Hi,
Is it possible to do custom client authentication using CertConstraintsFeature
with CXF application deployed in tomcat?
Basically, tomcat is configured with SSL. But instead of tomcat doing client
auth for all endpoints, I want to configure it for each service defined in my
xml (
Hi,
I want to limit the xml payload size received by REST service (dispatcher
based). In the CXF documentation, I see that there's a
DepthRestrictingStreamInterceptor that works on element counts, but is there
something built-in that looks at size of payload?
Or do I have to implement it as sugg
or does CXF have something to make it easier?
-Vinay
-Original Message-
From: Sergey Beryozkin [mailto:sberyoz...@gmail.com]
Sent: Tuesday, May 21, 2013 4:56 AM
To: users@cxf.apache.org
Subject: Re: REST with JAX-WS Provider: attachment support
Hi
On 21/05/13 00:10, Penmatsa, Vinay wrote
ource manually.
-Vinay
-Original Message-
From: Sergey Beryozkin [mailto:sberyoz...@gmail.com]
Sent: Monday, May 20, 2013 4:59 PM
To: users@cxf.apache.org
Subject: Re: REST with JAX-WS Provider: attachment support
Hi
On 20/05/13 21:28, Penmatsa, Vinay wrote:
> Hi,
> I have a REST servi
Hi,
I have a REST service based on JAX-WS Provider and Dispatch (implementing
Provider). Until now, I accept/produce only XML. Now, I have to
support attachments.
Now, it seems like request should be "multipart/related" as only
AttachmentInInterceptor is part of the chain by default. I could pr
Ok, that seems to be a non-issue. Something I did wrong. Pls ignore.
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Wednesday, May 15, 2013 12:05 PM
To: users@cxf.apache.org
Subject: RE: JAX-RS XmlAttachmentRef
Just one more thing...
There seems to be a
ect: Re: JAX-RS XmlAttachmentRef
Hi - yes, I'll update once it's done
Cheers. Sergey
On 15/05/13 14:51, Penmatsa, Vinay wrote:
> Hi Sergey,
> Thanks. Would you fix this in 2.6.x?
>
> -Vinay
>
> -Original Message-
> From: Sergey Beryozkin [mailto:sberyoz...@gmail.c
/13 20:24, Penmatsa, Vinay wrote:
> Sorry, I keep answering my own mail.
>
> What I did is override JAXBElementProvider with an implementation of
> addAttachmentMarshaller() using
> org.apache.cxf.jaxb.attachment.JAXBAttachmentMarshaller instead of
the reason org.apache.cxf.jaxrs.provider.JAXBAttachmentMarshaller does
not implement addSwaRefAttachment()?
-Vinay
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Tuesday, May 14, 2013 1:46 PM
To: users@cxf.apache.org
Subject: RE: JAX-RS XmlAttachmentRef
Oh I see...MTOM is
Oh I see...MTOM is enabled for @XMLElement. That's why it works.
Is swaref with @XMLAttachmentRef not supported?
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Tuesday, May 14, 2013 12:49 PM
To: users@cxf.apache.org
Subject: JAX-RS XmlAttachmentRe
Hi
Using CXF 2.6.1,
@XmlAttachmentRef
private DataHandler email;
produces the following error:
Caused by: java.lang.UnsupportedOperationException
at
org.apache.cxf.jaxrs.provider.JAXBAttachmentMarshaller.addSwaRefAttachment(JAXBAttachmentMarshaller.java:73)
at
c
Hi,
I seems that when an exception is thrown by service code, the
StaxOutInterceptor and StaxOutEndingInterceptor are added to the outbound
chain. But StaxOutEndingInterceptor is throwing this exception:" Trying to
write END_DOCUMENT when document has no root (ie. trying to output empty
documen
>From documentation in
>http://cxf.apache.org/docs/jax-rs-basics.html#JAX-RSBasics-MessageBodyProviders:
"By default, CXF supports String, byte[], InputStream, Reader, File, JAXP
Source, JAX-RS StreamingOutput, JAXB-annotated types with application/xml,
text/xml and application/json formats as
robably be setting the message
context here as well.
Colm.
On Tue, May 15, 2012 at 11:05 PM, Penmatsa, Vinay
wrote:
> It might be that UsernameTokenInterceptor is not populating the RequestData's
> msgcontext.
> Is this deliberate?
> UsernameTokenInterceptor.getPrinc
It might be that UsernameTokenInterceptor is not populating the RequestData's
msgcontext.
Is this deliberate?
UsernameTokenInterceptor.getPrincipal() line #178
-Vinay
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Tuesday, May 15, 2012 5:55
Hi,
I just upgraded to 2.6 from 2.4.1
I had a custom UsernameTokenValidator where I override
verifyDigestPassword(UsernameToken usernameToken, RequestData data).
Within that I had the following code to get access to request object.
###
SoapMessage soapMsg = (SoapMessage)data.getMsgContext();
Hi,
I want to prefix a string to certain namespaces in the generated tags in the
source code(from wsdl 2 java). Any examples of how I can do it?
In wsdl, say target namespace is http://services.foo.com
In java interface generated, I need the tag
@WebService(targetNamespace = http://prefix.servic
Hi,
Can you point me to an example of Java-first WS-SecurityPolicy?
The problem I have is though the wsdl shows the security policy, the policy is
not enforced when the client calls the service.
Using CXF 2.4.1
-Vinay
add support to the AsymmetricBindingHandler to use this
policy.
Colm.
On Mon, Nov 14, 2011 at 7:21 PM, Penmatsa, Vinay wrote:
> I'm running CXF 2.4.1.
> I do not see implementation or builder for IntiatorSignatureToken. Should I
> do it myself?
>
> -Vinay
>
>
>
Hi,
I added Policy annotations to the java interface in in java-first service and
added the cxf-rt-ws-policy and cxf-rt-ws-security modules. Also, added the
following in cxf config:
Is there anything else to get the policy runtime working?
The Policy Interceptor doesn't seem to be invoked.
Re
I think you can LoggingFeature in the client to get that
Bus bus = BusFactory.getDefaultBus();
List features = new ArrayList();
features.add(new LoggingFeature());
for(AbstractFeature feature : features) {
feature.initialize(bus);
}
-Vinay
-Original Message-
From: Ángel L García S
I'm running CXF 2.4.1.
I do not see implementation or builder for IntiatorSignatureToken. Should I do
it myself?
-Vinay
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Monday, November 14, 2011 2:07 PM
To: users@cxf.apache.org
Su
Hi,
A service that I need to use has the following policy definition:
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/Include
Hi,
I have both "code first" and "wsdl first" scenarios in which I have to support
WS-Security with various security tokens. To make it easier for CXF clients, I
need to provide policy definitions in wsdl in all scenarios.
I find from CXF documentation - "Note: at this point, WS-SecurityPolicy su
;ALWAYS_ENCRYPT_UT" variable here:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?view=markup
Why would you want to send an unencrypted UsernameToken across the
wire? An eavesdropper could just harvest the username/password.
Colm
Hi,
With the following policy definition, the header is sent encrypted. How can I
get the client to only sign and not encrypt?
--
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/poli
, validatorMap);
WSS4JInInterceptor unTokenInterceptor = new WSS4JInInterceptor(props);
-Vinay
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Thursday, September 22, 2011 5:37 PM
To: users@cxf.apache.org
Subject: RE: UsernameTokenHandler required? or Help with
Hi,
Which version of CXF are you using? I think there have been some changes in
usage of the callback handler:
http://coheigea.blogspot.com/2011/02/usernametoken-processing-changes-in.html
Now, you need to set the password on the callback handler and the
UsernameTokenValidator does the verificati
Ok, got this. The answer is in WSHandlerConstants.USE_REQ_SIG_CERT
Thanks
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Friday, August 19, 2011 3:39 PM
To: users@cxf.apache.org
Subject: Encrypt response with client cert
Hi,
Is it possible with CXF to
: InitiatorSignatureToken
Yes. You can disable this by setting the SecurityConstants tag
"ws-security.is-bsp-compliant" to "false".
Colm.
On Thu, Aug 18, 2011 at 4:06 PM, Penmatsa, Vinay wrote:
> It seems the BSPEnforcer rejects the signature security token reference
&g
xception(
WSSecurityException.INVALID_SECURITY_TOKEN,
"invalidTokenType",
new Object[]{tokenType}
);
}
-Vinay
-Original Message-----
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Thursday, August 18, 2011 10:08 AM
To: users@cxf.apac
I may have fixed a bug related to this.
>
Actually, try 2.4.2 if you can.If you are going to attempt an upgrade,
jump to the latest. :-)
Dan
> Colm.
>
> On Thu, Aug 18, 2011 at 1:31 PM, Penmatsa, Vinay
wrote:
> > CXF 2.4.0
> >
> >
> > -V
>
>
>
>
>
>
---
-Vinay
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: Thursday, August 18, 2011 7:17 AM
To: users@cxf.apache.org
Subject: Re: InitiatorSignatureToken
What does the full policy look
Hi,
I'm unable to define the correct policy for SAML_TOKEN_SIGNED. The following
gets the STS token and includes it in the request, but now I need sign the
message.
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";>
Hi,
The default actions are defined in WSHandlerConstants (the source code would
help)
Also, see this page: http://cxf.apache.org/docs/ws-security.html
Which one to use depends on the security chosen by the service. If there is no
policy config in the wsdl, I think you should know from the provid
:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?view=markup
HTH
Thanks
Oli
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.penma...@sap.com]
Sent: Freitag, 12. August 2011 22
Hi,
I have the wsdl for a service from which I generated the client stubs. I have
the following configuration:
http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:http="http://cxf.apache.org/transports/http/configuration";
xm
which implements the communication with the STS:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?view=markup
HTH
Thanks
Oli
-Original Message-
From: Penmatsa, Vinay [mailto:vinay.pe
Hello,
I am able to get security token from STS, but now I want to use in the service
call. The problem is for STSClient I'm using spring configuration partially.
I have generated the web service client. How can I combine these two?
I tried to do:
((BindingProvider)port).getRequestContext().put(
Hi,
Sorry, I should have looked at the source code. It seems the
setAddressingNamespace() should also be set for this to work.
Thanks.
-Original Message-
From: Penmatsa, Vinay
Sent: Thursday, August 11, 2011 8:57 AM
To: users@cxf.apache.org
Subject: STSClient "AppliesTo"
Hi,
Hi,
There's a method STSClient.requestSecurityToken(String appliesTo). When I use
this method the resulting request doesn't seem to contain tag.
Are these two related?
If not, how can I include the in the request?
-Vinay
-----
From: Penmatsa, Vinay
Sent: Monday, August 08, 2011 1:21 PM
To: users@cxf.apache.org
Subject: RE: TLSClientParameters
Hi Dan,
Thanks for adding the feature.
Meanwhile, I started to use spring configuration. The server is configured for
X.509 Client certificate authentication to STS, and the clie
iel Kulp [mailto:dk...@apache.org]
Sent: Monday, August 08, 2011 12:30 PM
To: users@cxf.apache.org
Cc: Penmatsa, Vinay
Subject: Re: TLSClientParameters
On Monday, August 08, 2011 8:42:53 AM Penmatsa, Vinay wrote:
> Hi Dan,
> Thanks.
> How can I set the TLS params in the STSClient?
Hi Dan,
Thanks.
How can I set the TLS params in the STSClient? Is there an example of using
STSClient this way?
-Vinay
-Original Message-
From: Daniel Kulp [mailto:dk...@apache.org]
Sent: Friday, August 05, 2011 5:29 PM
To: users@cxf.apache.org
Cc: Penmatsa, Vinay
Subject: Re
uot;);
stsProps.put("ws-security.password", "password");
stsClient.setProperties(stsProps);
SecurityToken st = stsClient.requestSecurityToken();
-
I'm using cxf 2.4.
-Original Message-
From: Daniel Kulp [mailto:dk...@apache.org]
Sent: Friday, August 05, 2011
://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport%28includingSSLsupport%29-ConfiguringSSLSupport
HTH
Regards
--
Prisca
On Fri, Aug 5, 2011 at 5:10 PM, Penmatsa, Vinay wrote:
> I'm unable to set the 'disableCNCheck' programmatically as below:
&g
I'm unable to set the 'disableCNCheck' programmatically as below:
HTTPConduit http = (HTTPConduit) client.getConduit();
TLSClientParameters param = new TLSClientParameters();
param.setDisableCNCheck(true);
http.setTlsClientParameters(param);
What's the correct way to do this?
Thanks,
Vinay
48 matches
Mail list logo
