Re: [WS-Security] JAXWS webservice client without using cxf specific apis
Hello Alessio/Dan,
Many Thanks for your reply.
I am stick with the cxf specific apis for now. So I have pulled the required
jars in geronimo for ws-security support. I also tested the basic
ws-security support (CXF/jetty) and it works. I will submit a patch soon on
this.
Thanks to Jarek for his constant help.
Best Regards,
Rahul
On Fri, May 29, 2009 at 7:48 PM, Daniel Kulp dk...@apache.org wrote:
I really don't think there is a way as JAX-WS doesn't specify anything
related
to WS-Security.
That said, I would really suggest not going the WSS4JIn/OutInterceptor
route
and go the WS-SecurityPolicy route. Things are a LOT simpler from a
coding/config standpoint then.There ARE properties that can be set on
the
request context for stuff needed by the security policy engine.
Dan
On Thu May 28 2009 7:01:24 pm rahul.soa wrote:
Hello Devs,
I am new for ws-security and working towards my gsoc project (aim is to
enable CXF/axis2 ws-security support in Apache geronimo). I am working
for
CXF first and have build geronimo with CXF ws-security jar files.
So I need a jaxws web service client sample to access my secure web
service
deployed on tomcat.
I have developed a working version of client (invoking a secure web
service
with UserToken) using some cxf specific apis, the code is given below
Is there any way if I can develop the jaxws client with ws-security
support
without using cxf specific apis like org.apache.cxf.endpoint.Client and
org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
ws-security jars in CXF)
Is there any sample code available for the same?
//quote
package demo.order.client;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import demo.order.Order;
import demo.order.OrderProcess;
public class CL {
public CL() {
}
public static void main(String args[]) throws Exception {
Service service=Service.create(new URL(
http://localhost:8095/orderapp/OrderProcess?wsdl;), new QName(
http://order.demo/;, OrderProcessImplService));
OrderProcess hw = service.getPort(OrderProcess.class);
Client client = ClientProxy.getClient(hw);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.USER, ws-client);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
Endpoint endPoint = client.getEndpoint();
endPoint.getOutInterceptors().add(wssOut);
endPoint.getOutInterceptors().add(new SAAJOutInterceptor());
Order order = new Order();
System.out.println(hw.processOrder(order));
}
}
//unquote
I am trying the following code but it gives me a SOAPFaultException,
//quote
public static void main(String args[]) throws Exception
{
Service service=Service.create(new URL(
http://localhost:8095/orderapp/OrderProcess?wsdl;), new QName(
http://order.demo/;, OrderProcessImplService));
OrderProcess hw = service.getPort(OrderProcess.class);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROP
ERTY, ws-client);
((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROP
ERTY, password);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSH
andlerConstants.USERNAME_TOKEN);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_T
YPE, WSConstants.PW_TEXT);
Order order = new Order();
System.out.println(hw.processOrder(order));
}
//unquote
Exception:
Exception in thread main javax.xml.ws.soap.SOAPFaultException: An error
was discovered processing the wsse:Security header
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
at $Proxy34.processOrder(Unknown Source)
at demo.order.client.CL.main(CL.java:74)
Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
processing the wsse:Security header
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
ault(Soap11FaultInInterceptor.java:75) at
Re: [WS-Security] JAXWS webservice client without using cxf specific apis
I really don't think there is a way as JAX-WS doesn't specify anything related
to WS-Security.
That said, I would really suggest not going the WSS4JIn/OutInterceptor route
and go the WS-SecurityPolicy route. Things are a LOT simpler from a
coding/config standpoint then.There ARE properties that can be set on the
request context for stuff needed by the security policy engine.
Dan
On Thu May 28 2009 7:01:24 pm rahul.soa wrote:
Hello Devs,
I am new for ws-security and working towards my gsoc project (aim is to
enable CXF/axis2 ws-security support in Apache geronimo). I am working for
CXF first and have build geronimo with CXF ws-security jar files.
So I need a jaxws web service client sample to access my secure web service
deployed on tomcat.
I have developed a working version of client (invoking a secure web service
with UserToken) using some cxf specific apis, the code is given below
Is there any way if I can develop the jaxws client with ws-security support
without using cxf specific apis like org.apache.cxf.endpoint.Client and
org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
ws-security jars in CXF)
Is there any sample code available for the same?
//quote
package demo.order.client;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import demo.order.Order;
import demo.order.OrderProcess;
public class CL {
public CL() {
}
public static void main(String args[]) throws Exception {
Service service=Service.create(new URL(
http://localhost:8095/orderapp/OrderProcess?wsdl;), new QName(
http://order.demo/;, OrderProcessImplService));
OrderProcess hw = service.getPort(OrderProcess.class);
Client client = ClientProxy.getClient(hw);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.USER, ws-client);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
Endpoint endPoint = client.getEndpoint();
endPoint.getOutInterceptors().add(wssOut);
endPoint.getOutInterceptors().add(new SAAJOutInterceptor());
Order order = new Order();
System.out.println(hw.processOrder(order));
}
}
//unquote
I am trying the following code but it gives me a SOAPFaultException,
//quote
public static void main(String args[]) throws Exception
{
Service service=Service.create(new URL(
http://localhost:8095/orderapp/OrderProcess?wsdl;), new QName(
http://order.demo/;, OrderProcessImplService));
OrderProcess hw = service.getPort(OrderProcess.class);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROP
ERTY, ws-client);
((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROP
ERTY, password);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSH
andlerConstants.USERNAME_TOKEN);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_T
YPE, WSConstants.PW_TEXT);
Order order = new Order();
System.out.println(hw.processOrder(order));
}
//unquote
Exception:
Exception in thread main javax.xml.ws.soap.SOAPFaultException: An error
was discovered processing the wsse:Security header
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
at $Proxy34.processOrder(Unknown Source)
at demo.order.client.CL.main(CL.java:74)
Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
processing the wsse:Security header
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalF
ault(Soap11FaultInInterceptor.java:75) at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
age(Soap11FaultInInterceptor.java:46) at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMess
age(Soap11FaultInInterceptor.java:35) at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
n.java:226) at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(Ab
stractFaultChainInitiatorObserver.java:96) at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage
(CheckFaultInterceptor.java:69) at
[WS-Security] JAXWS webservice client without using cxf specific apis
Hello Devs,
I am new for ws-security and working towards my gsoc project (aim is to
enable CXF/axis2 ws-security support in Apache geronimo). I am working for
CXF first and have build geronimo with CXF ws-security jar files.
So I need a jaxws web service client sample to access my secure web service
deployed on tomcat.
I have developed a working version of client (invoking a secure web service
with UserToken) using some cxf specific apis, the code is given below
Is there any way if I can develop the jaxws client with ws-security support
without using cxf specific apis like org.apache.cxf.endpoint.Client and
org.apache.cxf.frontend.ClientProxy etc? (as I want to integrate only
ws-security jars in CXF)
Is there any sample code available for the same?
//quote
package demo.order.client;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import demo.order.Order;
import demo.order.OrderProcess;
public class CL {
public CL() {
}
public static void main(String args[]) throws Exception {
Service service=Service.create(new URL(
http://localhost:8095/orderapp/OrderProcess?wsdl;), new QName(
http://order.demo/;, OrderProcessImplService));
OrderProcess hw = service.getPort(OrderProcess.class);
Client client = ClientProxy.getClient(hw);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.USER, ws-client);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
Endpoint endPoint = client.getEndpoint();
endPoint.getOutInterceptors().add(wssOut);
endPoint.getOutInterceptors().add(new SAAJOutInterceptor());
Order order = new Order();
System.out.println(hw.processOrder(order));
}
}
//unquote
I am trying the following code but it gives me a SOAPFaultException,
//quote
public static void main(String args[]) throws Exception
{
Service service=Service.create(new URL(
http://localhost:8095/orderapp/OrderProcess?wsdl;), new QName(
http://order.demo/;, OrderProcessImplService));
OrderProcess hw = service.getPort(OrderProcess.class);
Map outProps = new HashMap();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
((BindingProvider)hw).getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
ws-client);
((BindingProvider)hw).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
password);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
((BindingProvider)hw).getRequestContext().put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_TEXT);
Order order = new Order();
System.out.println(hw.processOrder(order));
}
//unquote
Exception:
Exception in thread main javax.xml.ws.soap.SOAPFaultException: An error
was discovered processing the wsse:Security header
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
at $Proxy34.processOrder(Unknown Source)
at demo.order.client.CL.main(CL.java:74)
Caused by: org.apache.cxf.binding.soap.SoapFault: An error was discovered
processing the wsse:Security header
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:96)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:226)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:641)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2131)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2010)
at
