[
http://jira.codehaus.org/browse/XFIRE-900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_90118
]
Raphaël Corre commented on XFIRE-900:
-------------------------------------
Using Xfire 1.2.4, I've succeeded doing this with a services.xml. The problem
is that on service side, I throw a FaultInfoException with a detail, and on
client side I catch a XFireRuntimeException without this detail. No way to get
the detail exception !
The second problem is that using Xfire 1.2.5, there is a regression =>I have
the message : Unexpected EOF in prolog
at [row,col {unknown-source}]: [1,0]
Differences between my tests in 1.2.4 and 1.2.5 : wss4j-1.5.0.jar =>
wss4j-1.5.1.jar, xbean-spring-2.7.jar => xbean-spring-2.8.jar,
xfire-all-1.2.4.jar =>xfire-all-1.2.5.jar
Conclusion : there are 2 problems (bugs ?)
My services.xml :
<beans xmlns="http://xfire.codehaus.org/config/1.0";>
<xfire>
<inHandlers>
<handler
handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
<bean
class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
<property name="properties">
<props>
<prop
key="action">Signature</prop>
<prop
key="signaturePropFile">service.properties</prop>
<prop
key="passwordCallbackClass">net.xxx.astral.handler.PasswordHandler</prop>
</props>
</property>
</bean>
<handler
handlerClass="net.xxx.astral.handler.SecurityHandler" />
</inHandlers>
<outHandlers>
<handler
handlerClass="org.codehaus.xfire.util.dom.DOMOutHandler" />
<bean
class="org.codehaus.xfire.security.wss4j.WSS4JOutHandler" xmlns="">
<property name="properties">
<props>
<prop
key="action">Signature</prop>
<prop
key="signaturePropFile">service.properties</prop>
<prop
key="signatureKeyIdentifier">DirectReference</prop>
<prop
key="passwordCallbackClass">net.xxx.astral.handler.PasswordHandler</prop>
<prop key="user">wsopcvm</prop>
</props>
</property>
</bean>
</outHandlers>
<faultHandlers>
<handler
handlerClass="org.codehaus.xfire.util.dom.DOMOutHandler" />
<bean
class="org.codehaus.xfire.security.wss4j.WSS4JOutHandler" xmlns="">
<property name="properties">
<props>
<prop
key="action">Signature</prop>
<prop
key="signaturePropFile">service.properties</prop>
<prop
key="signatureKeyIdentifier">DirectReference</prop>
<prop
key="passwordCallbackClass">net.xxx.astral.handler.PasswordHandler</prop>
<prop key="user">wsopcvm</prop>
</props>
</property>
</bean>
</faultHandlers>
</xfire>
<service>
<name>Patrimoine</name>
<namespace>http://astral.xxx.net/Patrimoine</namespace>
<serviceClass>net.xxx.astral.service.PatrimoineImpl</serviceClass>
<serviceFactory>jsr181</serviceFactory>
</service>
</beans>
> Fault with Ws-Security : message not signed, when an exception is thrown by
> the service
> ---------------------------------------------------------------------------------------
>
> Key: XFIRE-900
> URL: http://jira.codehaus.org/browse/XFIRE-900
> Project: XFire
> Issue Type: Bug
> Components: Core
> Affects Versions: 1.2.4
> Environment: Windows 2000, Tomcat 5.5, Java 1.5
> Reporter: Raphaël Corre
> Assigned To: Tomasz Sztelak
> Fix For: 1.2.5
>
> Attachments: services.xml, XfireTest.java
>
>
> I have followed the instructions found in page
> http://xfire.codehaus.org/WS-Security to sign my messages from client to
> service and from service to client, and it works fine ! But when an exception
> is thrown by the service, the message is not signed, and the following stack
> trace is displayed by the client :
> org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested
> exception is org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request
> does not contain required Security header
> org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:92)
> org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
> $Proxy12.rechercherPatrimoine(Unknown Source)
> net.gicm.astral.test.XfireTest.test(XfireTest.java:65)
> org.apache.jsp.index_jsp._jspService(index_jsp.java:48)
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:334)
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> You can find client code + service.xml in attachment.
> I have tried to add a <faultHandlers> in service.xml, but it doesn't work.
> Below what i have added in service.xml, but without success :
> <faultHandlers>
> <handler
> handlerClass="org.codehaus.xfire.util.dom.DOMOutHandler" />
> <bean
> class="org.codehaus.xfire.security.wss4j.WSS4JOutHandler" xmlns="">
> <property name="properties">
> <props>
> <prop
> key="action">Signature</prop>
> <prop
> key="signaturePropFile">service.properties</prop>
> <prop
> key="signatureKeyIdentifier">DirectReference</prop>
> <prop
> key="passwordCallbackClass">net.gicm.astral.handler.PasswordHandler</prop>
> <prop key="user">Service</prop>
> </props>
> </property>
> </bean>
> </faultHandlers>
> It is the same problem that is described in
> http://www.nabble.com/ws-security--exception-fault-handling-tf2241051.html#a6215424.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
