2016-03-23 18:26 GMT+04:00 Sergey Beryozkin :
>
> I'm not sure what happens when you use @SchemaValidation and no schema
> holder. Can you please put a breakpoint in AbstractJaxbProvider.init() and
> see how SchemaValidation is processed. I can imagine that a schema will be
Thank you Colm, that policy did help out.
Thanks,
Giriraj
On Mar 23, 2016 1:57 PM, "Colm O hEigeartaigh" wrote:
> See here:
>
>
>
Thanks Sergey for prompt response.
I am testing with
https://github.com/apache/cxf/blob/master/rt/transports/http-hc/src/test/java/org/apache/cxf/transport/http/asyncclient/AsyncHTTPConduitTest.java.
I set following in already existing start method.
#alreadythere in testcase
Bus b =
See here:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl;h=dcf01b23c124795a04be170f5d8079102a516b35;hb=HEAD
On Wed, Mar 23, 2016 at 5:50 PM, Giriraj Bhojak wrote:
> Thank
Thank you Colm.
Would you have a policy example of using EncryptedElements instead of
using EncryptedParts?
I tried few combinations, but they didn't work out.
Thanks,
Giriraj
On Mar 23, 2016 12:58 PM, "Colm O hEigeartaigh" wrote:
> Answers inline.
>
> On Wed, Mar 23, 2016
Answers inline.
On Wed, Mar 23, 2016 at 4:49 PM, Giriraj Bhojak wrote:
> Do you mean to say the timestamp is not just signed but encrypted as well
> if it is part of the AsymmetricBinding?
>
No, just signed.
> In my policy I have also added username token as a supporting
Can you clarify please what you'd like to do, as far as enabling OAuth2 is
concerned ?
Cheers, Sergey
--
View this message in context:
http://cxf.547215.n5.nabble.com/oauth2-server-side-cxf-configuration-tp5767107p5767152.html
Sent from the cxf-user mailing list archive at Nabble.com.
Well, I suppose you set as per the documentation.
I'm not sure why it has no effect with HttpAsyncClient, I'll experiment a
bit later
Sergey
--
View this message in context:
http://cxf.547215.n5.nabble.com/CXF-JAXRS-Client-HttpAsyncClient-and-KeepAlive-tp5747402p5767151.html
Sent from the
Oh, well that explains it then. Thanx!
Stephen W. Chappell
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: Wednesday, March 23, 2016 8:45 AM
To: Chappell, Stephen CTR (FAA)
Cc: users@cxf.apache.org
Subject: Re: STSClient.validateSecurityToken expects
That's because there are no security policies that support RSA-SHA256 as
the specs are quite old now, so CXF gives you the option of overriding the
signature algorithm via a configuration parameter.
Colm.
On Wed, Mar 23, 2016 at 12:38 PM, wrote:
> Solved. Sucking
Solved. Sucking in the WSDL and using the WS-SecurityPolicy did the trick, once
I set up the ws-security.signature.* properties in the property map. One weird
thing though is that I had to explicitly set the signature algorithm ...
...
2016-03-23 15:48 GMT+04:00 Sergey Beryozkin :
> Thanks for the analysis and the patch, I'm traveling so will look into it
> in detail next week (though might apply the patch earlier), does your patch
> addresses all of your concerns you raised in this thread ?
>
>
Yes,
Hi
How do you set it ?
Cheers, Sergey
On 23/03/16 08:51, chandra shekhar wrote:
Hi Sergey, I set CONNECTION_TTL but I do not see any affect. I see that
connection always close in a minute which I see is receiveTimeout default
value.
Any suggestions here.
--
View this message in context:
Thanks for the analysis and the patch, I'm traveling so will look into
it in detail next week (though might apply the patch earlier), does your
patch addresses all of your concerns you raised in this thread ?
Cheers, Sergey
On 23/03/16 08:21, Vjacheslav V. Borisov wrote:
Don't know, how
I was used to using the interceptors from other projects, so I didn’t really
give it any thought; but it does make more sense to use the policy approach.
Now if I can just get the property map configured right …
Stephen W. Chappell
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent:
I guess so. It's unusual to use the WSS4J interceptors when invoking on the
STS, all of the testing is done with WS-SecurityPolicy.
Colm.
On Wed, Mar 23, 2016 at 11:37 AM, wrote:
> Yeah, that is exactly what my wsdl looks like. I think the problem is that
> I
Yeah, that is exactly what my wsdl looks like. I think the problem is that I
didn't specify a wsdlLocation in my client bean, only a location. That worked
fine for the issue operation, but not at all for validate. So I tried
configuring that and ran into some new problems, which I think is
What does your WSDL look like? At a guess it is expecting the Collection to
be returned as opposed to the single element. The portType should look
something like:
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate;
message="tns:RequestSecurityTokenMsg"/>
If you are using the SymmetricBinding or AsymmetricBinding policies, the
Timestamp is automatically signed if the "IncludeTimestamp" policy is in
the Binding policy.
The "sp:Header" policy in SignedParts/EncryptedParts is designed to be used
for SOAP headers, not for internal headers in the
See here: http://cxf.apache.org/mailing-lists.html
Colm.
On Tue, Mar 22, 2016 at 7:43 PM, Tim Clotworthy <
tclotwor...@bluestonelogic.com> wrote:
> Hello,
>
> I am trying to unsubscribe to :
>
> users@cxf.apache.org
> any help is greatly appreciated. Thank you
>
--
Colm O hEigeartaigh
20 matches
Mail list logo