We Keep Coding

X509 Authentication Issue

I am working a web service using Spring WS. I get the...
WSS0258: More Receiver requirements specified than present in the message
...for a Consumer call as shown below with a X509 Certificate (issued from a central system Desmon).
I do not have much experience working with WS-Security. Therefore need some help to set my security policy file and further hints.
I would really appreciate any hints/help.
Consumer Call
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://app.sample.com/customermanagement/btc/service" xmlns:acc="http://app.sample.com/customermanagement/btc/schema/accountslinkingobject">
<soapenv:Header xmlns:header="http://com.sample.app.japi">
<header:ApplicationID>XX</header:ApplicationID>
<header:CallID>XX1</header:CallID>
<wsse:Security soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="DESMONCertificate" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">REMOVED MORA THAN 2000 BYTES OF CERTIFICATE CONTENT</wsse:BinarySecurityToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>.......</soapenv:Body>
</soapenv:Envelope>
And this is my security policy file and interceptors:
Security File
<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config" dumpMessages="true">
<xwss:RequireSignature requireTimestamp="false">
<xwss:X509Token keyReferenceType="Direct" />
</xwss:RequireSignature>
</xwss:SecurityConfiguration>
Java code from Spring Configuration file
#Bean
public XwsSecurityInterceptor securityInterceptor() {
XwsSecurityInterceptor result = new XwsSecurityInterceptor();
result.setCallbackHandler(callbackHandler());
result.setPolicyConfiguration(new ClassPathResource("security-policy.xml"));
return result;
}
#Bean SpringCertificateValidationCallbackHandler callbackHandler() {
SpringCertificateValidationCallbackHandler handler = new SpringCertificateValidationCallbackHandler();
handler.setAuthenticationManager(authenticationManager());
return handler;
}
#Bean
public ProviderManager authenticationManager() {
ProviderManager pm = new ProviderManager(providers());
return pm;
}
#Bean
public List<AuthenticationProvider> providers() {
X509AuthenticationProvider provider = new X509AuthenticationProvider();
provider.setX509AuthoritiesPopulator(new X509AuthoritiesPopulator() {
#Override
public UserDetails getUserDetails(X509Certificate cert) throws AuthenticationException {
log.info("Got a Certificate: "+cert.toString());
return null;
}
});
List<AuthenticationProvider> list = new ArrayList<AuthenticationProvider>();
list.add(provider);
return list;
}
Thanks a lot in advance!

adding security details to soap header in spring client

I am trying to consume SOAP (external system) web service using Spring WS template as client.
I need to pass header information(security details) as header along with the soap message.
I tried adding that information into Header using java xml SOAPMessage(javax.xml.soap.SoapMessage) and trying to convert it into spring SOAPMessage(org.springframework.ws.soap.SoapMessage) later after adding header details.
but its not able to cast it, getting class cast exception as both of them are not in heirarchy.
please help me on how to pass security details on header info in spring soap message
My code is as below
public void doWithMessage(WebServiceMessage message) throws IOException,
TransformerException
SaajSoapMessage saajSoapMessage =(SaajSoapMessage)message;
SOAPMessage soapMessage = saajSoapMessage.getSaajMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
SOAPHeader soapHeader = soapEnvelope.getHeader();
Name headerElementName = soapEnvelope.createName("Security","wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
// Add "Security" soapHeaderElement to soapHeader
SOAPHeaderElement soapHeaderElement = soapHeader.addHeaderElement(headerElementName);
// This may be important for some portals!
soapHeaderElement.setActor(null);
// Add usernameToken to "Security" soapHeaderElement
SOAPElement usernameTokenSOAPElement = soapHeaderElement.addChildElement("UsernameToken");
// Add username to usernameToken
SOAPElement userNameSOAPElement = usernameTokenSOAPElement.addChildElement("Username");
userNameSOAPElement.addTextNode("myUserName");
// Add password to usernameToken
SOAPElement passwordSOAPElement = usernameTokenSOAPElement.addChildElement("Password");
passwordSOAPElement.addTextNode("myPassword");
((SoapMessage) soapMessage).setSoapAction("GetMetaDataLookUpRequestType");//exception while casting
}
And my request xml is as below
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://emc.com/it/enterprise/contract/CMCContractLookupService/v1" xmlns:v11="http://emc.com/it/enterprise/data/v1">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-20">
<wsse:Username>xxxx</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxx</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<v1:GetContractMetaDataLookUpRequest>
<v11:GetMetaDataLookUpRequestDocument>
<v11:ContractID>123456</v11:ContractID>
<v11:BadgeID>1</v11:BadgeID>
</v11:GetMetaDataLookUpRequestDocument>
</v1:GetContractMetaDataLookUpRequest>
</soapenv:Body>
</soapenv:Envelope>
I need help mainly on how can i add that header info(as shown in above xml request) into soap header message.
help is greatly appreciated. thank you.

This should be saajSoapMessage.setSoapAction("GetMetaDataLookUpRequestType") instead of ((SoapMessage)soapMessage).setSoapAction("GetMetaDataLookUpRequestType").

Kerberos Authentication header for JAX-WS client

I am generating my web service using ws-import to connect to an aspx service that I have secured with Kerberos on IIS.
I am able to connect and authenticate fine when I just connect to the service using a SOAPConnection
final SOAPConnection conn = SOAPConnectionFactory.newInstance().createConnection();
try {
final MessageFactory msgFactory = MessageFactory.newInstance();
final SOAPMessage message = msgFactory.createMessage();
final MimeHeaders headers = message.getMimeHeaders();
if (spnegoToken != null) {
headers.addHeader("SOAPAction", "http://tempuri.org/HelloWorld");
headers.addHeader("Authorization", "Negotiate " + Base64.encode(spnegoToken));
}
message.getSOAPBody().addBodyElement(new QName("http://tempuri.org/", "HelloWorld", "tem"));
final SOAPMessage response = conn.call(
message, "http://server:9994/WebService/SampleService.asmx");
return response.getSOAPBody().getTextContent();
} finally {
conn.close();
}
However I am unable to add an Authorization header to the JAXWS generated WS in the same way:
final SampleServiceSoap sss= new SampleService().getSampleServiceSoap();
((BindingProvider) sss).getRequestContext().put(
"Authorization", "Negotiate " + Base64.encode(spnegoToken));
return sss.helloWorld();
I get a 401 error as the token as I cannot see the token attached in Wireshark.
Can anyone point me at the approach I should take?
Cheers,
Barry

Sorted, turns out I was pretty close:
final Map<String, List<String>> headers = new HashMap<String, List<String>>();
headers.put("Authorization", Collections.singletonList("Negotiate " + Base64.encode(tgt)));
((BindingProvider) sss).getRequestContext().put(MessageContext.HTTP_REQUEST_HEADERS, headers);

Unable to get collection response from cxf rest web service

I am trying to get java.util.List as response from cxf rest web service.
I have tried with WebClient class's method postObjectGetCollection method but no luck.
I am getting - org.apache.cxf.jaxrs.client.ClientWebApplicationException: .No message body reader has been found for class : interface java.util.Collection, ContentType : application/json.
Below are my client code-
String mediaType = "application/json";
if (url != null) {
List<DataTypeDTO> resultdtos = new ArrayList<DataTypeDTO>();
WebClient client = WebClient.create(url);
client = client.accept(mediaType).type(mediaType).path(uri);
resultdtos = (List<DataTypeDTO>)client.getCollection(DataTypeDTO.class);
System.out.println(resultdtos);
}
Please help me out if i am missing any configuration or other things.

You need to provide the provider list while creating the webClient object in your rest client.
You can use the below code to resolve your issue:
final String url = "http://localhost:10227/someService";
final String uri = "/manageXyz/fetchAllDataTypes";
final String mediaType = "application/json";
Object response = null;
List<Object> providers = new ArrayList<Object>();
providers.add( new JacksonJaxbJsonProvider() );
WebClient client = WebClient.create(url, providers);
client = client.accept(mediaType).type(mediaType).path(uri);
response = (List<Object>)client.post(oemUser, List.class);
If you are using maven, you also need to provide below required jars to resolve maven dependency in your project:
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-jaxrs</artifactId>
<version>1.5.4</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-core-asl</artifactId>
<version>1.9.13</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-xc</artifactId>
<version>1.9.13</version>
</dependency>

Making a call to a web service through a java client

I have a web service running on my local apache tomcat. I can successfully talk to it via SoapUI. However, when I write a client in Java, it does not give me a response !
Here is the client code:
SOAPConnectionFactory myFct = SOAPConnectionFactory.newInstance();
SOAPConnection myCon = myFct.createConnection();
MessageFactory myMsgFct = MessageFactory.newInstance();
SOAPMessage message = myMsgFct.createMessage();
SOAPPart mySPart = message.getSOAPPart();
SOAPEnvelope myEnvp = mySPart.getEnvelope();
SOAPBody body = myEnvp.getBody();
Name bodyName = myEnvp.createName("Ping", "ws","http://ws.myeclipseide.com/");
SOAPBodyElement gltp = body.addBodyElement(bodyName);
Name myContent1 = myEnvp.createName("arg0");
SOAPElement mySymbol1 = gltp.addChildElement(myContent1);
mySymbol1.addTextNode("test");
message.saveChanges();
URLEndpoint endPt = new URLEndpoint("http://localhost:8080/PingWebService/StringPingPort?WSDL");
SOAPMessage reply = myCon.call(message, endPt);
myCon.close();
System.out.println("Response: "+reply.getContentDescription());
The call through soapUI looks like this:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ws="http://ws.myeclipseide.com/">
<soapenv:Header/>
<soapenv:Body>
<ws:Ping>
<!--Optional:-->
<arg0>testing this</arg0>
</ws:Ping>
</soapenv:Body>
</soapenv:Envelope>
Any idea why it would not work through java???

Does not work
Exception, error message, no call,... ?
At first glance, I cannot see anything obvious but since you are using Eclipse, activate the TCP Monitor under Eclipse, issue your call by running you program from Eclipse and check what is sent on the wire.

getContentDescription() "Returns: a String describing the content of this message or null if no description has been set" and NOT the content of your message.
Try this:
ByteArrayOutputStream out = new ByteArrayOutputStream();
reply.writeTo(out);
System.out.println("Response: "+out.toString());