[gsoc] SOAP over JMS
Hello Devs, I am interested to work on the implementation of SOAP over JMS project. I have already worked on the web services and ws-specification in past and want to contribute in making Apache CXF complaint to SOAP/JMS specification. Looking forward to hearing from you. Thank you. Best Regards, Rahul
Re: [gsoc] SOAP over JMS
Hello Daniel, Thanks for your reply. No problem about the proposal on 'SOAP over JMS' as you probably know I am getting into ws-security support project for Apache Geronimo. And that project also has a big dependencies on CXF so will be discussing some stuff with you in future. Moreover, I will also see other nice ideas on CXF soon (if time permits as deadline is very close) for making my chance higher to get a project for this summer. Many Thanks for your kind support. Best Regards, Rahul On Mon, Mar 30, 2009 at 10:41 PM, Daniel Kulp wrote: > > I do know there is at least one other student looking into this and has > started a proposal: > http://wiki.apache.org/general/soc2009-soapjms-proposal > > There have been 2 other students that have asked about it as well (that I've > then pointed to this dev list). > > I'm really not sure what the GSoC policy is in regards to multiple submissions > for a project. Something I'll need to research. However, there are a > bunch of other good ideas at: > http://wiki.apache.org/general/SummerOfCode2009#cxf-project > > :-) > > Dan > > > > On Sat March 28 2009 9:45:55 pm rahul.soa wrote: >> Hello Devs, >> >> I am interested to work on the implementation of SOAP over JMS >> project. I have already worked on the web services and >> ws-specification in past and want to contribute in making Apache CXF >> complaint to SOAP/JMS specification. >> >> Looking forward to hearing from you. >> >> Thank you. >> >> Best Regards, >> Rahul > > -- > Daniel Kulp > dk...@apache.org > http://www.dankulp.com/blog >
[Build Error] Missing Artifact
Hello Devs, I am trying to build Apache CXF, checking out from here svn co http://svn.apache.org/repos/asf/cxf/trunk I am getting the following error while running with -e option. Could you please help me in this? Many Thanks. Rahul *//quote* Downloading: http://people.apache.org/repo/m2-incubating-repository/org/apache/abdera/abdera-i18n/0.4.0-incubating/abdera-i18n-0.4.0-incubating.jar 595K downloaded Downloading: http://repo1.maven.org/maven2/org/apache/abdera/abdera-i18n/0.4.0-incubating/abdera-i18n-0.4.0-incubating.jar [INFO] [ERROR] BUILD ERROR [INFO] [INFO] Failed to resolve artifact. Missing: -- 1) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating Try downloading the file manually from the project website. Then, install it using the command: mvn install:install-file -DgroupId=org.apache.abdera -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar -Dfile=/path/to/file Alternatively, if you host your own repository you can deploy the file there: mvn deploy:deploy-file -DgroupId=org.apache.abdera -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id] Path to dependency: 1) org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT 2) org.apache.abdera:abdera-core:jar:0.4.0-incubating 3) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating -- 1 required artifact is missing. for artifact: org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT from the specified remote repositories: apache.incubating (http://people.apache.org/repo/m2-incubating-repository ), ibiblio.org (http://repo1.maven.org/maven2), maven2-repository.dev.java.net (http://download.java.net/maven/2/), apache.org (http://people.apache.org/repo/m2-snapshot-repository) [INFO] [INFO] Trace org.apache.maven.lifecycle.LifecycleExecutionException: Missing: -- 1) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating Try downloading the file manually from the project website. Then, install it using the command: mvn install:install-file -DgroupId=org.apache.abdera -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar -Dfile=/path/to/file Alternatively, if you host your own repository you can deploy the file there: mvn deploy:deploy-file -DgroupId=org.apache.abdera -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id] Path to dependency: 1) org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT 2) org.apache.abdera:abdera-core:jar:0.4.0-incubating 3) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating -- 1 required artifact is missing. for artifact: org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT from the specified remote repositories: apache.incubating (http://people.apache.org/repo/m2-incubating-repository ), ibiblio.org (http://repo1.maven.org/maven2), maven2-repository.dev.java.net (http://download.java.net/maven/2/), apache.org (http://people.apache.org/repo/m2-snapshot-repository) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:575) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecycle(DefaultLifecycleExecutor.java:499) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoal(DefaultLifecycleExecutor.java:478) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalAndHandleFailures(DefaultLifecycleExecutor.java:330) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeTaskSegments(DefaultLifecycleExecutor.java:291) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:142) at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:336) at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:129) at org.apache.maven.cli.MavenCli.main(MavenCli.java:287) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.codehaus.classworlds.Launcher.launchEnhanced(Launcher.java:315) at org.codehaus.classworlds.Launcher.launch(Launcher.java:255) at org.codehaus.classworlds.Launcher.mainWithExitCode(Launcher.java:430) at org.codehaus.classworlds.Launcher.main(Launcher.java:375) Caused by: org.apache.maven.artifact.resolver.MultipleArtifactsNotFoundException: Missing: -- 1) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating Try downloading the file manually from the project web
Re: [Build Error] Missing Artifact
Thanks Sergey! You are right. It works now. Best Regards, Rahul On Tue, May 5, 2009 at 3:34 PM, Sergey Beryozkin wrote: > Hi > > > http://people.apache.org/repo/m2-incubating-repository/org/apache/abdera/abdera-i18n/0.4.0-incubating/ > > contains this jar - may be it was a transient error ? > > cheers, Sergey > > > ----- Original Message - From: "rahul.soa" > To: > Sent: Monday, May 04, 2009 9:47 PM > Subject: [Build Error] Missing Artifact > > > Hello Devs, >> >> I am trying to build Apache CXF, checking out from here >> >> svn co http://svn.apache.org/repos/asf/cxf/trunk >> >> I am getting the following error while running with -e option. Could you >> please help me in this? >> >> Many Thanks. >> Rahul >> >> >> *//quote* >> >> Downloading: >> >> http://people.apache.org/repo/m2-incubating-repository/org/apache/abdera/abdera-i18n/0.4.0-incubating/abdera-i18n-0.4.0-incubating.jar >> 595K downloaded >> Downloading: >> >> http://repo1.maven.org/maven2/org/apache/abdera/abdera-i18n/0.4.0-incubating/abdera-i18n-0.4.0-incubating.jar >> [INFO] >> >> [ERROR] BUILD ERROR >> [INFO] >> >> [INFO] Failed to resolve artifact. >> >> Missing: >> -- >> 1) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating >> >> Try downloading the file manually from the project website. >> >> Then, install it using the command: >> mvn install:install-file -DgroupId=org.apache.abdera >> -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar >> -Dfile=/path/to/file >> >> Alternatively, if you host your own repository you can deploy the file >> there: >> mvn deploy:deploy-file -DgroupId=org.apache.abdera >> -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar >> -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id] >> >> Path to dependency: >> 1) org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT >> 2) org.apache.abdera:abdera-core:jar:0.4.0-incubating >> 3) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating >> >> -- >> 1 required artifact is missing. >> >> for artifact: >> org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT >> >> from the specified remote repositories: >> apache.incubating ( >> http://people.apache.org/repo/m2-incubating-repository >> ), >> ibiblio.org (http://repo1.maven.org/maven2), >> maven2-repository.dev.java.net (http://download.java.net/maven/2/), >> apache.org (http://people.apache.org/repo/m2-snapshot-repository) >> >> >> [INFO] >> >> [INFO] Trace >> org.apache.maven.lifecycle.LifecycleExecutionException: Missing: >> -- >> 1) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating >> >> Try downloading the file manually from the project website. >> >> Then, install it using the command: >> mvn install:install-file -DgroupId=org.apache.abdera >> -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar >> -Dfile=/path/to/file >> >> Alternatively, if you host your own repository you can deploy the file >> there: >> mvn deploy:deploy-file -DgroupId=org.apache.abdera >> -DartifactId=abdera-i18n -Dversion=0.4.0-incubating -Dpackaging=jar >> -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id] >> >> Path to dependency: >> 1) org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT >> 2) org.apache.abdera:abdera-core:jar:0.4.0-incubating >> 3) org.apache.abdera:abdera-i18n:jar:0.4.0-incubating >> >> -- >> 1 required artifact is missing. >> >> for artifact: >> org.apache.cxf:cxf-rt-frontend-jaxrs:jar:2.2.2-SNAPSHOT >> >> from the specified remote repositories: >> apache.incubating ( >> http://people.apache.org/repo/m2-incubating-repository >> ), >> ibiblio.org (http://repo1.maven.org/maven2), >> maven2-repository.dev.java.net (http://download.java.net/maven/2/), >> apache.org (http://people.apache.org/repo/m2-snapshot-repository) >> >> at >> >> org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:575) >> at >> >> org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecy
Error: Syntax error, annotations are only available if source level is 5.0
Hello everyone, I am trying to run some samples given under the apache CXF distribution (apache-cxf-2.1.5). I have deployed /apache-cxf-2.1.5/samples/* java_first_pojo* in tomcat and it works well. However, when I try to create a war file (by running "ant war") for the sample /apache-cxf-2.1.5/samples/*java_first_spring_support* I get the following error "Syntax error, annotations are only available if source level is 5.0" I am using sun java 1.6 version and its set on path. Can anyone help me in this? //quote [ra...@localhost java_first_spring_support]$ ant war Buildfile: build.xml maybe.generate.code: compile: [javac] Compiling 2 source files to /home/rahul/apache-cxf-2.1.5/samples/java_first_spring_support/build/classes [javac] -- [javac] 1. ERROR in /home/rahul/apache-cxf-2.1.5/samples/java_first_spring_support/src/demo/spring/HelloWorld.java (at line 24) [javac] @WebService [javac] ^^^ [javac] Syntax error, annotations are only available if source level is 5.0 [javac] -- [javac] -- [javac] 2. ERROR in /home/rahul/apache-cxf-2.1.5/samples/java_first_spring_support/src/demo/spring/HelloWorldImpl.java (at line 24) [javac] @WebService(endpointInterface = "demo.spring.HelloWorld") [javac] ^^^ [javac] Syntax error, annotations are only available if source level is 5.0 [javac] -- [javac] 2 problems (2 errors) BUILD FAILED /home/rahul/apache-cxf-2.1.5/samples/common_build.xml:113: Compile failed; see the compiler error output for details. Total time: 2 seconds //unquote Many Thanks, Rahul
Re: [Solved] Error: Syntax error, annotations are only available if source level is 5.0
Hell everyone, This problem is solved. Please dont spend time on it. The problem was with ant as the ant script by default looks for /etc/ant.conf file and the conf file point to an old version of ant which does not know how to detect java 5 or 6. So I removed the ant.conf from /etc and point to the ANT_HOME which is set to the newer version of ant. Thanks to Jarek for solving this with me. Regards, Rahul Thanks to Jarek for solving this with me. On Thu, May 14, 2009 at 9:44 AM, rahul.soa wrote: > Hello everyone, > > I am trying to run some samples given under the apache CXF distribution > (apache-cxf-2.1.5). I have deployed /apache-cxf-2.1.5/samples/* > java_first_pojo* in tomcat and it works well. > > However, when I try to create a war file (by running "ant war") for the > sample /apache-cxf-2.1.5/samples/*java_first_spring_support* > I get the following error > > "Syntax error, annotations are only available if source level is 5.0" > > I am using sun java 1.6 version and its set on path. > > Can anyone help me in this? > > //quote > > [ra...@localhost java_first_spring_support]$ ant war > Buildfile: build.xml > maybe.generate.code: > compile: > [javac] Compiling 2 source files to > /home/rahul/apache-cxf-2.1.5/samples/java_first_spring_support/build/classes > [javac] -- > [javac] 1. ERROR in > /home/rahul/apache-cxf-2.1.5/samples/java_first_spring_support/src/demo/spring/HelloWorld.java > (at line 24) > [javac] @WebService > [javac] ^^^ > [javac] Syntax error, annotations are only available if source level is > 5.0 > [javac] -- > [javac] -- > [javac] 2. ERROR in > /home/rahul/apache-cxf-2.1.5/samples/java_first_spring_support/src/demo/spring/HelloWorldImpl.java > (at line 24) > [javac] @WebService(endpointInterface = "demo.spring.HelloWorld") > [javac] ^^^ > [javac] Syntax error, annotations are only available if source level is > 5.0 > [javac] -- > [javac] 2 problems (2 errors) > BUILD FAILED > /home/rahul/apache-cxf-2.1.5/samples/common_build.xml:113: Compile failed; > see the compiler error output for details. > Total time: 2 seconds > > //unquote > > Many Thanks, > Rahul > >
[WS-Security] JAXWS webservice client without using cxf specific apis
Hello Devs,
I am new for ws-security and working towards my gsoc project (aim is to
enable CXF/axis2 ws-security support in Apache geronimo). I am working for
CXF first and have build geronimo with CXF ws-security jar files.
So I need a jaxws web service client sample to access my secure web service
deployed on tomcat.
I have developed a working version of client (invoking a secure web service
with UserToken) using some cxf specific apis, the code is given below
Is there any way if I can develop the jaxws client with ws-security support
without using cxf specific apis like org.apache.cxf.endpoint.Client and
org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
ws-security jars in CXF)
Is there any sample code available for the same?
//quote
package demo.order.client;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import demo.order.Order;
import demo.order.OrderProcess;
public class CL {
public CL() {
}
public static void main(String args[]) throws Exception {
Service service=Service.create(new URL("
http://localhost:8095/orderapp/OrderProcess?wsdl";), new QName("
http://order.demo/";, "OrderProcessImplService"));
OrderProcess hw = service.getPort(OrderProcess.class);
Client client = ClientProxy.getClient(hw);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.USER, "ws-client");
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
Endpoint endPoint = client.getEndpoint();
endPoint.getOutInterceptors().add(wssOut);
endPoint.getOutInterceptors().add(new SAAJOutInterceptor());
Order order = new Order();
System.out.println(hw.processOrder(order));
}
}
//unquote
I am trying the following code but it gives me a SOAPFaultException,
//quote
public static void main(String args[]) throws Exception
{
Service service=Service.create(new URL("
http://localhost:8095/orderapp/OrderProcess?wsdl";), new QName("
http://order.demo/";, "OrderProcessImplService"));
OrderProcess hw = service.getPort(OrderProcess.class);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
"ws-client");
((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
"password");
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_TEXT);
Order order = new Order();
System.out.println(hw.processOrder(order));
}
//unquote
Exception:
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: An error
was discovered processing the header
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
at $Proxy34.processOrder(Unknown Source)
at demo.order.client.CL.main(CL.java:74)
Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
processing the header
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:96)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2131)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2010)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit
Re: [WS-Security] JAXWS webservice client without using cxf specific apis
Hello Alessio/Dan,
Many Thanks for your reply.
I am stick with the cxf specific apis for now. So I have pulled the required
jars in geronimo for ws-security support. I also tested the basic
ws-security support (CXF/jetty) and it works. I will submit a patch soon on
this.
Thanks to Jarek for his constant help.
Best Regards,
Rahul
On Fri, May 29, 2009 at 7:48 PM, Daniel Kulp wrote:
>
>
> I really don't think there is a way as JAX-WS doesn't specify anything
> related
> to WS-Security.
>
>
> That said, I would really suggest not going the WSS4JIn/OutInterceptor
> route
> and go the WS-SecurityPolicy route. Things are a LOT simpler from a
> coding/config standpoint then.There ARE properties that can be set on
> the
> request context for stuff needed by the security policy engine.
>
> Dan
>
>
> On Thu May 28 2009 7:01:24 pm rahul.soa wrote:
> > Hello Devs,
> >
> > I am new for ws-security and working towards my gsoc project (aim is to
> > enable CXF/axis2 ws-security support in Apache geronimo). I am working
> for
> > CXF first and have build geronimo with CXF ws-security jar files.
> >
> > So I need a jaxws web service client sample to access my secure web
> service
> > deployed on tomcat.
> >
> > I have developed a working version of client (invoking a secure web
> service
> > with UserToken) using some cxf specific apis, the code is given below
> >
> > Is there any way if I can develop the jaxws client with ws-security
> support
> > without using cxf specific apis like org.apache.cxf.endpoint.Client and
> > org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
> > ws-security jars in CXF)
> >
> > Is there any sample code available for the same?
> >
> > //quote
> >
> > package demo.order.client;
> >
> > import java.net.URL;
> > import java.util.HashMap;
> > import java.util.Map;
> >
> > import javax.xml.namespace.QName;
> > import javax.xml.ws.Service;
> > import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
> > import org.apache.cxf.endpoint.Endpoint;
> > import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
> > import org.apache.ws.security.WSConstants;
> > import org.apache.ws.security.handler.WSHandlerConstants;
> > import org.apache.cxf.endpoint.Client;
> > import org.apache.cxf.frontend.ClientProxy;
> >
> > import demo.order.Order;
> > import demo.order.OrderProcess;
> >
> > public class CL {
> >
> > public CL() {
> > }
> >
> > public static void main(String args[]) throws Exception {
> > Service service=Service.create(new URL("
> > http://localhost:8095/orderapp/OrderProcess?wsdl";), new QName("
> > http://order.demo/";, "OrderProcessImplService"));
> > OrderProcess hw = service.getPort(OrderProcess.class);
> >
> > Client client = ClientProxy.getClient(hw);
> >
> > Map outProps = new HashMap();
> >
> >
> outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
> > outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
> > outProps.put(WSHandlerConstants.USER, "ws-client");
> > outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> > ClientPasswordCallback.class.getName());
> >
> >
> > WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
> > Endpoint endPoint = client.getEndpoint();
> > endPoint.getOutInterceptors().add(wssOut);
> > endPoint.getOutInterceptors().add(new SAAJOutInterceptor());
> >
> > Order order = new Order();
> > System.out.println(hw.processOrder(order));
> >
> > }
> >
> > }
> >
> > //unquote
> >
> >
> > I am trying the following code but it gives me a SOAPFaultException,
> >
> >
> > //quote
> >
> > public static void main(String args[]) throws Exception
> > {
> > Service service=Service.create(new URL("
> > http://localhost:8095/orderapp/OrderProcess?wsdl";), new QName("
> > http://order.demo/";, "OrderProcessImplService"));
> > OrderProcess hw = service.getPort(OrderProcess.class);
> >
> > Map outProps = new HashMap();
> >
> >
> outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
> > outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
> >
> >
> ((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROP
> >ERTY, "ws-client");
> >
> ((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROP
>
Need Help: WS-Security Support for CXF in Geronimo (UsernameToken property setting)
Hello Devs,
First of all, I apologize if the below questions are trivial.
I need some help in setting basic usernameToken Property for Geronimo (for
CXF). I did add the username token property elements in the schema and
generated the required classes by mvn install. And Geronimo is able to
accept this "usertoken" element which users define in the geronimo-web.xml.
(but I think I have not well configured this in Geronimo)
services/HelloWorld
HelloWorldImplPort
http
localhost
8080
/ServiceG/HelloWorld
*
ws-client
password
*
* I am testing it with a servlet client which is trying to access the
secured service (with username and password) running on tomcat server.
Here is the servlet client code:
public class HelloServlet extends HttpServlet {
public void doGet (HttpServletRequest req,
HttpServletResponse res)
throws ServletException, IOException
{
PrintWriter out = res.getWriter();
try {
InitialContext ic=new InitialContext();
Service service;
service = (Service)ic.lookup("java:comp/env/services/HelloWorld");
QName svcQname=new QName("http://service.web/
","HelloWorldImplPort");
HelloWorld hw=service.getPort(HelloWorld.class);
String greeting=hw.sayHi("Rahul");
out.println(greeting);
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
out.close();
}
}
Now, I am coding to configure this above ws-security userToken propery with
CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
configure this. I am trying to write a CXF specific PortMethodInterceptor
class extended from (jaxws's PortMethodInterceptor) but not sure what CXF
apis I can use to configure the usertoken.
I start with the received error (pasted from geronimo.log) with some debug
statements:
...
2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
application context [org.apache.cxf.bus.spring.busapplicationcont...@1ccad1e]:
org.springframework.beans.factory.support.defaultlistablebeanfact...@d6ae95
2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory] Pre-instantiating
singletons in
org.springframework.beans.factory.support.defaultlistablebeanfact...@d6ae95:
defining beans
[cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanPostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apache.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFactoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.http.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,org.apache.cxf.endpoint.ServiceContractResolverRegistry,org.apache.geronimo.cxf.GeronimoDestinationFactory#0,org.apache.cxf.jaxws.context.WebServiceContextResourceResolver,org.apache.cxf.jaxws.context.WebServiceContextImpl,org.apache.cxf.transport.http.policy.HTTPClientAssertionBuilder,org.apache.cxf.transport.http.policy.HTTPServerAssertionBuilder,org.apache.cxf.transport.http.policy.NoOpPolicyInterceptorProvider,org.apache.cxf.transport.http.ClientOnlyHTTPTransportFactory,org.apache.cxf.binding.soap.SoapBindingFactory,org.apache.cxf.binding.soap.SoapTransportFactory,org.apache.cxf.binding.soap.customEditorConfigurer,org.apache.cxf.binding.xml.XMLBindingFactory,org.apache.cxf.ws.addressing.policy.AddressingAssertionBuilder,org.apache.cxf.ws.addressing.policy.AddressingPolicyInterceptorProvider,org.apache.cxf.ws.addressing.policy.UsingAddressingAssertionBuilder];
root of factory hierarchy
*2009-06-28 16:41:18,661* DEBUG [CXFServiceReference] I am in
getPortMethodInterceptor, called from CXFServiceReference:
2009-06-28 16:41:18,662 DEBUG [CXFPortMethodInterceptor] View the
seiInfoMap.values() ![http://localhost:8080/ServiceG/HelloWorld null false
ws-client password, http://localhost:8080/ServiceG/HelloWorld null false
ws-client password]
2009-06-28 16:41:18,681 DEBUG [JAXWSServiceReference] Initializing service
with: file:/home/rahul/new_workspace1/Client/WEB-INF/wsdl/HelloWorld.wsdl {
http://service.web/}HelloWorldImplService
2009-06-28 16:41:18,844 DEBUG [CXFPortMethodInterceptor] I am in intercept
method of CXFPortMethodInterceptor!
2009-06-28 16:41:20,676 DEBUG [PortMethodInterceptor] information is:
passwordws-clienthttp://localhost:8080/ServiceG/HelloWorld
2009-06-28 16:41:20,677 DEBUG
Re: Need Help: WS-Security Support for CXF in Geronimo (UsernameToken property setting)
Hello Daniel,
Thank you for your quick response. Indeed you are right. I have fixed the
program and tested with the hard-coded values and it runs :) Now, I can work
on it and make it proper.
Thanks again.
Best Regards,
Rahul
On Mon, Jun 29, 2009 at 6:42 PM, Daniel Kulp wrote:
>
> It LOOKS like the WSS4JOutInterceptor isn't being added to the client side
> as
> there isn't a security header in the message going out. From the code,
> you
> are adding the SAAJOut stuff, but not the WSS4JOut. Is that as intended?
>
> Dan
>
> On Sun June 28 2009 12:21:24 pm rahul.soa wrote:
> > Hello Devs,
> >
> > First of all, I apologize if the below questions are trivial.
> >
> > I need some help in setting basic usernameToken Property for Geronimo
> (for
> > CXF). I did add the username token property elements in the schema and
> > generated the required classes by mvn install. And Geronimo is able to
> > accept this "usertoken" element which users define in the
> geronimo-web.xml.
> > (but I think I have not well configured this in Geronimo)
> >
> >
> > services/HelloWorld
> >
> > HelloWorldImplPort
> > http
> > localhost
> > 8080
> > /ServiceG/HelloWorld
> > *
> >ws-client
> >password
> > *
> >
> >
> >
> > * I am testing it with a servlet client which is trying to access the
> > secured service (with username and password) running on tomcat server.
> >
> > Here is the servlet client code:
> >
> >
> > public class HelloServlet extends HttpServlet {
> > public void doGet (HttpServletRequest req,
> > HttpServletResponse res)
> > throws ServletException, IOException
> > {
> > PrintWriter out = res.getWriter();
> > try {
> > InitialContext ic=new InitialContext();
> > Service service;
> > service =
> (Service)ic.lookup("java:comp/env/services/HelloWorld");
> > QName svcQname=new QName("http://service.web/
> > ","HelloWorldImplPort");
> >
> >HelloWorld hw=service.getPort(HelloWorld.class);
> > String greeting=hw.sayHi("Rahul");
> > out.println(greeting);
> > } catch (NamingException e) {
> > // TODO Auto-generated catch block
> > e.printStackTrace();
> > }
> >
> > out.close();
> > }
> > }
> >
> > Now, I am coding to configure this above ws-security userToken propery
> with
> > CXF apis in Apache Geronimo and I am not sure *How to use cxf apis* to
> > configure this. I am trying to write a CXF specific PortMethodInterceptor
> > class extended from (jaxws's PortMethodInterceptor) but not sure what
> CXF
> > apis I can use to configure the usertoken.
> >
> > I start with the received error (pasted from geronimo.log) with some
> debug
> > statements:
> >
> >
> > ...
> >
> > 2009-06-28 16:41:17,632 INFO [BusApplicationContext] Bean factory for
> > application context
> > [org.apache.cxf.bus.spring.busapplicationcont...@1ccad1e]:
> >
> org.springframework.beans.factory.support.defaultlistablebeanfact...@d6ae95
> > 2009-06-28 16:41:18,006 INFO [DefaultListableBeanFactory]
> > Pre-instantiating singletons in
> >
> org.springframework.beans.factory.support.defaultlistablebeanfact...@d6ae95
> >: defining beans
> >
> [cxf,org.apache.cxf.bus.spring.BusApplicationListener,org.apache.cxf.bus.sp
>
> >ring.BusWiringBeanFactoryPostProcessor,org.apache.cxf.bus.spring.Jsr250BeanP
>
> >ostProcessor,org.apache.cxf.bus.spring.BusExtensionPostProcessor,org.apache.
>
> >cxf.resource.ResourceManager,org.apache.cxf.configuration.Configurer,org.apa
>
> >che.cxf.binding.BindingFactoryManager,org.apache.cxf.transport.DestinationFa
>
> >ctoryManager,org.apache.cxf.transport.ConduitInitiatorManager,org.apache.cxf
>
> >.wsdl.WSDLManager,org.apache.cxf.phase.PhaseManager,org.apache.cxf.workqueue
>
> >.WorkQueueManager,org.apache.cxf.buslifecycle.BusLifeCycleManager,org.apache
>
> >.cxf.endpoint.ServerRegistry,org.apache.cxf.endpoint.ServerLifeCycleManager,
>
> >org.apache.cxf.endpoint.ClientLifeCycleManager,org.apache.cxf.transports.htt
>
> >p.QueryHandlerRegistry,org.apache.cxf.endpoint.EndpointResolverRegistry,org.
>
> >apache.cxf.headers.HeaderManager,org.apache.cxf.catalog.OASISCatalogManager,
>
> >org.apache.cxf.endpoint.ServiceContractRes
Nonce at Server Side
Hello CXF Devs, Does CXF have the support for processing nonce at *server* side? As I understand from some posts CXF creates the nonce automatically when password digest is used at client side. If it does not have support yet at server side so does that mean we cannot use "password digest" at server side as combination of timestamp, *nonce* and password text are used to calculate the password digest. May be I read some old post or I am wrong. Kindly correct me. Thanks in advance. Best Regards, Rahul
Re: Nonce at Server Side
Many Thanks Colm for the updated information about Nonce. Perhaps, in near future I might have some questions regarding this as I am working on configuring ws-security in geronimo. Thanks again. Rahul On Mon, Jul 6, 2009 at 4:23 PM, Colm O hEigeartaigh wrote: > > It's supported in so far as it'll get processed correctly to create the > nonce+created+password digest. But nonce-caching for replay detection > isn't supported as of yet...there's a jira open in WSS4J for it. > > Feel free to submit a patch :-) > > https://issues.apache.org/jira/browse/WSS-187 > > Colm. > > -Original Message- > From: rahul.soa [mailto:rahul@googlemail.com] > Sent: 06 July 2009 11:56 > To: dev@cxf.apache.org > Cc: Jarek Gawor > Subject: Nonce at Server Side > > Hello CXF Devs, > > Does CXF have the support for processing nonce at *server* side? > > As I understand from some posts CXF creates the nonce automatically when > password digest is used at client side. > > If it does not have support yet at server side so does that mean we > cannot > use "password digest" at server side as combination of timestamp, > *nonce* > and password text are used to calculate the password digest. May be I > read > some old post or I am wrong. Kindly correct me. > > Thanks in advance. > > Best Regards, > Rahul >
Security header wsse:Security is missing in Response
Hello CXF Devs, I am trying to access the secured (usernameToken) webservice deployed on tomcat by the java client. I intercepted the exchanged messages via tcpmon, which are following: Request: -- http://schemas.xmlsoap.org/soap/envelope/";>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soap:mustUnderstand="1">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="UsernameToken-1">ws-clienthttp://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>passwordhttp://order.demo/";> Response: - http://schemas.xmlsoap.org/soap/envelope/";>http://order.demo/ ">ORD1234 Unlike the Request, response does not have the security header. I want to know why **security header** (wsse:Security) is missing in the response. Am I missing something in the configurations? Can you please suggest what should I do to solve this problem? Here are the client and service side configurations: client-beans.xml - http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:jaxws="http://cxf.apache.org/jaxws"; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schema/jaxws.xsd";> http://localhost:8080/neworderapp/OrderProcess"/> beans.xml - http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:jaxws="http://cxf.apache.org/jaxws"; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd";> Many Thanks in advance. Best Regards, Rahul
Re: Security header wsse:Security is missing in Response
Thanks Mayank for the response. So that means Client should have WSS4JOutInterceptor configured to send the secured SOAP Request and should also be configured with WSS4JInInterceptor to receive the secured Response from Server. And contrary applies to Server. Best Regards, Rahul So that means On Wed, Jul 8, 2009 at 7:51 PM, Mayank Mishra wrote: > rahul.soa wrote: > >> Hello CXF Devs, >> >> I am trying to access the secured (usernameToken) webservice deployed on >> tomcat by the java client. I intercepted the exchanged messages via >> tcpmon, >> which are following: >> >> Request: >> -- >> >> http://schemas.xmlsoap.org/soap/envelope/ >> ">> xmlns:wsse=" >> >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> " >> soap:mustUnderstand="1">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> " >> xmlns:wsu=" >> >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> >> wsu:Id="UsernameToken-1">ws-client> Type=" >> >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText >> ">password> xmlns:ns2="http://order.demo/";>> /> >> >> >> Response: >> - >> >> http://schemas.xmlsoap.org/soap/envelope/ >> ">> xmlns:ns2="http://order.demo/ >> >> ">ORD1234 >> >> >> Unlike the Request, response does not have the security header. I want to >> know why **security header** (wsse:Security) is missing in the response. >> Am >> I missing something in the configurations? >> >> Can you please suggest what should I do to solve this problem? >> >> Here are the client and service side configurations: >> >> client-beans.xml >> - >> >> http://www.springframework.org/schema/beans"; >>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>xmlns:jaxws="http://cxf.apache.org/jaxws"; >>xsi:schemaLocation=" >> http://www.springframework.org/schema/beans >> http://www.springframework.org/schema/beans/spring-beans-2.0.xsd >> http://cxf.apache.org/jaxws http://cxf.apache.org/schema/jaxws.xsd";> >> >>> factory-bean="clientFactory" factory-method="create"/> >> >> > /> >> > class="org.apache.cxf.interceptor.LoggingOutInterceptor" >> /> >> > class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> >> > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> >> >> >> >> >> >>> value="demo.order.client.ClientPasswordCallback" /> >> >> >> >> >>> class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> >> >> http://localhost:8080/neworderapp/OrderProcess"/> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> beans.xml >> - >> >> http://www.springframework.org/schema/beans"; >>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>xmlns:jaxws="http://cxf.apache.org/jaxws"; >>xsi:schemaLocation=" >> http://www.springframework.org/schema/beans >> http://www.springframework.org/schema/beans/spring-beans.xsd >> http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd";> >> >> >> >> >> >>> id="orderProcess" >> implementor="demo.order.OrderProcessImpl" >> address="/OrderProcess"> >> >> >> >> >> >> >> >>> value="demo.order.ServerPasswordCallback" /> >> >> >> >> >> >> >> >> >> > > I am unable to see ServerOut-ClientIn WSS4J Interceptor configuration. For > each way you require to configure. > > With Regards, > Mayank > > Many Thanks in advance. >> >> Best Regards, >> Rahul >> >> >> > >
Re: Security header wsse:Security is missing in Response
Many Thanks Mayank and Dan. Setting the WSSJIn/OutInterceptors both way worked for me and now security header is passing both sides. In addition, both client and server are able to handle them. Thanks again for the pointers for policy. I think, after setting up basic ws-security I can soon jump to the policy. I appreciate the quick response from you. Best Regards, Rahul On Thu, Jul 9, 2009 at 5:42 AM, Mayank Mishra wrote: > Daniel Kulp wrote: > >> On Wed July 8 2009 5:29:16 pm rahul.soa wrote: >> >> >>> Thanks Mayank for the response. So that means Client should have >>> WSS4JOutInterceptor configured to send the secured SOAP Request and >>> should >>> also be configured with WSS4JInInterceptor to receive the secured >>> Response >>> from Server. And contrary applies to Server. >>> >>> >> >> That's right. >> >> This is partially why using the WS-SecurityPolicy stuff makes it a bit >> easier. You don't need to mess with interceptors as the Policy framework >> handles that. You just need to add a little configuration to the endpoint >> or client (via standard JAX-WS context property mechanisms) and the policy >> framework does the rest. >> >> Dan >> >> >> > True. You can provide the WS-SecurityPolicy for input and output elements > (if you want to configure them differently), or operation level/binding > level (they applies to all input and output messages for all operations > inside Binding). > You can write an external policy file or can embed the policy element > inside using the PolicyReference element of WS-Policy. It's quite neat and > compatible with all WS Engines (of course a few assertions for configuring > keystore, callbacks etc which are not there is WS-SecurityPolicy > specification. > > With Regards, > Mayank > > >> >>> Best Regards, >>> Rahul >>> >>> >>> So that means >>> >>> On Wed, Jul 8, 2009 at 7:51 PM, Mayank Mishra >>> wrote: >>> >>> >>>> rahul.soa wrote: >>>> >>>> >>>>> Hello CXF Devs, >>>>> >>>>> I am trying to access the secured (usernameToken) webservice deployed >>>>> on >>>>> tomcat by the java client. I intercepted the exchanged messages via >>>>> tcpmon, >>>>> which are following: >>>>> >>>>> Request: >>>>> -- >>>>> >>>>> http://schemas.xmlsoap.org/soap/envelope/ >>>>> ">>>>> xmlns:wsse=" >>>>> >>>>> >>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secex >>>>> t-1.0.xsd " >>>>> soap:mustUnderstand="1">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secex >>>>> t-1.0.xsd " >>>>> xmlns:wsu=" >>>>> >>>>> >>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utili >>>>> ty-1.0.xsd " >>>>> >>>>> >>>>> wsu:Id="UsernameToken-1">ws-client>>>> assword Type=" >>>>> >>>>> >>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-p >>>>> rofile-1.0#PasswordText >>>>> >>>>> ">password>>>> ader>http://order.demo/";>>>>> /> >>>>> >>>>> >>>>> Response: >>>>> - >>>>> >>>>> http://schemas.xmlsoap.org/soap/envelope/ >>>>> ">>>>> xmlns:ns2="http://order.demo/ >>>>> >>>>> >>>>> ">ORD1234>>>> Envelope> >>>>> >>>>> >>>>> Unlike the Request, response does not have the security header. I want >>>>> to know why **security header** (wsse:Security) is missing in the >>>>> response. Am >>>>> I missing something in the configurations? >>>>> >>>>> Can you please suggest what should I do to solve this problem? >>>>> >>>>> Here are the client and service side configurations: >>>>> >>>>> client-beans.xml >>>>> - >>>>> >>>>> http://www.springframework.org/schema/beans"; >>
Re: ws security password digest
Hi Naresh, I think you might want to use WSPasswordCallback.USERNAME_TOKEN usage code for PasswordDigest. You may find following email thread useful: http://old.nabble.com/PasswordDigest-and-PasswordText-difference-td24475866.html I am not cxf developer, probably cxf people can tell you exact solution. Many Thanks, rahul On Thu, Apr 15, 2010 at 12:22 AM, Naresh Tallapelli < naresh.tallape...@gmail.com> wrote: > Hi All, > > I am using cxf 2.1.2 version. I tried to implement ws security. I have > created passowrd call backs on both client and server sides. COnfigured > password type to "PasswordText". Then i was to able to get the password on > web services server side. > > But when i use password type to "PasswordDigest", password was sent to the > server in enrypted format. But when i call > "WSPasswordCallback.getPassword()" i am getting value as null. I am not > sure if i miss anything. > > Please help to resolve this issue. I need to send the password in encrypted > way. > > Thank you, > Naresh. >
