It LOOKS like the WSS4JOutInterceptor isn't being added to the client side as 
there isn't a security header in the message going out.   From the code, you 
are adding the SAAJOut stuff, but not the WSS4JOut.   Is that as intended?


On Sun June 28 2009 12:21:24 pm rahul.soa wrote:
> Hello Devs,
> First of all, I apologize if the below questions are trivial.
> I need some help in setting basic usernameToken Property for Geronimo (for
> CXF). I did add the username token property elements in the schema  and
> generated the required classes by mvn install. And Geronimo is able to
> accept this "usertoken" element which users define in the geronimo-web.xml.
> (but I think I have not well configured this in Geronimo)
> <service-ref>
>   <service-ref-name>services/HelloWorld</service-ref-name>
>   <port>
>      <port-name>HelloWorldImplPort</port-name>
>      <protocol>http</protocol>
>      <host>localhost</host>
>      <port>8080</port>
>      <uri>/ServiceG/HelloWorld</uri>
>     * <usertoken>
>        <username>ws-client</username>
>        <password>password</password>
>      </usertoken>*
>    </port>
> </service-ref>
> * I am testing it with a servlet client which is trying to access the
> secured service (with username and password) running on tomcat server.
> Here is the servlet client code:
> public class HelloServlet extends HttpServlet {
>     public void doGet (HttpServletRequest req,
>             HttpServletResponse res)
>     throws ServletException, IOException
>     {
>         PrintWriter out = res.getWriter();
> try {
>         InitialContext ic=new InitialContext();
>          Service service;
>          service = (Service)ic.lookup("java:comp/env/services/HelloWorld");
>          QName svcQname=new QName("http://service.web/
> ","HelloWorldImplPort");
>        HelloWorld hw=service.getPort(HelloWorld.class);
>          String greeting=hw.sayHi("Rahul");
>         out.println(greeting);
>         } catch (NamingException e) {
>             // TODO Auto-generated catch block
>             e.printStackTrace();
>         }
>         out.close();
>     }
> }
> Now, I am coding to configure this above ws-security userToken propery with
> CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
> configure this. I am trying to write a CXF specific PortMethodInterceptor
> class extended from  (jaxws's PortMethodInterceptor) but not sure what CXF
> apis I can use to configure the usertoken.
> I start with the received error (pasted from geronimo.log) with some debug
> statements:
> ....
> ...
> 2009-06-28 16:41:17,632 INFO  [BusApplicationContext] Bean factory for
> application context
> [org.apache.cxf.bus.spring.busapplicationcont...@1ccad1e]:
> 2009-06-28 16:41:18,006 INFO  [DefaultListableBeanFactory]
> Pre-instantiating singletons in
>: defining beans
> [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp
>olicy.UsingAddressingAssertionBuilder]; root of factory hierarchy
> *2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
> getPortMethodInterceptor, called from CXFServiceReference:
> 2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
> seiInfoMap.values()  ![http://localhost:8080/ServiceG/HelloWorld null false
> ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
> ws-client password]
> 2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing service
> with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl {
> http://service.web/}HelloWorldImplService
> 2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in intercept
> method of CXFPortMethodInterceptor!
> 2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
> passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
> 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set address property:
> http://localhost:8080/ServiceG/HelloWorld
> *2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> property: ws-client
> 2009-06-28 16:41:20,677 DEBUG [PortMethodInterceptor] Set username
> property: password*
> 2009-06-28 16:41:20,677 DEBUG [CXFPortMethodInterceptor] Am I doing right!
> 2009-06-28 16:41:21,010 INFO  [SAAJFactoryFinder] Default SAAJ universe not
> set
> 2009-06-28 16:41:22,947 ERROR [log] /invoke/hello
> An error was discovered processing
> the <wsse:Security> header
>     at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
>     at $Proxy66.sayHi(Unknown Source)
>     at HelloServlet.doGet(
>     at javax.servlet.http.HttpServlet.service(
>     at javax.servlet.http.HttpServlet.service(
>     at
> org.eclipse.jetty.servlet.ServletHolder.handle(
>     at
> org.apache.geronimo.jetty7.InternalJettyServletHolder.handle(InternalJettyS
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(
>     at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(
>8) at
> org.eclipse.jetty.server.session.SessionHandler.handle(
>179) at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.jav
>a:928) at
> org.eclipse.jetty.servlet.ServletHandler.doScope(
>     at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(
>:862) at
> org.apache.geronimo.jetty7.handler.TwistyWebAppContext.doScope(TwistyWebApp
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(
>6) at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHan
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection
>.java:126) at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(
>115) at org.eclipse.jetty.server.Server.handle(
>     at
> org.eclipse.jetty.server.HttpConnection.handleRequest(
>57) at
> org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpC
> at
> org.eclipse.jetty.http.HttpParser.parseNext( at
> org.eclipse.jetty.http.HttpParser.parseAvailable( at
> org.eclipse.jetty.server.HttpConnection.handle(
>     at
>va:438) at org.apache.geronimo.pool.ThreadPool$ at
> org.apache.geronimo.pool.ThreadPool$
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.j
>ava:886) at
> java.util.concurrent.ThreadPoolExecutor$
>908) at
> Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
> processing the <wsse:Security> header
>     at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
>ault( at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
>age( at
> org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
>age( at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> at
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab
> at
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
>( at
> org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
>( at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> at
> org.apache.cxf.endpoint.ClientImpl.onMessage( at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>eInternal( at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>e( at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
> at
> org.apache.cxf.transport.AbstractConduit.close(
>     at
> org.apache.cxf.transport.http.HTTPConduit.close( at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
>rceptor.handleMessage( at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
> at
> org.apache.cxf.endpoint.ClientImpl.invoke( at
> org.apache.cxf.endpoint.ClientImpl.invoke( at
> org.apache.cxf.endpoint.ClientImpl.invoke( at
> org.apache.cxf.frontend.ClientProxy.invokeSync( at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
>     ... 29 more
> 2009-06-28 17:11:14,685 INFO  [XSRFHandler] Removed destroyed
> sessionId=jm4124n35l4g
> 2009-06-28 17:11:14,687 INFO  [XSRFHandler] Removed destroyed
> sessionId=jm4124n35l4g
> Here is the send/receive messages (caught by tcpmonitor tool) - expected
> with ws-security usertoken header
> <soap:Envelope
> xmlns:soap="";><soap:Body><ns2:sayH
>i xmlns:ns2="http://service.web/
> "><arg0>Rahul</arg0></ns2:sayHi></soap:Body></soap:Envelope>
> <soap:Envelope
> xmlns:soap="";><soap:Body><soap:Fau
>lt><faultcode xmlns:ns1="
>.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An error was discovered
> processing the &lt;wsse:Security>
> header</faultstring></soap:Fault></soap:Body></soap:Envelope>
> - >I have set the usernameToken property in
> org.apache.geronimo.jaxws.client.EndpointInfo and
> org.apache.geronimo.jaxws.builder.EndpointBuilder.
> -> I have put some usertoken specific code in the PortMethodInterceptor
> class (org.apache.geronimo.jaxws.client.PortMethodInterceptor) to set the
> username and password.
> ...
> ....
>  String username = info.getUserName();
>         if (username != null) {
> proxy.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
>             LOG.debug("Set username property: " + username);
>         }
>         String password = info.getPassword();
>         if (password != null) {
> proxy.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
>             LOG.debug("Set username property: " + password);
>         }
> ...
> and here is my cxf specific CXFPortMethodInterceptor, I am not sure its
> well written. I need help in this, about how to use the cxf specific apis
> to set the properties.
> org.apache.geronimo.cxf.CXFPortMethodInterceptor
> public class CXFPortMethodInterceptor extends PortMethodInterceptor {
>     private static final Logger LOG =
> LoggerFactory.getLogger(CXFPortMethodInterceptor.class);
>     public CXFPortMethodInterceptor(Map<Object, EndpointInfo> seiInfoMap) {
>         super(seiInfoMap);
>        LOG.debug("View the seiInfoMap.values()  !" + seiInfoMap.values());
>     }
>     public Object intercept(Object target, Method method, Object[]
> arguments, MethodProxy methodProxy) throws Throwable {
>         LOG.debug("I am in intercept method of CXFPortMethodInterceptor!");
>         Object proxy = super.intercept(target, method, arguments,
> methodProxy);
>         BindingProvider cxfProxy = (BindingProvider) proxy;
>         //To cast a client proxy to a CXF client:
>         org.apache.cxf.endpoint.Client client =
>             org.apache.cxf.frontend.ClientProxy.getClient(cxfProxy);
>        // testiing : used due to "No security action was defined." error
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor
> soapInterceptor =
>             new
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor();
>         org.apache.cxf.endpoint.Endpoint cxfEndpoint =
> client.getEndpoint();
> cxfEndpoint.getOutInterceptors().add(soapInterceptor);
>         cxfEndpoint.getOutInterceptors().add(new
> org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor());
>         LOG.debug("Am I doing right!");
>         return proxy;
>     }
>  }
> I am 100% sure, I am making some (or lot of) mistakes in the above code and
> I need help to get it fix.
> Can you please guide me in this? I apologize if its a trivial problem.
> I am stuck here. I think if i get thru with this then i wil have good idea
> about usage of cxf specific apis and can easily set other properties (like
> X.509 etc)
> Many Thanks in advance for your help.
> PS: sorry for long email.
> Best Regards,
> Rahul

Daniel Kulp

