but I have a problem with MTOM attachments. For some reason it adds several times number 1000 into the message. And it is not every 1000 bytes. The spaces between them are different (from 377 to 4157 bytes). Here is picture of comparison of my incoming messages. The bad one goes through proxy and the good one don't:
comparsion 1
comparsion 2
Does anyone knows where is the mistake?
Here is my blueprint:
...
<camelcxf:cxfEndpoint id="SrvEndpoint">
<camelcxf:properties>
<entry key="dataFormat" value="CXF_MESSAGE" />
<entry key="ws-security.ut.no-callbacks" value="true"/>
<entry key="ws-security.validate.token" value="false"/>
<entry key="schema-validation-enabled" value="true" />
<entry key="lazyStartProducer" value="true" />
<entry key="mtom-enabled" value="true" />
</camelcxf:properties>
<camelcxf:inInterceptors>
<ref component-id="SrvWsSecInterceptor" />
<ref component-id="SrvAuthenticationInterceptor"/>
<ref component-id="SrvLoggingInInterceptor"/>
</camelcxf:inInterceptors>
<camelcxf:outInterceptors>
<ref component-id="SrvLoggingOutInterceptor"/>
</camelcxf:outInterceptors>
</camelcxf:cxfEndpoint>
<!-- this is the Camel route which proxies the real web service and forwards SOAP requests to it -->
<camelContext id="SrvRoute" trace="false" xmlns="http://camel.apache.org/schema/blueprint">
<route>
<!-- CXF consumer using CXF_MESSAGE format -->
<from uri="cxf:bean:SrvEndpoint"/>
<!-- Need to remove the http headers which could confuse the http endpoint -->
<removeHeaders pattern="CamelHttp*"/>
<!-- Don't know why but if not set returns empty response header and body -->
<setProperty name="CamelCXFDataFormat"><constant>PAYLOAD</constant></setProperty>
<!-- send proxied request to real web service -->
<to uri="{{SrvProxy.target.url}}?throwExceptionOnFailure=false"/>
</route>
</camelContext>
I've tried to change dataFormat to PAYLOAD and clean it from authentication and validation but nothing helped.
I have developed a service in top down approach and it is working fine using apache cxf. Now I am trying to add basic authentication to the service. I have configured the server call back handler and spring bean (cxf-servlet.xml) as per the apache cxf documentation. But still
I am getting below error executing a soap request on SOAP UI.
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="TS-14"><wsu:Created>2017-01-20T13:54:07Z</wsu:Created><wsu:Expires>2017-01-20T14:27:27Z</wsu:Expires></wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-13">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">vPFjyEznvPB8HkWDOoL7dw==</wsse:Nonce>
<wsu:Created>2017-01-20T13:54:07.244Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Below is the my servercallback handler part.
<bean id="myPasswordCallback"
class="com.firstbest.webservice.ofacimpl.ServerPasswordCallback" />
<jaxws:endpoint publish="true" id="ofacid"
implementor="com.firstbest.webservice.ofacimpl.OfacInquirySearchImpl"
address="/PerformOFACValidationWS">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackRef">
<ref bean="myPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
I have tried different solution regarding this on net. But couldn't help me much.
Below is the error:-
WARNING: Interceptor for
{http://sdawweaid1.gc.win-na.com/QBE_OFAC/Producer/BridgerInsight/WS/executeIService_SearchWS}OfacInquirySearchImplService#{http://sdawweaid1.gc.win-na.com/QBE_OFAC/Producer/BridgerInsight/WS/executeIService_SearchWS}executeIService_Search
has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: A security error was
encountered when verifying the message at
org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:233)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:317)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:171)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:80)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:252)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:180)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:218)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:274)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:401)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
at
org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
at
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
at
org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326) at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:945)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:756) at
org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218) at
org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error
was discovered processing the header at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:361)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInIntercept
I have added interceptor only in cxf_client.xml but same interceptor are invoking for incoming apis as well(i.e cxf_server). below are my changes.
Can some one please tell me why this interceptor are invoking for incoming APIs?
is it because same bus use for both server and client?
cxf_client.xml
<bean id="XCustomInterceptor" class="com.test.XCustomInterceptor"/>
<cxf:bus>
<cxf:inInterceptors>
<ref bean="XCustomInterceptor"/>
</cxf:inInterceptors>
<cxf:outInterceptors>
<ref bean="XCustomInterceptor"/>
</cxf:outInterceptors>
</cxf:bus>*
Because you are using
<cxf:inInterceptors>
<ref bean="XCustomInterceptor"/>
</cxf:inInterceptors>
Check documentation http://cxf.apache.org/docs/bus-configuration.html
inInterceptors
The interceptors contributed to inbound message interceptor chains. A list of s or s
You can use specific interceptors for inbound connection and outbound connections in server and cliente
For example, here it is the configuration of a jax-ws endpoint and client with in and out interceptors
<!-- The SOAP endpoint -->
<jaxws:endpoint
id="helloWorld"
implementor="demo.spring.HelloWorldImpl"
address="http://localhost/HelloWorld">
<jaxws:inInterceptors>
<ref bean="customInInterceptor"/>
</jaxws:inInterceptors>
<jaxws:outInterceptors>
<ref bean="customOutInterceptor"/>
</jaxws:outInterceptors>
</jaxws:endpoint>
<!-- The SOAP client bean -->
<jaxws:client id="helloClient"
serviceClass="demo.spring.HelloWorld"
address="http://localhost/HelloWorld">
<jaxws:inInterceptors>
<ref bean="customClientInInterceptor"/>
</jaxws:inInterceptors>
<jaxws:outInterceptors>
<ref bean="customClientOutInterceptor"/>
</jaxws:outInterceptors>
</jaxws:client>
I am trying to configure WSS4JInInterceptor in my cxf endpoint through camel-config.xml
Below is my camel-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- START SNIPPET: e1 -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:camel="http://camel.apache.org/schema/spring"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd">
<!-- spring property placeholder, ignore resource not found as the file resource is for unit testing -->
<context:property-placeholder location="classpath:incident.properties,file:target/custom.properties"
ignore-resource-not-found="true"/>
<!-- bean that enriches the SOAP request -->
<bean id="enrichBean" class="org.apache.camel.example.cxf.proxy.EnrichBean"/>
<bean id="loggingOutInterceptor" class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
<bean id="loggingInInterceptor" class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
<bean id="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken Timestamp"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="ws-security.is-bsp-compliant" value="false"/>
<entry key="passwordCallbackClass" value="org.apache.camel.example.cxf.proxy.UTPasswordCallback"/>
</map>
</property>
</bean>
<!-- this is the CXF web service we use as the front end -->
<cxf:cxfEndpoint id="versionService"
address="http://localhost:${proxy.port}/camel-example-cxf-proxy/webservices/versionAdapter"
endpointName="s:VersionHttpSoap11Endpoint"
serviceName="s:Version"
wsdlURL="etc/versionAdapter.wsdl"
xmlns:s="http://axisversion.sample">
<cxf:inInterceptors>
<ref bean="loggingInInterceptor"/>
<ref bean="wss4jInInterceptor"/>
</cxf:inInterceptors>
<cxf:outInterceptors>
<ref bean="loggingOutInterceptor"/>
</cxf:outInterceptors>
</cxf:cxfEndpoint>
<!-- this is the Camel route which proxies the real web service and forwards SOAP requests to it -->
<camelContext xmlns="http://camel.apache.org/schema/spring">
<!-- property which contains port number -->
<propertyPlaceholder id="properties" location="classpath:incident.properties,file:target/custom.properties"/>
<endpoint id="callRealWebService" uri="http://localhost:${real.port}/axis2/services/Version?bridgeEndpoint=true&throwExceptionOnFailure=false"/>
<route>
<!-- CXF consumer using MESSAGE format -->
<from uri="cxf:bean:versionService?dataFormat=MESSAGE"/>
<!-- log input received -->
<to uri="log:input"/>
<!-- enrich the input by ensure the incidentId parameter is set -->
<to uri="bean:enrichBean"/>
<!-- opp removing headers... testing -->
<removeHeaders pattern="*" />
<!-- send proxied request to real web service -->
<to uri="callRealWebService"/>
<!-- log answer from real web service -->
<to uri="log:output"/>
</route>
</camelContext>
</beans>
<!-- END SNIPPET: e1 -->
When i invoke my proxy webservice i am getting error. Here is the complete error trace..
INFO: Inbound Message
----------------------------
ID: 1
Address: http://localhost:9080/camel-example-cxf-proxy/webservices/versionAdapter
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml;charset=UTF-8
Headers: {accept-encoding=[gzip,deflate], connection=[keep-alive], Content-Length=[1097], content-type=[text/xml;charset
=UTF-8], Host=[localhost:9080], SOAPAction=["urn:getVersion"], User-Agent=[Apache-HttpClient/4.1.1 (java 1.5)]}
Payload: <soapenv:Envelope xmlns:axis="http://axisversion.sample" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelop
e/">
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20
0401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit
y-1.0.xsd"><wsu:Timestamp wsu:Id="TS-42"><wsu:Created>2014-11-19T12:41:10Z</wsu:Created><wsu:Expires>2014-11-19T13:14:30
Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken wsu:Id="UsernameToken-41"><wsse:Username>opp</wsse:Username><wsse:Pas
sword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">m0c8nW1n+
/jfHzwM5lHc9F3+B1g=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soa
p-message-security-1.0#Base64Binary">VUr9FAuf1J/UYWEBMdTAlA==</wsse:Nonce><wsu:Created>2014-11-19T12:41:10.455Z</wsu:Cre
ated></wsse:UsernameToken></wsse:Security></soapenv:Header>
<soapenv:Body>
<axis:getVersion/>
</soapenv:Body>
</soapenv:Envelope>
--------------------------------------
Inside UTPasswordCallback Method # UTPasswordCallback class
Wed Nov 19 18:10:33 IST 2014 Inside UTPasswordCallback()--> UTPasswordCallback Class
Nov 19, 2014 6:10:33 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor checkActions
WARNING: Security processing failed (actions mismatch)
Nov 19, 2014 6:10:33 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for {http://axisversion.sample}Version has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: An error was discovered processing the <wsse:Security> header.
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:809)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:313)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:93)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:243)
at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:261)
at org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:70)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1088)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1024)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:370)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Thread.java:722)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error was discovered processing the <wsse:Security> heade
r
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:339)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:297)
... 23 more
I am unable to figure out what this error is all about and how can i rectify this error?
Please help on this..
Please use CXF_MESSAGE data format instead of MESSAGE data format.
I have a scenario, where I want to configure a webservice security interceptor, and a UsernameTokenValidator and put this into say myws-security.jar. Which can be then be used by any webservice (be it CXF based or Spring-WS) that uses this jar. What would be the practice to deal with this scenario.
Would configuring an interceptor with org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor class , or org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor work for me in this case ?
In both Spring-WS and CXF, you typically do not provide your own WSS interceptor, you simply configure the provided interceptor with an appropriate callback handler. So in your case if you create an appropriate callback handler(based on the type of securement action), which needs to inherit from javax.security.auth.callback.CallbackHandler, this callback handler can be reused in Spring-WS and Apache CXF:
In Spring-WS you would do something along these lines:
<bean id="wss4jSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="validationCallbackHandler" ref="callBackHandler" />
<property name="validationActions" value="UsernameToken" />
</bean>
And in Apache CXF:
<jaxws:endpoint address=".." id=".." implementor="#memberendpoint">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordDigest" />
<entry key="passwordCallbackRef">
<ref bean="callBackHandler" />
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
And the common callbackhandler should work for you in both cases