JAX-WS is not injecting WebServiceContext - web-services

I created a web-service using JAX-WS and JBOSS 5.1.0. At the top of my service class I put:
#Resource
private WebServiceContext context;
But when I try to access context in any of my webservice methods, I get NullPointerException because context is null. Does anyone has an idea why JAX-WS is not setting it correctly and how to solve this problem?


Me too was getting a null. If you are using Spring, add this:
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
it worked for me.

Related

Can`t enable WS-SecurityPolice with CXF in Web Service

It`s my first project with CXF and Web Services,using Tomcat as a servlet container and my first question in StackOverflow too,so be patient with me....;-)
I'm using :
Tomcat 9 (standalone and integrated with Eclipse).
CXF (3.2.0)
JDK 1.8
Windows 7
**The problem:**WS-SecurityPolicy not enabled/ not working in the server side.
WS-SecurityPolicy is implemented in the wsdl file of the web service and the policy seems working fine,because in the client side the SOAP output message body is signed.
The problem I'm stuck is in the server side,none of the policies are applied in response.
The first issue I had was with the SOAP header "must understand=1",the server does not recognize the security headers and throws an exception.
My suspect was that the web service is not applying the policy,then to avoid the exception of the header I put a handler that does nothing whith it.
Now the server response the SOAP message but in clear form (unsigned, without the BinarySecurityTolen and other stuff),my suspect was true,the policy is not working.
I think the porblem is a misconfiguration of CXF files...
The cxf bean configuration of the web service is loaded during Tomcat's startup.
INFO: Creating Service {http://ole/wsTransaccion}WsTransaccionService from WSDL: wsdl/wsTransaccion.wsdl
....
....
INFO: Loading XML bean definitions from ServletContext resource [/WEB-INF/cxf-wsTransaccion.xml]
The cxf-wsTransaccion.xml file contains:
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://cxf.apache.org/bindings/soap http://cxf.apache.org/schemas/configuration/soap.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<bean id="myPasswordCallback"
class="implementacion.ServerKeystorePasswordCallback" />
<jaxws:endpoint xmlns:tns="http://ole/wsTransaccion" id="wsTransaccion"
implementor="implementacion.WsTransaccionImpl"
wsdlLocation="wsdl/wsTransaccion,wsdl" endpointName="tns:WsTransaccionPort"
serviceName="tns:WsTransaccionService" address="/WsTransaccionPort">
<jaxws:features>
<bean class="org.apache.cxf.feature.LoggingFeature" />
</jaxws:features>
<jaxws:properties>
<entry key="security.callback-handler">
<ref bean="myPasswordCallback"/>
</entry>
<entry key="security.encryption.properties" value="keystore.properties"/>
<entry key="security.signature.properties" value="keystore.properties"/>
<entry key="ws-security.encryption.username" value="useReqSigCert"/>
</jaxws:properties>
</jaxws:endpoint>
I think the problem coluld be in the location of the file keystore.properties, although no exception is thrown (like a java.io.FileNotFoundException) if not exists..
All examples I saw were Maven's projects ,but this is NOT A MAVEN project so I haven't the folder "resources" where properties files and keystore are placed.
I don't know the right place of keystore.properties, i think must be in the classpath ,then i put it in a package named resources with the keystore together.
The content of keystore.properties:
>org.apache.wss4j.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>org.apache.wss4j.crypto.merlin.keystore.file=server.p12
>org.apache.wss4j.crypto.merlin.keystore.type=PKCS12
>org.apache.wss4j.crypto.merlin.keystore.alias=server
>org.apache.wss4j.crypto.merlin.keystore.password=xxxxxx<br/>
Other possibility is that org.apache.wss4j.crypto.merlin.keystore.file=server.p12 is not in the right place too, although is in the same place like keystore.properties
Any suggestion would be very appreciated.
Thanks very much!!!.

The problem was here:
Tomcat console:
"WARNING: Resource classpath:./resources/policyBinding.xml was not found in the classloaders."Although policyBinding.xml is in the classpath is not properly loaded due to the following annotation in the interface of the web service:
#Policy(uri = "./resources policyBinding.xml",placement=Policy.Placement.DEFAULT)
Thank you to Alfredo (WS-Security Policy node not being generated in Apache CXF with Spring and custom context file
) i figured it out the right syntax:
#Policy(uri = "classpath:policyBinding.xml",placement=Policy.Placement.DEFAULT)

Apache ServiceMix! Request-Replay Web Service message

Hello!
I'm trying to learn some Apache Camel and Apache CXF and of course I've ran into some problems.
What I'm trying to do:
Send timed SOAP messages from ESB to some web service, wait for the reponse from the web service and process it. I'm using Apache ServiceMix!.
What I've done:
Implemented a WSDL file with two operations PingOutput (what I'm sending) and PingInput (what I want to receive from the WS).
Implemented a CXF Endpoint (http://127.0.0.1:8090/ping_ws is a WS mocked with SoapUI):
<cxf:cxfEndpoint address="http://127.0.0.1:8090/ping_ws"
id="Ping_Mocked_WS" wsdlURL="ping.wsdl">
<cxf:properties>
<entry key="dataFormat" value="PAYLOAD" />
</cxf:properties>
</cxf:cxfEndpoint>
Implemented a Camel route:
<camelContext xmlns="http://camel.apache.org/schema/spring" streamCache="true">
<route id="ping-ws">
<from uri="timer://ping_timer?fixedRate=true&period=10000"/>
<bean ref="PingBean" method="createPingRequest" />
<to uri="cxf:bean:Ping_Mocked_WS"/>
<bean ref="PingBean" method="processPingResponse" />
</route>
</camelContext>
What I do not understand:
Why the <bean ref="PingBean" method="processPingResponse" /> gets the correct response from SoapUI (the PingOutput operation defined in WSDL)?
Is this the correct way to achieve my goal? And by this way I mean with one single route?
The codes work correctly, I might have some typos here, please do not mind them.
Thanks!

Ad 1)
Likely because the type defined in the method signature of the processPingResponse method. Camel uses bean parameter binding, and based on the type, it uses its type converter to convert to the given type.
And as the payload is a SOAP response in XML it can use JAXB to convert from XML to the type from the method signature.
To do so it uses camel-jaxb which ServiceMix comes with out of the box.
Ad2)
The route works. What it is you want to do differently?

Spring 3 MVC + Web Services (JAX-WS)

We have a Spring 3 MVC webapplication, and we are trying to expand it with Web Services.
I have now tried with JAX-WS Web-services, annotating WebService and WebMethod on the appropriate places.
I do have a dispatcher mapped in my web.xml. This is the standard spring DispatcherServlet. And its config: dispatcher-servlet.xml is working perfectly fine for the MVC stuff.
The problem comes when I try to expose the WebServices. I do this by adding the following bean to the dispatcher-servlet.xml:
<bean class="org.springframework.remoting.jaxws.SimpleJaxWsServiceExporter">
<property name="baseAddress" value="http://localhost:8080/service/" />
</bean>
If this bean is added. Then the WebServices works perfectly, but all the MVC stuff stops working.
So my second try was to create 2 dispatchers. One named mvc-dispatcher and one webservice-dispatcher. Each of them mapped to respectivly /mvc and /ws. And then put only the SimpleJaxWsServiceExporter in the webservice-config and only the standard MVC stuff in the other one.
But still the same problems.
I can only get the MVC to work if I disable/comment-out the web-service dispatcher.
I cant belive this is supposed to be so complicated... What am I not getting?
Any help would be greatly appriciated.
I cant find any decent tutorials doing JAX-WS and spring 3 MVC...
Thanks in advance!

I'm assuming by dispatcher you mean a spring dispatcher, I'd recommend against that. Just have the JAX-WS be a different servlet on it's own, i.e.
https://cxf.apache.org/docs/a-simple-jax-ws-service.html
Then if you need to allow Spring beans to be injected extend SpringBeanAutowiringSupport as in this example.
How to make an #WebService spring aware
Hope this helps!

You can use Apache CXF that implements the JAXWS Specification has a very good integration with Spring, actually CXF use behind the scenes Spring.
In practice you could proceed in this way:
in your web.xml you have configure the cxf servlet as below
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
....
<servlet>
<description>Apache CXF Endpoint</description>
<display-name>cxf</display-name>
<servlet-name>cxf</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>cxf</servlet-name>
<url-pattern>/ws/*</url-pattern>
</servlet-mapping>
</web-app>
Apache CXF configuration
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xmlns:jaxrs="http://cxf.apache.org/jaxrs"
xmlns:soap="http://cxf.apache.org/bindings/soap"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/jaxrs
http://cxf.apache.org/schemas/jaxrs.xsd
http://cxf.apache.org/bindings/soap
http://cxf.apache.org/schemas/configuration/soap.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath*:META-INF/cxf/cxf-extension-*.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
<jaxws:endpoint
id="yourService"
implementor="#yourService"
address="/yourAddres">
</jaxrs:server>
</beans>
your bean
#Service
#WebService(serviceName = "soapSvnClientService")
public class SoapSvnClientService {
#WebMethod(operationName = "service")
public void service(#WebParam String param1,
#WebParam String param2){
....
}
}
I hope that this can help you

Securing Web Service communication with SSL using CXF

I am trying to secure communications via SSL/TLS for one of our Web Service using CXF 2.2.5.
I am wondering how to update client and server Spring configuration file to activate this feature.
I found some information on CXF's website (CXF Wiki) for the client configuration, here is the given example:
<http:conduit name="{http://apache.org/hello_world}HelloWorld.http-conduit">
<http:tlsClientParameters>
<sec:keyManagers keyPassword="password">
<sec:keyStore type="JKS" password="password"
file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="password"
file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
<http:authorization>
<sec:UserName>Betty</sec:UserName>
<sec:Password>password</sec:Password>
</http:authorization>
<http:client AutoRedirect="true" Connection="Keep-Alive"/>
</http:conduit>
Concerning this configuration, the
Concerning the server side configuration I am unable to launch the server properly, here is the configuration I have:
<http:destination name="{urn:ihe:iti:xds-b:2007}DocumentRepository_Port_Soap12.http-destination">
</http:destination>
<httpj:engine-factory>
<httpj:engine port="9043">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="changeit">
<sec:keyStore type="JKS" password="changeit" file="security/keystore.jks" />
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="changeit" file="security/cacerts.jks" />
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!--
these filters ensure that a ciphersuite with export-suitable or null encryption is used, but exclude
anonymous Diffie-Hellman key change as this is vulnerable to man-in-the-middle attacks
-->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
<sec:clientAuthentication want="true" required="true" />
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>
But when I run my application server (JOnas) with this configuration I have the following error message:
Line 20 in XML document from ServletContext resource [/WEB-INF/beans.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'httpj:engine-factory'.
Do you guys know how to solve this issue?
Thanks in advance,

It sounds like you are missing a namespace declaration or you have fat-fingered your XML. This is likely more of a Spring related issue than a CXF issue.
Check that the following items appear on your beans element where you declare httj:engine-factory:
<beans
...
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
...
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
...">
<import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-http-jetty.xml" />
Check that the CXF Jetty Transport JAR is in your classpath at runtime.
If you add the declaration and the schema location to your context file in your IDE (at least in Eclipse with the Spring plug-ins and IDEA) you should get schema validation right in your IDE so you can easily find any mistakes you make and take advantage of auto-completion.

Setting a asp.net 2.0 webmethod as a GET method

But default you have to issue an HTTP POST to any web method in an asp.net 2.0 web service. How do u call a web method with HTTP GET alone. In some cases I'd also want to pass arguments to an HTTP GET method. Is this possible in the context of web services?

The accepted answer does not answer the question perfectly since you need the ASP.NET AJAX extensions for the suggested decoration to work in 2.0.
The easiest alternative to support both GET and POST for a 2.0 webservice is to setup these in web.config:
<system.web>
<webServices>
<protocols>
<add name="HttpPost" />
<add name="HttpGet" />
</protocols>
</webServices>
</system.web>

[ScriptMethod(UseHttpGet = true)]
You can use the above to make the webmethod support GET
http://www.asp.net/ajax/tutorials/understanding-asp-net-ajax-web-services