RE: Dynamically changing endpoints

2017-10-23 Thread Andrei Shakirin
Hi,

One option is set BindingProvider.ENDPOINT_ADDRESS_PROPERTY in request context:

final Greeter port = service.getGreeterPort();
BindingProvider provider = (BindingProvider)port;

provider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,  
address);

Regards,
Andrei.

> -Original Message-
> From: Ken Hancock [mailto:hancoc...@gmail.com]
> Sent: Mittwoch, 18. Oktober 2017 16:31
> To: users@cxf.apache.org
> Subject: Dynamically changing endpoints
> 
> I'm implementing a client for a soap endpoint where the messages return
> different callouts to be used for individual soap operations, each endpoint
> supporting the same service wsdl.  Does anyone have suggestions on the best
> way to change the endpoint for different soap operations?
> 
> I could create a separate proxy for each operation, but that seems 
> particularly
> slow and heavyweight.


Re: fediz production

2017-10-23 Thread Matthew Broadhead
Thanks for your help Colm.  I now have it working using the production 
certificate by following this example 
https://stackoverflow.com/a/2141229/3052312 to export the pems into jks 
files.


but in the end i also had to copy idp-ssl-key.jks and idp-ssl-trust.jks 
into webapps/idp/WEB-INF/classes as well as having them in catalina 
base.  this seems impractical in production as the certificates get 
reissued every 6 months.  is it possible for sec:keyStore to define the 
resource as being in catalina base?


On 23/10/2017 18:11, Colm O hEigeartaigh wrote:

sec:keyStore supports either JKS or PKCS12 keystores. There is also a
sec:certStore that works with PEM files, but only for TrustStores I think.
As a workaround you can just use the Java keytool command to import your
PEM key/cert into a JKS keystore.


this document http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/sample

keys/HowToGenerateKeysREADME.html?view=co has idp-ssl-server.jks but no
idp-ssl-key.jks.

SVN is not used any more by CXF or Fediz, that page is old. The correct
version is on github:

https://github.com/apache/cxf-fediz/blob/master/examples/samplekeys/HowToGenerateKeysREADME.html

Colm.

On Mon, Oct 23, 2017 at 4:40 PM, Matthew Broadhead <
matthew.broadh...@nbmlaw.co.uk> wrote:


Hi Colm,

is there any way for sec:keyStore to be pointed at a pem certificate
instead of a java keystore?  where is the doumentation for sec:keyStore?

Matt

On 23/10/2017 17:11, Colm O hEigeartaigh wrote:


I haven't used the APR connector. The following works for me in the tests,
perhaps you could duplicate this config and get it working first before
switching over to the APR connector:

   

Yes you will need to specify the truststore and keystore in cxf-tls.xml to
communicate with the STS from the IdP. The truststore should contain the
issuing cert of the Tomcat instance hosting your STS + then keystore the
private key of your IdP.

Colm.

On Sun, Oct 22, 2017 at 9:23 AM, Matthew Broadhead <
matthew.broadh...@nbmlaw.co.uk> wrote:

i am using my own certificate with APR in the tomcat server.xml.  I added

clientVerification="required" to SSLHostConfig but I still have the same
problem

  
  
  
  
  

I commented the trustManagers and keyManagers in
services/idp/src/main/resources/cxf-tls.xml.  Could this be the problem?
How would I use production certificates?

  
  
  
  


On 22/10/2017 00:38, Matthew Broadhead wrote:

ok...i fixed the last error by dropping the schema and restarting.

but now i have this
2017-10-21 21:58:19,541 [https-openssl-apr-9443-exec-9] WARN
org.apache.cxf.phase.PhaseInterceptorChain  - Interceptor for {
http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityT
okenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue
has
thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to
stream: RequireClientCertificate is set, but no local certificates were
negotiated.  Is the server set to ask for client authorization?
  at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:224)
  at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
  at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase
InterceptorChain.java:308)
  at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:
518)
  ...
Caused by: com.ctc.wstx.exc.WstxIOException: RequireClientCertificate
is
set, but no local certificates were negotiated.  Is the server set to
ask
for client authorization?
  at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java
:255)
  at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
  ... 154 more
Caused by: org.apache.cxf.transport.http.UntrustedURLConnectionIOExcept
ion:
RequireClientCertificate is set, but no local certificates were
negotiated.  Is the server set to ask for client authorization?
  at org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInt
erceptorProvider$HttpsTokenOutInterceptor$1.establishTrust(H
ttpsTokenInterceptorProvider.java:143)
  at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
m.makeTrustDecision(HTTPConduit.java:1780)
  at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
m.handleHeadersTrustCaching(HTTPConduit.java:1323)
  ...
2017-10-21 21:58:19,542 [https-openssl-apr-9443-exec-9] ERROR
org.apache.cxf.fediz.service.idp.beans.STSClientAction  - Error in
retrieving a token


On 20/10/2017 23:05, Matthew Broadhead wrote:

ok i now have a different error and it doesn't load the login screen

2017-10-20 19:25:39,175 [https-openssl-apr-9443-exec-2] WARN
org.apache.cxf.fediz.service.idp.beans.EndpointAddressValidator - No
service config found for urn:org:apache:cxf:fediz:fedizhelloworld

Re: fediz production

2017-10-23 Thread Colm O hEigeartaigh
sec:keyStore supports either JKS or PKCS12 keystores. There is also a
sec:certStore that works with PEM files, but only for TrustStores I think.
As a workaround you can just use the Java keytool command to import your
PEM key/cert into a JKS keystore.

> this document http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/sample
keys/HowToGenerateKeysREADME.html?view=co has idp-ssl-server.jks but no
idp-ssl-key.jks.

SVN is not used any more by CXF or Fediz, that page is old. The correct
version is on github:

https://github.com/apache/cxf-fediz/blob/master/examples/samplekeys/HowToGenerateKeysREADME.html

Colm.

On Mon, Oct 23, 2017 at 4:40 PM, Matthew Broadhead <
matthew.broadh...@nbmlaw.co.uk> wrote:

> Hi Colm,
>
> is there any way for sec:keyStore to be pointed at a pem certificate
> instead of a java keystore?  where is the doumentation for sec:keyStore?
>
> Matt
>
> On 23/10/2017 17:11, Colm O hEigeartaigh wrote:
>
>> I haven't used the APR connector. The following works for me in the tests,
>> perhaps you could duplicate this config and get it working first before
>> switching over to the APR connector:
>>
>>   > protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150"
>> SSLEnabled="true" scheme="https" secure="true" clientAuth="want"
>> sslProtocol="TLS" keystoreFile="idp-ssl-key.jks" keystorePass="tompass"
>> keyPass="tompass" truststoreFile="idp-ssl-trust.jks"
>> truststorePass="ispass" />
>>
>> Yes you will need to specify the truststore and keystore in cxf-tls.xml to
>> communicate with the STS from the IdP. The truststore should contain the
>> issuing cert of the Tomcat instance hosting your STS + then keystore the
>> private key of your IdP.
>>
>> Colm.
>>
>> On Sun, Oct 22, 2017 at 9:23 AM, Matthew Broadhead <
>> matthew.broadh...@nbmlaw.co.uk> wrote:
>>
>> i am using my own certificate with APR in the tomcat server.xml.  I added
>>> clientVerification="required" to SSLHostConfig but I still have the same
>>> problem
>>> >> maxThreads="150" SSLEnabled="true">
>>>  >> />
>>>  
>>>  >> certificateFile="/etc/letsencrypt/live/domain.tld/cert.pem"
>>> certificateChainFile="/etc/letsencrypt/live/domain.tld/fullchain.pem"
>>>   type="RSA" />
>>>  
>>>  
>>>
>>> I commented the trustManagers and keyManagers in
>>> services/idp/src/main/resources/cxf-tls.xml.  Could this be the problem?
>>> How would I use production certificates?
>>> 
>>>  >>  disableCNCheck="true">
>>>  
>>>  
>>>  
>>>
>>>
>>> On 22/10/2017 00:38, Matthew Broadhead wrote:
>>>
>>> ok...i fixed the last error by dropping the schema and restarting.
 but now i have this
 2017-10-21 21:58:19,541 [https-openssl-apr-9443-exec-9] WARN
 org.apache.cxf.phase.PhaseInterceptorChain  - Interceptor for {
 http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityT
 okenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue
 has
 thrown exception, unwinding now
 org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to
 stream: RequireClientCertificate is set, but no local certificates were
 negotiated.  Is the server set to ask for client authorization?
  at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
 ndingInterceptor.handleMessage(SAAJOutInterceptor.java:224)
  at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
 ndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
  at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase
 InterceptorChain.java:308)
  at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:
 518)
  ...
 Caused by: com.ctc.wstx.exc.WstxIOException: RequireClientCertificate
 is
 set, but no local certificates were negotiated.  Is the server set to
 ask
 for client authorization?
  at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java
 :255)
  at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
 ndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
  ... 154 more
 Caused by: org.apache.cxf.transport.http.UntrustedURLConnectionIOExcept
 ion:
 RequireClientCertificate is set, but no local certificates were
 negotiated.  Is the server set to ask for client authorization?
  at org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInt
 erceptorProvider$HttpsTokenOutInterceptor$1.establishTrust(H
 ttpsTokenInterceptorProvider.java:143)
  at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
 m.makeTrustDecision(HTTPConduit.java:1780)
  at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
 m.handleHeadersTrustCaching(HTTPConduit.java:1323)
  ...
 2017-10-21 21:58:19,542 [https-openssl-apr-9443-exec-9] ERROR
 org.apache.cxf.fediz.service.idp.beans.STSClientAction

Re: fediz production

2017-10-23 Thread Matthew Broadhead
this document 
http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/samplekeys/HowToGenerateKeysREADME.html?view=co 
has idp-ssl-server.jks but no idp-ssl-key.jks.


On 23/10/2017 17:11, Colm O hEigeartaigh wrote:

I haven't used the APR connector. The following works for me in the tests,
perhaps you could duplicate this config and get it working first before
switching over to the APR connector:

  

Yes you will need to specify the truststore and keystore in cxf-tls.xml to
communicate with the STS from the IdP. The truststore should contain the
issuing cert of the Tomcat instance hosting your STS + then keystore the
private key of your IdP.

Colm.

On Sun, Oct 22, 2017 at 9:23 AM, Matthew Broadhead <
matthew.broadh...@nbmlaw.co.uk> wrote:


i am using my own certificate with APR in the tomcat server.xml.  I added
clientVerification="required" to SSLHostConfig but I still have the same
problem

 
 
 
 
 

I commented the trustManagers and keyManagers in
services/idp/src/main/resources/cxf-tls.xml.  Could this be the problem?
How would I use production certificates?

 
 
 
 


On 22/10/2017 00:38, Matthew Broadhead wrote:


ok...i fixed the last error by dropping the schema and restarting.
but now i have this
2017-10-21 21:58:19,541 [https-openssl-apr-9443-exec-9] WARN
org.apache.cxf.phase.PhaseInterceptorChain  - Interceptor for {
http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityT
okenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue has
thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to
stream: RequireClientCertificate is set, but no local certificates were
negotiated.  Is the server set to ask for client authorization?
 at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:224)
 at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
 at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase
InterceptorChain.java:308)
 at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:518)
 ...
Caused by: com.ctc.wstx.exc.WstxIOException: RequireClientCertificate is
set, but no local certificates were negotiated.  Is the server set to ask
for client authorization?
 at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:255)
 at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
 ... 154 more
Caused by: org.apache.cxf.transport.http.UntrustedURLConnectionIOException:
RequireClientCertificate is set, but no local certificates were
negotiated.  Is the server set to ask for client authorization?
 at org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInt
erceptorProvider$HttpsTokenOutInterceptor$1.establishTrust(H
ttpsTokenInterceptorProvider.java:143)
 at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
m.makeTrustDecision(HTTPConduit.java:1780)
 at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
m.handleHeadersTrustCaching(HTTPConduit.java:1323)
 ...
2017-10-21 21:58:19,542 [https-openssl-apr-9443-exec-9] ERROR
org.apache.cxf.fediz.service.idp.beans.STSClientAction  - Error in
retrieving a token


On 20/10/2017 23:05, Matthew Broadhead wrote:


ok i now have a different error and it doesn't load the login screen
2017-10-20 19:25:39,175 [https-openssl-apr-9443-exec-2] WARN
org.apache.cxf.fediz.service.idp.beans.EndpointAddressValidator - No
service config found for urn:org:apache:cxf:fediz:fedizhelloworld
2017-10-20 19:26:18,084 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'CLAIM_LIST' not found
2017-10-20 19:26:18,085 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'IDP_READ' not found
2017-10-20 19:26:18,090 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'IDP_LIST' not found
2017-10-20 19:26:18,091 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'TRUSTEDIDP_LIST' not found
2017-10-20 19:26:18,092 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'CLAIM_READ' not found
2017-10-20 19:26:18,094 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'APPLICATION_LIST' not found
2017-10-20 19:26:18,095 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'APPLICATION_READ' not found
2017-10-20 19:26:18,096 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.ser

Re: fediz production

2017-10-23 Thread Matthew Broadhead

Hi Colm,

is there any way for sec:keyStore to be pointed at a pem certificate 
instead of a java keystore?  where is the doumentation for sec:keyStore?


Matt

On 23/10/2017 17:11, Colm O hEigeartaigh wrote:

I haven't used the APR connector. The following works for me in the tests,
perhaps you could duplicate this config and get it working first before
switching over to the APR connector:

  

Yes you will need to specify the truststore and keystore in cxf-tls.xml to
communicate with the STS from the IdP. The truststore should contain the
issuing cert of the Tomcat instance hosting your STS + then keystore the
private key of your IdP.

Colm.

On Sun, Oct 22, 2017 at 9:23 AM, Matthew Broadhead <
matthew.broadh...@nbmlaw.co.uk> wrote:


i am using my own certificate with APR in the tomcat server.xml.  I added
clientVerification="required" to SSLHostConfig but I still have the same
problem

 
 
 
 
 

I commented the trustManagers and keyManagers in
services/idp/src/main/resources/cxf-tls.xml.  Could this be the problem?
How would I use production certificates?

 
 
 
 


On 22/10/2017 00:38, Matthew Broadhead wrote:


ok...i fixed the last error by dropping the schema and restarting.
but now i have this
2017-10-21 21:58:19,541 [https-openssl-apr-9443-exec-9] WARN
org.apache.cxf.phase.PhaseInterceptorChain  - Interceptor for {
http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityT
okenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue has
thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to
stream: RequireClientCertificate is set, but no local certificates were
negotiated.  Is the server set to ask for client authorization?
 at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:224)
 at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
 at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase
InterceptorChain.java:308)
 at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:518)
 ...
Caused by: com.ctc.wstx.exc.WstxIOException: RequireClientCertificate is
set, but no local certificates were negotiated.  Is the server set to ask
for client authorization?
 at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:255)
 at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
ndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
 ... 154 more
Caused by: org.apache.cxf.transport.http.UntrustedURLConnectionIOException:
RequireClientCertificate is set, but no local certificates were
negotiated.  Is the server set to ask for client authorization?
 at org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInt
erceptorProvider$HttpsTokenOutInterceptor$1.establishTrust(H
ttpsTokenInterceptorProvider.java:143)
 at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
m.makeTrustDecision(HTTPConduit.java:1780)
 at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
m.handleHeadersTrustCaching(HTTPConduit.java:1323)
 ...
2017-10-21 21:58:19,542 [https-openssl-apr-9443-exec-9] ERROR
org.apache.cxf.fediz.service.idp.beans.STSClientAction  - Error in
retrieving a token


On 20/10/2017 23:05, Matthew Broadhead wrote:


ok i now have a different error and it doesn't load the login screen
2017-10-20 19:25:39,175 [https-openssl-apr-9443-exec-2] WARN
org.apache.cxf.fediz.service.idp.beans.EndpointAddressValidator - No
service config found for urn:org:apache:cxf:fediz:fedizhelloworld
2017-10-20 19:26:18,084 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'CLAIM_LIST' not found
2017-10-20 19:26:18,085 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'IDP_READ' not found
2017-10-20 19:26:18,090 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'IDP_LIST' not found
2017-10-20 19:26:18,091 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'TRUSTEDIDP_LIST' not found
2017-10-20 19:26:18,092 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'CLAIM_READ' not found
2017-10-20 19:26:18,094 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'APPLICATION_LIST' not found
2017-10-20 19:26:18,095 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
- Role 'APPLICATION_READ' not found
2017-10-20 19:26:18,096 [https-openssl-apr-9443-exec-5] ERROR
org.apache.cxf.fediz.service.

Re: fediz production

2017-10-23 Thread Colm O hEigeartaigh
I haven't used the APR connector. The following works for me in the tests,
perhaps you could duplicate this config and get it working first before
switching over to the APR connector:

 

Yes you will need to specify the truststore and keystore in cxf-tls.xml to
communicate with the STS from the IdP. The truststore should contain the
issuing cert of the Tomcat instance hosting your STS + then keystore the
private key of your IdP.

Colm.

On Sun, Oct 22, 2017 at 9:23 AM, Matthew Broadhead <
matthew.broadh...@nbmlaw.co.uk> wrote:

> i am using my own certificate with APR in the tomcat server.xml.  I added
> clientVerification="required" to SSLHostConfig but I still have the same
> problem
> maxThreads="150" SSLEnabled="true">
>  />
> 
>  certificateFile="/etc/letsencrypt/live/domain.tld/cert.pem"
> certificateChainFile="/etc/letsencrypt/live/domain.tld/fullchain.pem"
>  type="RSA" />
> 
> 
>
> I commented the trustManagers and keyManagers in
> services/idp/src/main/resources/cxf-tls.xml.  Could this be the problem?
> How would I use production certificates?
> 
>  disableCNCheck="true">
> 
> 
> 
>
>
> On 22/10/2017 00:38, Matthew Broadhead wrote:
>
>> ok...i fixed the last error by dropping the schema and restarting.
>> but now i have this
>> 2017-10-21 21:58:19,541 [https-openssl-apr-9443-exec-9] WARN
>> org.apache.cxf.phase.PhaseInterceptorChain  - Interceptor for {
>> http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityT
>> okenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue has
>> thrown exception, unwinding now
>> org.apache.cxf.binding.soap.SoapFault: Problem writing SAAJ model to
>> stream: RequireClientCertificate is set, but no local certificates were
>> negotiated.  Is the server set to ask for client authorization?
>> at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
>> ndingInterceptor.handleMessage(SAAJOutInterceptor.java:224)
>> at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
>> ndingInterceptor.handleMessage(SAAJOutInterceptor.java:174)
>> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase
>> InterceptorChain.java:308)
>> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:518)
>> ...
>> Caused by: com.ctc.wstx.exc.WstxIOException: RequireClientCertificate is
>> set, but no local certificates were negotiated.  Is the server set to ask
>> for client authorization?
>> at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:255)
>> at org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutE
>> ndingInterceptor.handleMessage(SAAJOutInterceptor.java:215)
>> ... 154 more
>> Caused by: org.apache.cxf.transport.http.UntrustedURLConnectionIOException:
>> RequireClientCertificate is set, but no local certificates were
>> negotiated.  Is the server set to ask for client authorization?
>> at org.apache.cxf.ws.security.policy.interceptors.HttpsTokenInt
>> erceptorProvider$HttpsTokenOutInterceptor$1.establishTrust(H
>> ttpsTokenInterceptorProvider.java:143)
>> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
>> m.makeTrustDecision(HTTPConduit.java:1780)
>> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStrea
>> m.handleHeadersTrustCaching(HTTPConduit.java:1323)
>> ...
>> 2017-10-21 21:58:19,542 [https-openssl-apr-9443-exec-9] ERROR
>> org.apache.cxf.fediz.service.idp.beans.STSClientAction  - Error in
>> retrieving a token
>>
>>
>> On 20/10/2017 23:05, Matthew Broadhead wrote:
>>
>>> ok i now have a different error and it doesn't load the login screen
>>> 2017-10-20 19:25:39,175 [https-openssl-apr-9443-exec-2] WARN
>>> org.apache.cxf.fediz.service.idp.beans.EndpointAddressValidator - No
>>> service config found for urn:org:apache:cxf:fediz:fedizhelloworld
>>> 2017-10-20 19:26:18,084 [https-openssl-apr-9443-exec-5] ERROR
>>> org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
>>> - Role 'CLAIM_LIST' not found
>>> 2017-10-20 19:26:18,085 [https-openssl-apr-9443-exec-5] ERROR
>>> org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
>>> - Role 'IDP_READ' not found
>>> 2017-10-20 19:26:18,090 [https-openssl-apr-9443-exec-5] ERROR
>>> org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
>>> - Role 'IDP_LIST' not found
>>> 2017-10-20 19:26:18,091 [https-openssl-apr-9443-exec-5] ERROR
>>> org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
>>> - Role 'TRUSTEDIDP_LIST' not found
>>> 2017-10-20 19:26:18,092 [https-openssl-apr-9443-exec-5] ERROR
>>> org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
>>> - Role 'CLAIM_READ' not found
>>> 2017-10-20 19:26:18,094 [https-openssl-apr-9443-exec-5] ERROR
>>> org.apache.cxf.fediz.service.idp.service.security.GrantedAuthorityEntitlements
>>> - Role 'APPLICATION_LIST

RE: [+SPAM+]: Re: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread COURTAULT Francois
Hello Romain,

Finally, with the following settings in tomee.xml:

BrokerXmlConfig =  
broker:(tcp://localhost:61616)?useJmx=false&persistent=false
 ServerUrl   =  vm://localhost
  

In the logs I have:
23-Oct-2017 14:28:59.895 INFO [main] 
org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
Service(id=Default JMS Resource Adapter, type=Resource, provider-id=Default JMS 
Resource Adapter)
...
23-Oct-2017 14:28:59.971 INFO [main] 
org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
Resource(id=Default JMS Resource Adapter)
23-Oct-2017 14:29:00.028 INFO [main] 
org.apache.openejb.assembler.classic.Assembler.doCreateResource Thread pool 
size for 'Default JMS Resource Adapter' is (30)

23-Oct-2017 14:29:00.039 INFO [main] 
org.apache.openejb.resource.activemq.ActiveMQ5Factory.createBroker 
ActiveMQ5Factory creating broker
...
23-Oct-2017 14:29:00.237 INFO [main] 
org.apache.openejb.resource.activemq.ActiveMQ5Factory.createBroker Using 
ActiveMQ startup timeout of 1ms
23-Oct-2017 14:29:00.238 INFO [ActiveMQFactory start and checkpoint] 
org.apache.openejb.resource.activemq.ActiveMQ5Factory$1.run Starting ActiveMQ 
BrokerService

23-Oct-2017 14:29:00.245 INFO [ActiveMQFactory start and checkpoint] 
org.apache.activemq.broker.BrokerService.doStartPersistenceAdapter Using 
Persistence Adapter: MemoryPersistenceAdapter
23-Oct-2017 14:29:00.379 INFO [ActiveMQFactory start and checkpoint] 
org.apache.activemq.broker.BrokerService.doStartBroker Apache ActiveMQ 5.14.5 
(localhost, ID:FPB4KC2-59528-1508761740257-0:1) is starting


23-Oct-2017 14:29:00.850 INFO [localhost-startStop-1] 
org.apache.openejb.config.InitEjbDeployments.deploy Auto-deploying ejb MyMDB: 
EjbDeployment(deployment-id=MyMDB)
23-Oct-2017 14:29:00.855 INFO [localhost-startStop-1] 
org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
Service(id=Default MDB Container, type=Container, provider-id=Default MDB 
Container)
23-Oct-2017 14:29:00.856 INFO [localhost-startStop-1] 
org.apache.openejb.config.AutoConfig.createContainer Auto-creating a container 
for bean MyMDB: Container(type=MESSAGE, id=Default MDB Container)
23-Oct-2017 14:29:00.856 INFO [localhost-startStop-1] 
org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
Container(id=Default MDB Container)
23-Oct-2017 14:29:00.866 INFO [localhost-startStop-1] 
org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
Service(id=jms/MessageQueue, type=Resource, provider-id=Default Queue)
23-Oct-2017 14:29:00.866 INFO [localhost-startStop-1] 
org.apache.openejb.config.AutoConfig.logAutoCreateResource Auto-creating a 
Resource with id 'jms/MessageQueue' of type 'javax.jms.Queue for 'MyMDB'.
23-Oct-2017 14:29:00.866 INFO [localhost-startStop-1] 
org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
Resource(id=jms/MessageQueue)

Thanks a lot Romain for your help :-)

Best Regards.
-Original Message-
From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
Sent: lundi 23 octobre 2017 12:56
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: [+SPAM+]: Re: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use 
persistence for JMS ?

2017-10-23 12:17 GMT+02:00 COURTAULT Francois :
> Hello Romain,
>
> Sorry to haven't found this by myself :-(
>
> In my application, I have an MDB and in the log, I am able to see:
> 23-Oct-2017 11:36:02.079 INFO [localhost-startStop-1]
> org.apache.openejb.config.InitEjbDeployments.deploy Auto-deploying ejb
> MyMDB: EjbDeployment(deployment-id=MyMDB)
> 23-Oct-2017 11:36:02.083 INFO [localhost-startStop-1]
> org.apache.openejb.config.ConfigurationFactory.configureService
> Configuring Service(id=Default MDB Container, type=Container,
> provider-id=Default MDB Container)
> 23-Oct-2017 11:36:02.083 INFO [localhost-startStop-1]
> org.apache.openejb.config.AutoConfig.createContainer Auto-creating a
> container for bean MyMDB: Container(type=MESSAGE, id=Default MDB
> Container)
> 23-Oct-2017 11:36:02.084 INFO [localhost-startStop-1]
> org.apache.openejb.config.ConfigurationFactory.configureService
> Configuring Service(id=Default JMS Resource Adapter, type=Resource,
> provider-id=Default JMS Resource Adapter)
> 23-Oct-2017 11:36:02.085 INFO [localhost-startStop-1]
> org.apache.openejb.config.ConfigurationFactory.configureService
> Configuring Service(id=Default Unmanaged JDBC Database, type=Resource,
> provider-id=Default Unmanaged JDBC Database)
> 23-Oct-2017 11:36:02.085 INFO [localhost-startStop-1]
> org.apache.openejb.assembler.classic.Assembler.createRecipe Creating
> Resource(id=Default Unmanaged JDBC Database)
>
> But before, which I fine, I am able to see:
> 23-Oct-2017 11:36:01.209 INFO [main]
> org.apache.openejb.assembler.classic.Assembler.createRecipe Creating
> Resource(id=MyJmsResourceAdapter)
> 23-Oct-2017 11:36:01.267 INFO [main]
> org.apache.openejb.assembler.classic.Assembler.doCreateResource Thread pool

Re: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread Romain Manni-Bucau
2017-10-23 12:17 GMT+02:00 COURTAULT Francois :
> Hello Romain,
>
> Sorry to haven't found this by myself :-(
>
> In my application, I have an MDB and in the log, I am able to see:
> 23-Oct-2017 11:36:02.079 INFO [localhost-startStop-1] 
> org.apache.openejb.config.InitEjbDeployments.deploy Auto-deploying ejb MyMDB: 
> EjbDeployment(deployment-id=MyMDB)
> 23-Oct-2017 11:36:02.083 INFO [localhost-startStop-1] 
> org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
> Service(id=Default MDB Container, type=Container, provider-id=Default MDB 
> Container)
> 23-Oct-2017 11:36:02.083 INFO [localhost-startStop-1] 
> org.apache.openejb.config.AutoConfig.createContainer Auto-creating a 
> container for bean MyMDB: Container(type=MESSAGE, id=Default MDB Container)
> 23-Oct-2017 11:36:02.084 INFO [localhost-startStop-1] 
> org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
> Service(id=Default JMS Resource Adapter, type=Resource, provider-id=Default 
> JMS Resource Adapter)
> 23-Oct-2017 11:36:02.085 INFO [localhost-startStop-1] 
> org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
> Service(id=Default Unmanaged JDBC Database, type=Resource, 
> provider-id=Default Unmanaged JDBC Database)
> 23-Oct-2017 11:36:02.085 INFO [localhost-startStop-1] 
> org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
> Resource(id=Default Unmanaged JDBC Database)
>
> But before, which I fine, I am able to see:
> 23-Oct-2017 11:36:01.209 INFO [main] 
> org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
> Resource(id=MyJmsResourceAdapter)
> 23-Oct-2017 11:36:01.267 INFO [main] 
> org.apache.openejb.assembler.classic.Assembler.doCreateResource Thread pool 
> size for 'MyJmsResourceAdapter' is (30)
> 
> 23-Oct-2017 11:36:01.466 INFO [main] 
> org.apache.openejb.resource.activemq.ActiveMQ5Factory.createBroker Using 
> ActiveMQ startup timeout of 1ms
> 23-Oct-2017 11:36:01.466 INFO [ActiveMQFactory start and checkpoint] 
> org.apache.openejb.resource.activemq.ActiveMQ5Factory$1.run Starting ActiveMQ 
> BrokerService
> 23-Oct-2017 11:36:01.473 INFO [ActiveMQFactory start and checkpoint] 
> org.apache.activemq.broker.BrokerService.doStartPersistenceAdapter Using 
> Persistence Adapter: MemoryPersistenceAdapter
> ...
>
> If I have well understood, my MDB uses "Default JMS Resource Adapter" and so, 
> is using persistence, right ?

Normally persistent=false in the URL shouldnt use any datasource but
since the value is set by default it can still create it, try setting
DataSource= in the properties maybe

>
> My question is then: how to configure this MDB to use  MyJmsResourceAdapter 
> instead of "Default JMS Resource Adapter" ?

Define the MDB container and set the resource adapter id, alternative
is to name your resource adapter with the default name.

>
> I have looked at http://activemq.apache.org/activation-spec-properties.html 
> but it seems that connectionFactory or connectionFactoryLookup is not defined 
>  :-(
> Because by this way, I will be able to reference the right adapter by adding 
> the following section to tomee.xml:
> 
> ResourceAdapter = MyJmsResourceAdapter
>  
> And in my code:
> @ActivationConfigProperty(propertyName = "connectionFactory", propertyValue = 
> "MyJmsConnectionFactory")
> right ?

the resource adapter supports ConnectionFactoryLookup I think

>
> Best Regards.
>
> -Original Message-
> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
> Sent: lundi 23 octobre 2017 11:33
> To: us...@tomee.apache.org
> Cc: users@cxf.apache.org
> Subject: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use persistence 
> for JMS ?
>
> & = & in xml ;)
>
> Romain Manni-Bucau
> @rmannibucau |  Blog | Old Blog | Github | LinkedIn
>
>
> 2017-10-23 10:34 GMT+02:00 COURTAULT Francois 
> :
>> Hello Romain,
>>
>> Get it I think :-)
>>
>> In my tomee.xml file (which is empty), I have added:
>> 
>> BrokerXmlConfig =  
>> broker:(tcp://localhost:61616)?useJmx=false&persistent=false
>> ServerUrl   =  vm://localhost
>>   
>>
>>
>> But when I started TomEE, I got:
>> 23-Oct-2017 10:25:02.708 INFO [main] 
>> org.apache.openejb.config.ConfigurationFactory.init TomEE configuration file 
>> is ' C:\Users\.\target\apache-tomee\conf\tomee.xml'
>> 23-Oct-2017 10:25:02.736 SEVERE [main] 
>> org.apache.openejb.OpenEJB$Instance. OpenEJB has encountered a fatal 
>> error and cannot be started: Assembler failed to build the container system.
>>  org.apache.openejb.OpenEJBException: Unable to read OpenEJB
>> configuration file at C:\Users\...\target\apache-tomee\conf\tomee.xml: The 
>> reference to entity "persistent" must end with the ';' delimiter.
>>
>> Any idea ?
>>
>> Best Regards.
>>
>> -Original Message-
>> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
>> Sent: lundi 23 octobre 2017 09:56
>> To: us...@tomee.apache.org
>> Cc: users@cxf.apache.org
>> Subject: Re: How

RE: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread COURTAULT Francois
Hello Romain,

Sorry to haven't found this by myself :-(

In my application, I have an MDB and in the log, I am able to see:
23-Oct-2017 11:36:02.079 INFO [localhost-startStop-1] 
org.apache.openejb.config.InitEjbDeployments.deploy Auto-deploying ejb MyMDB: 
EjbDeployment(deployment-id=MyMDB)
23-Oct-2017 11:36:02.083 INFO [localhost-startStop-1] 
org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
Service(id=Default MDB Container, type=Container, provider-id=Default MDB 
Container)
23-Oct-2017 11:36:02.083 INFO [localhost-startStop-1] 
org.apache.openejb.config.AutoConfig.createContainer Auto-creating a container 
for bean MyMDB: Container(type=MESSAGE, id=Default MDB Container)
23-Oct-2017 11:36:02.084 INFO [localhost-startStop-1] 
org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
Service(id=Default JMS Resource Adapter, type=Resource, provider-id=Default JMS 
Resource Adapter)
23-Oct-2017 11:36:02.085 INFO [localhost-startStop-1] 
org.apache.openejb.config.ConfigurationFactory.configureService Configuring 
Service(id=Default Unmanaged JDBC Database, type=Resource, provider-id=Default 
Unmanaged JDBC Database)
23-Oct-2017 11:36:02.085 INFO [localhost-startStop-1] 
org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
Resource(id=Default Unmanaged JDBC Database)

But before, which I fine, I am able to see:
23-Oct-2017 11:36:01.209 INFO [main] 
org.apache.openejb.assembler.classic.Assembler.createRecipe Creating 
Resource(id=MyJmsResourceAdapter)
23-Oct-2017 11:36:01.267 INFO [main] 
org.apache.openejb.assembler.classic.Assembler.doCreateResource Thread pool 
size for 'MyJmsResourceAdapter' is (30)

23-Oct-2017 11:36:01.466 INFO [main] 
org.apache.openejb.resource.activemq.ActiveMQ5Factory.createBroker Using 
ActiveMQ startup timeout of 1ms
23-Oct-2017 11:36:01.466 INFO [ActiveMQFactory start and checkpoint] 
org.apache.openejb.resource.activemq.ActiveMQ5Factory$1.run Starting ActiveMQ 
BrokerService
23-Oct-2017 11:36:01.473 INFO [ActiveMQFactory start and checkpoint] 
org.apache.activemq.broker.BrokerService.doStartPersistenceAdapter Using 
Persistence Adapter: MemoryPersistenceAdapter
...

If I have well understood, my MDB uses "Default JMS Resource Adapter" and so, 
is using persistence, right ?

My question is then: how to configure this MDB to use  MyJmsResourceAdapter 
instead of "Default JMS Resource Adapter" ?

I have looked at http://activemq.apache.org/activation-spec-properties.html but 
it seems that connectionFactory or connectionFactoryLookup is not defined  :-(
Because by this way, I will be able to reference the right adapter by adding 
the following section to tomee.xml:

ResourceAdapter = MyJmsResourceAdapter
 
And in my code:
@ActivationConfigProperty(propertyName = "connectionFactory", propertyValue = 
"MyJmsConnectionFactory")
right ?

Best Regards.

-Original Message-
From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
Sent: lundi 23 octobre 2017 11:33
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use persistence 
for JMS ?

& = & in xml ;)

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn


2017-10-23 10:34 GMT+02:00 COURTAULT Francois :
> Hello Romain,
>
> Get it I think :-)
>
> In my tomee.xml file (which is empty), I have added:
> 
> BrokerXmlConfig =  
> broker:(tcp://localhost:61616)?useJmx=false&persistent=false
> ServerUrl   =  vm://localhost
>   
>
>
> But when I started TomEE, I got:
> 23-Oct-2017 10:25:02.708 INFO [main] 
> org.apache.openejb.config.ConfigurationFactory.init TomEE configuration file 
> is ' C:\Users\.\target\apache-tomee\conf\tomee.xml'
> 23-Oct-2017 10:25:02.736 SEVERE [main] 
> org.apache.openejb.OpenEJB$Instance. OpenEJB has encountered a fatal 
> error and cannot be started: Assembler failed to build the container system.
>  org.apache.openejb.OpenEJBException: Unable to read OpenEJB
> configuration file at C:\Users\...\target\apache-tomee\conf\tomee.xml: The 
> reference to entity "persistent" must end with the ';' delimiter.
>
> Any idea ?
>
> Best Regards.
>
> -Original Message-
> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
> Sent: lundi 23 octobre 2017 09:56
> To: us...@tomee.apache.org
> Cc: users@cxf.apache.org
> Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?
>
> in WEB-INF/lib it will not work but the previous url was for tomee.xml
> AMQ adapter and not related to any spring config
>
> Romain Manni-Bucau
> @rmannibucau |  Blog | Old Blog | Github | LinkedIn
>
>
> 2017-10-23 9:54 GMT+02:00 COURTAULT Francois :
>> Hello Romain,
>>
>> Thanks for your answer but my question is more on how to achieve that 
>> without using some Spring/ActiveMQ libraries which customizes TomEE distro 
>> => requires to copy some jars in TomEE/lib folder.
>> Another solution could be to have those jars inside our app

Re: Swagger2feature / 3.1.12 (DOSGI)

2017-10-23 Thread Sergey Beryozkin
Thanks, sure, I've added a guard there to avoid auto-setting the host 
value if it's not null, you can try 3.1.14-SNAPSHOT or 3.2.1-SNAPSHOT now.
However, the question remains where '0.0.0.0' comes from in your case, 
when no host is set, which is a typical scenario, and I can see it is 
reported from URI.getHost().


What address value do you see in Swagger2Feature.setBasePathByAddress, 
before it tries to auto-set the host ?


Sergey

On 23/10/17 05:47, nino martinez wael wrote:
It enters the conditional statement (sethost have been called). And 
address becomes "http://0.0.0.0:9090/tdc/dialer/webservices/v1";





On Thu, Oct 12, 2017 at 3:51 PM, Sergey Beryozkin > wrote:


Hmm... I may've been wrong with some of the assumptions about what
Swagger2Feature does.

Can you please do a breakpoint at


https://github.com/apache/cxf/blob/cxf-3.1.12/rt/rs/description-swagger/src/main/java/org/apache/cxf/jaxrs/swagger/AbstractSwaggerFeature.java#L103



and see what happens, without even doing setHost().

I won't have time for a while to investigate it. But I'll take care
of adding a test for checking that setHost() works later on

Cheers, Sergey

On 12/10/17 13:42, nino martinez wael wrote:

Sure, I've made the changes to the cxf spring boot sample:


https://github.com/nmwael/cxf/commit/86630259982786f013faad658e84bd27bca368b7




The resulting swagger.json does not honor the host property,
host remains the same no matter what:

"host":"0.0.0.0:9000  "







On Thu, Oct 12, 2017 at 1:32 PM, Sergey Beryozkin
mailto:sberyoz...@gmail.com>
>> wrote:

     Hi

     CXF does not contribute itself to the generation of 'host'
within
     the Swagger JSON. For example, try a jaxrs/spring-boot
demo, or some
     of other swagger2 demos...

     If you'd like you can get the CXF source, and step through
the CXF
     Swagger2Feature

     Sergey

     On 12/10/17 11:06, nino martinez wael wrote:

         Hi Sergey,

         I've tried this:

         Swagger2Feature swagger =new Swagger2Feature();

         swagger.setHost("127.0.0.1:9090 

         ");

         swagger.setUsePathBasedConfig(true);


         BUT the swagger json still states:


0.0.0.0:9090  



         As far as I can see it is something CXF generates.. I cant
         really pinpoint where CXF grabs the configuration from,
but if I
         change

         swagger.setLicense("Commercial DOES THIS APPLY?");


         It does apply in the swagger json and I am able to
change that
         part, it is as CXF ignores the swagger.getHOST method...



         On Thu, Oct 12, 2017 at 11:25 AM, Sergey Beryozkin
         mailto:sberyoz...@gmail.com>
>
          
          
                  

                  On 11 Oct 2017 15:51, "Sergey Beryozkin"
         mailto:sberyoz...@gmail.com>
>
                  
         >> 
         >
                  
          wrote:

                       Sorry, I accidentally moved it from the

Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread Romain Manni-Bucau
& = & in xml ;)

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn


2017-10-23 10:34 GMT+02:00 COURTAULT Francois :
> Hello Romain,
>
> Get it I think :-)
>
> In my tomee.xml file (which is empty), I have added:
> 
> BrokerXmlConfig =  
> broker:(tcp://localhost:61616)?useJmx=false&persistent=false
> ServerUrl   =  vm://localhost
>   
>
>
> But when I started TomEE, I got:
> 23-Oct-2017 10:25:02.708 INFO [main] 
> org.apache.openejb.config.ConfigurationFactory.init TomEE configuration file 
> is ' C:\Users\.\target\apache-tomee\conf\tomee.xml'
> 23-Oct-2017 10:25:02.736 SEVERE [main] 
> org.apache.openejb.OpenEJB$Instance. OpenEJB has encountered a fatal 
> error and cannot be started: Assembler failed to build the container system.
>  org.apache.openejb.OpenEJBException: Unable to read OpenEJB configuration 
> file
> at C:\Users\...\target\apache-tomee\conf\tomee.xml: The reference to entity 
> "persistent" must end with the ';' delimiter.
>
> Any idea ?
>
> Best Regards.
>
> -Original Message-
> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
> Sent: lundi 23 octobre 2017 09:56
> To: us...@tomee.apache.org
> Cc: users@cxf.apache.org
> Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?
>
> in WEB-INF/lib it will not work but the previous url was for tomee.xml AMQ 
> adapter and not related to any spring config
>
> Romain Manni-Bucau
> @rmannibucau |  Blog | Old Blog | Github | LinkedIn
>
>
> 2017-10-23 9:54 GMT+02:00 COURTAULT Francois :
>> Hello Romain,
>>
>> Thanks for your answer but my question is more on how to achieve that 
>> without using some Spring/ActiveMQ libraries which customizes TomEE distro 
>> => requires to copy some jars in TomEE/lib folder.
>> Another solution could be to have those jars inside our application
>> (in WEB-INF/lib): do you know if it will work ? (avoid TomEE
>> customization except for activemq.xml and tomee.xml)
>>
>> Best Regards.
>>
>> -Original Message-
>> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
>> Sent: lundi 23 octobre 2017 09:33
>> To: us...@tomee.apache.org
>> Cc: users@cxf.apache.org
>> Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?
>>
>> Hi Francois,
>>
>> you are right, you can set the broker url to:
>> broker:(tcp://localhost:61616)?useJmx=false&persistent=false
>>
>> to disable the persistence and jmx (for instance)
>>
>> Romain Manni-Bucau
>> @rmannibucau |  Blog | Old Blog | Github | LinkedIn
>>
>>
>> 2017-10-23 9:30 GMT+02:00 COURTAULT Francois 
>> :
>>> Hello,
>>>
>>> First, it seems that, by default, ActiveMQ in TomEE, in case we use some 
>>> JMS stuff in our application, uses persistent repository, right ?
>>> Second, looking at some ActiveMQ docs, one way to disable persistence for 
>>> JMS is to :
>>>
>>> * Have an activemq.xml file with the following setting >> persistent="false" 
>>>
>>> * Have a tomee.xml file which refers the activemq.xml.
>>>
>>> The issue I have is that, for TomEE/ActiveMQ to read these files, we have 
>>> to use some Spring libraries like activemq-spring.jar either in TomEE/lib 
>>> (preferred way, right ?) or war WEB-INF/lib.
>>>
>>> So, the question is: does it exist another way to disable persistence for 
>>> JMS without having to use some Spring  libraries ?
>>>
>>> Best Regards.
>>> 
>>> This message and any attachments are intended solely for the addressees and 
>>> may contain confidential information. Any unauthorized use or disclosure, 
>>> either whole or partial, is prohibited.
>>> E-mails are susceptible to alteration. Our company shall not be liable for 
>>> the message if altered, changed or falsified. If you are not the intended 
>>> recipient of this message, please delete it and notify the sender.
>>> Although all reasonable efforts have been made to keep this transmission 
>>> free from viruses, the sender will not be liable for damages caused by a 
>>> transmitted virus.
>> 
>>  This message and any attachments are intended solely for the addressees and 
>> may contain confidential information. Any unauthorized use or disclosure, 
>> either whole or partial, is prohibited.
>> E-mails are susceptible to alteration. Our company shall not be liable for 
>> the message if altered, changed or falsified. If you are not the intended 
>> recipient of this message, please delete it and notify the sender.
>> Although all reasonable efforts have been made to keep this transmission 
>> free from viruses, the sender will not be liable for damages caused by a 
>> transmitted virus.
> 
>  This message and any attachments are intended solely for the addressees and 
> may contain confidential information. Any unauthorized use or disclosure, 
> either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for 
> the messa

Re: cxf-java2wadl-plugin java2wadl questions

2017-10-23 Thread Sergey Beryozkin

Hi, I think you'll need to enable the snapshot repositories

Sergey
On 22/10/17 09:14, Eyal Weingart wrote:

Hi Sergey

Should i download something manually for the 3.1.14-SNAPSHOT version (and if so 
how and from where)?
Because i'm trying to do it thru the maven build (defining the version of the 
artifact as 3.1.14-SNAPSHOT) and it does not download this version.

And it comes with the below error (of course) :
Plugin org.apache.cxf:cxf-java2wadl-plugin:3.1.14-SNAPSHOT or one of 
its dependencies could not be resolved: Failed to read artifact descriptor for 
org.apache.cxf:cxf-java2wadl-   plugin:jar:3.1.14-SNAPSHOT: Could not find 
artifact org.apache.cxf:cxf-java2wadl-plugin:pom:3.1.14-SNAPSHOT in


Thanks,
Eyal


-Original Message-
From: Sergey Beryozkin [mailto:sberyoz...@gmail.com]
Sent: 19 October, 2017 17:01
To: Eyal Weingart ; users 

Subject: Re: cxf-java2wadl-plugin java2wadl questions

Np, by the way, the custom provider will need to have a constructor accepting 
'Bus' which it can provide to the super...

Sergey
On 19/10/17 14:06, Eyal Weingart wrote:

Thanks a lot!
I will check this on Sunday (leaving for the weekend) and will let you
know Working currently with version 3.1.4 and not 3.1.14 so will need to fix 
some dependencies so my build will not fail...

Thanks,
Eyal


-Original Message-
From: Sergey Beryozkin [mailto:sberyoz...@gmail.com]
Sent: 19 October, 2017 15:20
To: Eyal Weingart ; users

Subject: Re: cxf-java2wadl-plugin java2wadl questions

Hi Eyal
On 19/10/17 09:47, Eyal Weingart wrote:

Hi Sergey

1. Do you see a future option to custom the WADL generator class
during the maven build? If so, what is a reasonable timeline for this?
(Just to know how to plan ahead)


I've added a 'customWadlGenerator' parameter, give 3.1.14-SNAPSHOT or
3.2.1-SNAPSHOT a try

2. Regarding the "classResourceNames" and multiple WADL files question, i think 
i was misunderstood, it is not that each rest class holds 1 service, i meant that each 
rest class holds
1 business with few operations.
For example, 1 class holds books operations, another class holds 
teachers operations and another class will hold course operations - so our 
expectation is that we should have
3 separate WADLs generated - what do you think?


That is fine, it is just that it can't be really solved at the
WADLGenerator level - in your case the separation may be clean, in
other cases - may be not. And from the practical point of view it will
push the already very complex WADLGenerator code to the limit if we
started trying updating it to push the info to many files

Thanks, Sergey


Thanks,
Eyal


-Original Message-
From: Eyal Weingart
Sent: 18 October, 2017 13:47
To: Sergey Beryozkin ; users

Subject: RE: cxf-java2wadl-plugin java2wadl questions

Well, actually i was referring to applicative error codes (and their
descriptions) - that might be useful by users so can they understand
the exact issue


Thanks,
Eyal


-Original Message-
From: Sergey Beryozkin [mailto:sberyoz...@gmail.com]
Sent: 18 October, 2017 12:44
To: Eyal Weingart ; users

Subject: Re: cxf-java2wadl-plugin java2wadl questions

That said, while customizing a response serialization in order to show the 
extra statuses can help users see them, one can document it as well.

For example, I do not see how the information that a given response can return 
405 can be practically used. Well, one can type for example a 405 catch block 
on the client knowing 405 can be returned, but I'm not sure what difference it 
makes, where this 405 info is located in the response statuses or in the docs...

Cheers, Sergey
On 18/10/17 10:37, Sergey Beryozkin wrote:

I forgot it's really about using a Maven plugin.
Hmm...I guess we may need to support a custom class...

Sergey
On 18/10/17 07:06, Eyal Weingart wrote:

Thanks again.
Regarding: "Create MyWadlGenerator extending WADLGenerator,
override whatever is needed, and register MyWadlGenerator as a jaxrs:provider"
Where exactly do i need to register the MyWadlGenerator as a
jaxrs:provider? I saw it can be done in a spring file that serves
cases for WADL Auto Generation at Runtime.
But where/how should i do it in the pom.xml for the
cxf-java2wadl-plugin in order for it to be activated during build
time


Thanks,
Eyal


-Original Message-
From: Sergey Beryozkin [mailto:sberyoz...@gmail.com]
Sent: 17 October, 2017 17:48
To: Eyal Weingart ; users

Subject: Re: cxf-java2wadl-plugin java2wadl questions

Hi,
On 17/10/17 15:28, Eyal Weingart wrote:

Thanks Sergey for the quick response.

1. Regarding the customization option, one example i can think of
(and it relates to issue#2 below) is that we want to use multiple
DocTarget.RESPONSE in order to display multiple error codes and
since the generic code does not support it then this logic could
have been applied in the customization class.


Well, there are so many possible customization points that one can
think of,

RE: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread COURTAULT Francois
Hello Romain,

Get it I think :-)

In my tomee.xml file (which is empty), I have added:

BrokerXmlConfig =  
broker:(tcp://localhost:61616)?useJmx=false&persistent=false
ServerUrl   =  vm://localhost
  


But when I started TomEE, I got:
23-Oct-2017 10:25:02.708 INFO [main] 
org.apache.openejb.config.ConfigurationFactory.init TomEE configuration file is 
' C:\Users\.\target\apache-tomee\conf\tomee.xml'
23-Oct-2017 10:25:02.736 SEVERE [main] 
org.apache.openejb.OpenEJB$Instance. OpenEJB has encountered a fatal 
error and cannot be started: Assembler failed to build the container system.
 org.apache.openejb.OpenEJBException: Unable to read OpenEJB configuration file
at C:\Users\...\target\apache-tomee\conf\tomee.xml: The reference to entity 
"persistent" must end with the ';' delimiter.

Any idea ?

Best Regards.

-Original Message-
From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
Sent: lundi 23 octobre 2017 09:56
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

in WEB-INF/lib it will not work but the previous url was for tomee.xml AMQ 
adapter and not related to any spring config

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn


2017-10-23 9:54 GMT+02:00 COURTAULT Francois :
> Hello Romain,
>
> Thanks for your answer but my question is more on how to achieve that without 
> using some Spring/ActiveMQ libraries which customizes TomEE distro => 
> requires to copy some jars in TomEE/lib folder.
> Another solution could be to have those jars inside our application
> (in WEB-INF/lib): do you know if it will work ? (avoid TomEE
> customization except for activemq.xml and tomee.xml)
>
> Best Regards.
>
> -Original Message-
> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
> Sent: lundi 23 octobre 2017 09:33
> To: us...@tomee.apache.org
> Cc: users@cxf.apache.org
> Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?
>
> Hi Francois,
>
> you are right, you can set the broker url to:
> broker:(tcp://localhost:61616)?useJmx=false&persistent=false
>
> to disable the persistence and jmx (for instance)
>
> Romain Manni-Bucau
> @rmannibucau |  Blog | Old Blog | Github | LinkedIn
>
>
> 2017-10-23 9:30 GMT+02:00 COURTAULT Francois :
>> Hello,
>>
>> First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS 
>> stuff in our application, uses persistent repository, right ?
>> Second, looking at some ActiveMQ docs, one way to disable persistence for 
>> JMS is to :
>>
>> * Have an activemq.xml file with the following setting > persistent="false" 
>>
>> * Have a tomee.xml file which refers the activemq.xml.
>>
>> The issue I have is that, for TomEE/ActiveMQ to read these files, we have to 
>> use some Spring libraries like activemq-spring.jar either in TomEE/lib 
>> (preferred way, right ?) or war WEB-INF/lib.
>>
>> So, the question is: does it exist another way to disable persistence for 
>> JMS without having to use some Spring  libraries ?
>>
>> Best Regards.
>> 
>> This message and any attachments are intended solely for the addressees and 
>> may contain confidential information. Any unauthorized use or disclosure, 
>> either whole or partial, is prohibited.
>> E-mails are susceptible to alteration. Our company shall not be liable for 
>> the message if altered, changed or falsified. If you are not the intended 
>> recipient of this message, please delete it and notify the sender.
>> Although all reasonable efforts have been made to keep this transmission 
>> free from viruses, the sender will not be liable for damages caused by a 
>> transmitted virus.
> 
>  This message and any attachments are intended solely for the addressees and 
> may contain confidential information. Any unauthorized use or disclosure, 
> either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for 
> the message if altered, changed or falsified. If you are not the intended 
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free 
> from viruses, the sender will not be liable for damages caused by a 
> transmitted virus.

 This message and any attachments are intended solely for the addressees and 
may contain confidential information. Any unauthorized use or disclosure, 
either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the 
message if altered, changed or falsified. If you are not the intended recipient 
of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free 
from viruses, the sender will not be liable for damages caused by a transmitted 
virus.

Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread Romain Manni-Bucau
in WEB-INF/lib it will not work but the previous url was for tomee.xml
AMQ adapter and not related to any spring config

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn


2017-10-23 9:54 GMT+02:00 COURTAULT Francois :
> Hello Romain,
>
> Thanks for your answer but my question is more on how to achieve that without 
> using some Spring/ActiveMQ libraries which customizes TomEE distro => 
> requires to copy some jars in TomEE/lib folder.
> Another solution could be to have those jars inside our application (in 
> WEB-INF/lib): do you know if it will work ? (avoid TomEE customization except 
> for activemq.xml and tomee.xml)
>
> Best Regards.
>
> -Original Message-
> From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
> Sent: lundi 23 octobre 2017 09:33
> To: us...@tomee.apache.org
> Cc: users@cxf.apache.org
> Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?
>
> Hi Francois,
>
> you are right, you can set the broker url to:
> broker:(tcp://localhost:61616)?useJmx=false&persistent=false
>
> to disable the persistence and jmx (for instance)
>
> Romain Manni-Bucau
> @rmannibucau |  Blog | Old Blog | Github | LinkedIn
>
>
> 2017-10-23 9:30 GMT+02:00 COURTAULT Francois :
>> Hello,
>>
>> First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS 
>> stuff in our application, uses persistent repository, right ?
>> Second, looking at some ActiveMQ docs, one way to disable persistence for 
>> JMS is to :
>>
>> * Have an activemq.xml file with the following setting > persistent="false" 
>>
>> * Have a tomee.xml file which refers the activemq.xml.
>>
>> The issue I have is that, for TomEE/ActiveMQ to read these files, we have to 
>> use some Spring libraries like activemq-spring.jar either in TomEE/lib 
>> (preferred way, right ?) or war WEB-INF/lib.
>>
>> So, the question is: does it exist another way to disable persistence for 
>> JMS without having to use some Spring  libraries ?
>>
>> Best Regards.
>> 
>> This message and any attachments are intended solely for the addressees and 
>> may contain confidential information. Any unauthorized use or disclosure, 
>> either whole or partial, is prohibited.
>> E-mails are susceptible to alteration. Our company shall not be liable for 
>> the message if altered, changed or falsified. If you are not the intended 
>> recipient of this message, please delete it and notify the sender.
>> Although all reasonable efforts have been made to keep this transmission 
>> free from viruses, the sender will not be liable for damages caused by a 
>> transmitted virus.
> 
>  This message and any attachments are intended solely for the addressees and 
> may contain confidential information. Any unauthorized use or disclosure, 
> either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for 
> the message if altered, changed or falsified. If you are not the intended 
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free 
> from viruses, the sender will not be liable for damages caused by a 
> transmitted virus.


RE: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread COURTAULT Francois
Hello Romain,

Thanks for your answer but my question is more on how to achieve that without 
using some Spring/ActiveMQ libraries which customizes TomEE distro => requires 
to copy some jars in TomEE/lib folder.
Another solution could be to have those jars inside our application (in 
WEB-INF/lib): do you know if it will work ? (avoid TomEE customization except 
for activemq.xml and tomee.xml)

Best Regards.

-Original Message-
From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
Sent: lundi 23 octobre 2017 09:33
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

Hi Francois,

you are right, you can set the broker url to:
broker:(tcp://localhost:61616)?useJmx=false&persistent=false

to disable the persistence and jmx (for instance)

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn


2017-10-23 9:30 GMT+02:00 COURTAULT Francois :
> Hello,
>
> First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS 
> stuff in our application, uses persistent repository, right ?
> Second, looking at some ActiveMQ docs, one way to disable persistence for JMS 
> is to :
>
> * Have an activemq.xml file with the following setting  persistent="false" 
>
> * Have a tomee.xml file which refers the activemq.xml.
>
> The issue I have is that, for TomEE/ActiveMQ to read these files, we have to 
> use some Spring libraries like activemq-spring.jar either in TomEE/lib 
> (preferred way, right ?) or war WEB-INF/lib.
>
> So, the question is: does it exist another way to disable persistence for JMS 
> without having to use some Spring  libraries ?
>
> Best Regards.
> 
> This message and any attachments are intended solely for the addressees and 
> may contain confidential information. Any unauthorized use or disclosure, 
> either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for 
> the message if altered, changed or falsified. If you are not the intended 
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free 
> from viruses, the sender will not be liable for damages caused by a 
> transmitted virus.

 This message and any attachments are intended solely for the addressees and 
may contain confidential information. Any unauthorized use or disclosure, 
either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the 
message if altered, changed or falsified. If you are not the intended recipient 
of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free 
from viruses, the sender will not be liable for damages caused by a transmitted 
virus.


Re: How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread Romain Manni-Bucau
Hi Francois,

you are right, you can set the broker url to:
broker:(tcp://localhost:61616)?useJmx=false&persistent=false

to disable the persistence and jmx (for instance)

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn


2017-10-23 9:30 GMT+02:00 COURTAULT Francois :
> Hello,
>
> First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS 
> stuff in our application, uses persistent repository, right ?
> Second, looking at some ActiveMQ docs, one way to disable persistence for JMS 
> is to :
>
> * Have an activemq.xml file with the following setting  persistent="false" 
>
> * Have a tomee.xml file which refers the activemq.xml.
>
> The issue I have is that, for TomEE/ActiveMQ to read these files, we have to 
> use some Spring libraries like activemq-spring.jar either in TomEE/lib 
> (preferred way, right ?) or war WEB-INF/lib.
>
> So, the question is: does it exist another way to disable persistence for JMS 
> without having to use some Spring  libraries ?
>
> Best Regards.
> 
> This message and any attachments are intended solely for the addressees and 
> may contain confidential information. Any unauthorized use or disclosure, 
> either whole or partial, is prohibited.
> E-mails are susceptible to alteration. Our company shall not be liable for 
> the message if altered, changed or falsified. If you are not the intended 
> recipient of this message, please delete it and notify the sender.
> Although all reasonable efforts have been made to keep this transmission free 
> from viruses, the sender will not be liable for damages caused by a 
> transmitted virus.


How to setup ActiveMQ in TomEE to not use persistence for JMS ?

2017-10-23 Thread COURTAULT Francois
Hello,

First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS 
stuff in our application, uses persistent repository, right ?
Second, looking at some ActiveMQ docs, one way to disable persistence for JMS 
is to :

* Have an activemq.xml file with the following setting