On Mon, May 24, 2010 at 2:40 PM, Gregor Kiddie <gregor.kid...@channeladvisor.com> wrote: > > > -----Original Message----- > From: Simon Laws [mailto:simonsl...@googlemail.com] > Sent: 24 May 2010 13:54 > To: user@tuscany.apache.org > Subject: Re: Exception with security (again) > > On Mon, May 24, 2010 at 11:03 AM, Gregor Kiddie > <gregor.kid...@channeladvisor.com> wrote: >> >> >> -----Original Message----- >> From: Simon Laws [mailto:simonsl...@googlemail.com] >> Sent: 24 May 2010 09:54 >> To: user@tuscany.apache.org >> Subject: Re: Exception with security (again) >> >> On Fri, May 21, 2010 at 8:17 PM, Gregor Kiddie >> <gregor.kid...@channeladvisor.com> wrote: >>> Ok, last one before I leave for the weekend cursing Tuscany! >>> >>> >>> >>> Using an authentication policy on a binding.ws generates the following >>> exception. >>> >>> >>> >>> Caused by: java.lang.ArrayIndexOutOfBoundsException: 1 >>> >>> at >>> org.apache.tuscany.sca.databinding.axiom.OMElementWrapperHandler.setChildren(OMElementWrapperHandler.java:76) >>> >>> It looks like childObjects passed into the method has all the parameters >>> wrapped up in a single piece of XML >>> >>> The ChildElements which is pulled from the operation which is passed in, has >>> them split up into three Elements. >>> >>> >>> >>> The loop in setChildren uses the size of the ChildElements as it's upper >>> bounds and references both objects. Unsurprisingly, when it gets to >>> childObjects[1] it blows up. >>> >>> >>> >>> I've been running through everything for a couple of hours and I'm now >>> calling defeat. I'm close to dumping Tuscany for this! >>> >>> >>> >>> Gk. >> >> Hi Gregor >> >> Sorry that you're having a frustrating time. Can you describe your >> scenario so I can reproduce it here. >> >> Thanks >> >> Simon >> >> >> -- >> Apache Tuscany committer: tuscany.apache.org >> Co-author of a book about Tuscany and SCA: tuscanyinaction.com >> >> My Composite looks like >> <?xml version="1.0" encoding="UTF-8"?> >> <composite xmlns="http://www.osoa.org/xmlns/sca/1.0"; >> targetNamespace="com.mycompany.myproduct.authentication" >> xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"; >> name="authentication" > >> >> <component name="Authentication"> >> <implementation.spring >> location="WEB-INF/classes/applicationContext.xml" /> >> <service name="Authentication"> >> <binding.ws /> >> </service> >> <reference name="authenticationProvider" > >> <binding.ws >> wsdlElement="http://soa.mycompany.com/webservices/#wsdl.port(MyService/MyServiceSoap12)" >> requires="authentication" /> >> </reference> >> </component> >> </composite> >> >> My definitions file looks like >> <?xml version="1.0" encoding="UTF-8"?> >> <definitions xmlns="http://www.osoa.org/xmlns/sca/1.0"; >> xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"; >> >> xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"; >> targetNamespace="com.mycompany.richfx.policy" > >> >> <policySet name="myCompanyPolicySet" provides="authentication" >> appliesTo="sca:binding.ws"> >> <tuscany:basicAuthentication> >> <tuscany:userName>someusername</tuscany:userName> >> <tuscany:password>some-password</tuscany:password> >> </tuscany:basicAuthentication> >> </policySet> >> </definitions> >> >> Application starts up fine, but when I make the call to the external >> webservice (the reference), I get the error in the OP. >> Remove the definitions file and the requires="authentication", and the calls >> works but gets rejected due to missing the basic authorisation. >> > > Hi Gregor > > There's something odd going on here. I set up a test where I deployed > our calculator service with the AddService deployed as a web service > to Tomcat with Basic Authentication turned on. > > I created a client project where the calculator has a reference to the > AddService with the "authentication" intent set. This was my > definitions file. > > <definitions xmlns="http://www.osoa.org/xmlns/sca/1.0"; > targetNamespace="http://itest/policy"; > xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"; > xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"; > xmlns:ip="http://itest/policy"; > > > > <sca:policySet name="BasicAuthenticationPolicySet" > provides="authentication" > appliesTo="sca:binding.ws"> > <tuscany:basicAuthentication> > <tuscany:userName>tuscanyuser</tuscany:userName> > <tuscany:password>tuscanypwd</tuscany:password> > </tuscany:basicAuthentication> > </sca:policySet> > > > </definitions> > > I tried it with both a Java implementation and a spring > implementation. Here's my client component from the composite file... > > <component name="CalculatorServiceComponent"> > <!--implementation.java > class="calculator.CalculatorServiceImpl"/--> > <implementation.spring > location="META-INF/spring/CalculatorService-context.xml"/> > <reference name="addService" > > <interface.java interface="calculator.AddService" /> > <binding.ws requires="authentication" > uri="http://localhost:8080/sample-calculator-ws-webapp/AddServiceComponent"/> > </reference> > <reference name="subtractService" target="SubtractServiceComponent" /> > <reference name="multiplyService" target="MultiplyServiceComponent" /> > <reference name="divideService" target="DivideServiceComponent" /> > </component> > > With the password correctly set I get.... > > 24-May-2010 13:50:29 org.apache.tuscany.sca.node.impl.NodeImpl <init> > INFO: Creating node: Calculator.composite > 24-May-2010 13:50:29 org.apache.tuscany.sca.node.impl.NodeImpl configureNode > INFO: Loading contribution: > file:/D:/sca-java-1.x/samples/calculator/target/classes/ > 24-May-2010 13:50:30 org.apache.tuscany.sca.node.impl.NodeImpl start > INFO: Starting node: Calculator.composite > - Loading XML bean definitions from URL > [file:/D:/sca-java-1.x/samples/calculator/target/classes/META-INF/spring/CalculatorService-context.xml] > - Module validation failed: The system is attempting to engage a > module that is not available: rampart > - Refreshing > org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387: > display name > [org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387]; > startup date [Mon May 24 13:50:31 BST 2010]; parent: > org.apache.tuscany.sca.implementation.spring.runtime.context.scaparentapplicationcont...@18782a7 > - Bean factory for application context > [org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387]: > org.springframework.beans.factory.xml.xmlbeanfact...@192d604 > Spring parent context - containsBean called for name: loadTimeWeaver > - Pre-instantiating singletons in > org.springframework.beans.factory.xml.xmlbeanfact...@192d604: defining > beans [CalculatorServiceBean]; parent: > org.apache.tuscany.sca.implementation.spring.runtime.context.scaparentapplicationcont...@18782a7 > Spring parent context - getBean called for name: addService > Spring parent context - getBean called for name: subtractService > Spring parent context - getBean called for name: multiplyService > Spring parent context - getBean called for name: divideService > 3 + 2=5.0 > 3 - 2=1.0 > 3 * 2=6.0 > 3 / 2=1.5 > 24-May-2010 13:50:32 org.apache.tuscany.sca.node.impl.NodeImpl stop > INFO: Stopping node: Calculator.composite > - Closing > org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387: > display name > [org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387]; > startup date [Mon May 24 13:50:31 BST 2010]; parent: > org.apache.tuscany.sca.implementation.spring.runtime.context.scaparentapplicationcont...@18782a7 > - Destroying singletons in > org.springframework.beans.factory.xml.xmlbeanfact...@192d604: defining > beans [CalculatorServiceBean]; parent: > org.apache.tuscany.sca.implementation.spring.runtime.context.scaparentapplicationcont...@18782a7 > > > with the password set to "abcdefg" I get... > > 24-May-2010 13:45:01 org.apache.tuscany.sca.node.impl.NodeImpl <init> > INFO: Creating node: Calculator.composite > 24-May-2010 13:45:01 org.apache.tuscany.sca.node.impl.NodeImpl configureNode > INFO: Loading contribution: > file:/D:/sca-java-1.x/samples/calculator/target/classes/ > 24-May-2010 13:45:02 org.apache.tuscany.sca.node.impl.NodeImpl start > INFO: Starting node: Calculator.composite > - Loading XML bean definitions from URL > [file:/D:/sca-java-1.x/samples/calculator/target/classes/META-INF/spring/CalculatorService-context.xml] > - Module validation failed: The system is attempting to engage a > module that is not available: rampart > - Refreshing > org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387: > display name > [org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387]; > startup date [Mon May 24 13:45:03 BST 2010]; parent: > org.apache.tuscany.sca.implementation.spring.runtime.context.scaparentapplicationcont...@18782a7 > - Bean factory for application context > [org.apache.tuscany.sca.implementation.spring.runtime.context.scagenericapplicationcont...@14a9387]: > org.springframework.beans.factory.xml.xmlbeanfact...@192d604 > Spring parent context - containsBean called for name: loadTimeWeaver > - Pre-instantiating singletons in > org.springframework.beans.factory.xml.xmlbeanfact...@192d604: defining > beans [CalculatorServiceBean]; parent: > org.apache.tuscany.sca.implementation.spring.runtime.context.scaparentapplicationcont...@18782a7 > Spring parent context - getBean called for name: addService > Spring parent context - getBean called for name: subtractService > Spring parent context - getBean called for name: multiplyService > Spring parent context - getBean called for name: divideService > - Basic authentication scheme selected > - Failure authenticating with BASIC 'Application'@localhost:8080 > - Unable to sendViaPost to > url[http://localhost:8080/sample-calculator-ws-webapp/AddServiceComponent] > org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized > > So it seems to be basically working so my suspicion is turning to the > WSDL you have? What style is the WSDL using, by default Tuscany is > expecting to deal with Doc/Lit/Wrapped. If the external service is > doing something else we'll have to look at how the WSDL is configured. > > > Regards > > Simon > > -- > Apache Tuscany committer: tuscany.apache.org > Co-author of a book about Tuscany and SCA: tuscanyinaction.com > > > The WSDL is huge. Cutting it down to the relevant parts > > <?xml version="1.0" encoding="utf-8"?> > <wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; > xmlns:tm="http://microsoft.com/wsdl/mime/textMatching/"; > xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"; > xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/"; > xmlns:tns="http://soa.mycompany.com/webservices/"; > xmlns:s1="http://microsoft.com/wsdl/types/"; > xmlns:s="http://www.w3.org/2001/XMLSchema"; > xmlns:s2="http://soa.mycompany.com/webservices/AbstractTypes"; > xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"; > xmlns:http="http://schemas.xmlsoap.org/wsdl/http/"; > targetNamespace="http://soa.mycompany.com/webservices/"; > xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";> > <wsdl:types> > <s:schema elementFormDefault="qualified" > targetNamespace="http://soa.mycompany.com/webservices/";> > <s:import namespace="http://microsoft.com/wsdl/types/"; /> > <s:complexType name="ArrayOfString"> > <s:sequence> > <s:element minOccurs="0" maxOccurs="unbounded" name="string" > nillable="true" type="s:string" /> > </s:sequence> > </s:complexType> > <s:simpleType name="LoginTokenType"> > <s:restriction base="s:string"> > <s:enumeration value="Unknown" /> > <s:enumeration value="SessionSecureToken" /> > <s:enumeration value="SessionHttpToken" /> > <s:enumeration value="PersistentSecureToken" /> > <s:enumeration value="PersistentHttpToken" /> > </s:restriction> > </s:simpleType> > <s:complexType name="WebServiceResult"> > <s:sequence> > <s:element minOccurs="1" maxOccurs="1" name="Success" > type="s:boolean" /> > <s:element minOccurs="0" maxOccurs="1" name="ResultStatus" > type="s:string" /> > </s:sequence> > </s:complexType> > <s:element name="Login"> > <s:complexType> > <s:sequence> > <s:element minOccurs="0" maxOccurs="1" name="userName" > type="s:string" /> > <s:element minOccurs="0" maxOccurs="1" name="password" > type="s:string" /> > <s:element minOccurs="0" maxOccurs="1" name="existingTokenIds" > type="tns:ArrayOfString" /> > </s:sequence> > </s:complexType> > </s:element> > <s:element name="LoginResponse"> > <s:complexType> > <s:sequence> > <s:element minOccurs="0" maxOccurs="1" name="LoginResult" > type="tns:LoginResult" /> > </s:sequence> > </s:complexType> > </s:element> > <s:complexType name="LoginResult"> > <s:complexContent mixed="false"> > <s:extension base="tns:WebServiceResult"> > <s:sequence> > <s:element minOccurs="1" maxOccurs="1" name="UserID" > type="s1:guid" /> > <s:element minOccurs="0" maxOccurs="1" name="LoginTokens" > type="tns:ArrayOfLoginToken" /> > <s:element minOccurs="1" maxOccurs="1" name="IsNewSplitUser" > type="s:boolean" /> > <s:element minOccurs="0" maxOccurs="1" > name="UserPropertyViolations" type="tns:ArrayOfString" /> > </s:sequence> > </s:extension> > </s:complexContent> > </s:complexType> > <s:complexType name="ArrayOfLoginToken"> > <s:sequence> > <s:element minOccurs="0" maxOccurs="unbounded" name="LoginToken" > nillable="true" type="tns:LoginToken" /> > </s:sequence> > </s:complexType> > <s:complexType name="LoginToken"> > <s:sequence> > <s:element minOccurs="1" maxOccurs="1" name="TokenID" type="s1:guid" > /> > <s:element minOccurs="1" maxOccurs="1" name="Type" > type="tns:LoginTokenType" /> > <s:element minOccurs="1" maxOccurs="1" name="ExpirationDateUTC" > type="s:dateTime" /> > </s:sequence> > </s:complexType> > <s:element name="LoginResult" nillable="true" type="tns:LoginResult" /> > <s:element name="LogoutResult" nillable="true" type="tns:LogoutResult" /> > <s:element name="string" nillable="true" type="s:string" /> > </s:schema> > <s:schema elementFormDefault="qualified" > targetNamespace="http://microsoft.com/wsdl/types/";> > <s:simpleType name="guid"> > <s:restriction base="s:string"> > <s:pattern > value="[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}" > /> > </s:restriction> > </s:simpleType> > </s:schema> > <s:schema > targetNamespace="http://soa.mycompany.com/webservices/AbstractTypes";> > <s:import namespace="http://schemas.xmlsoap.org/soap/encoding/"; /> > <s:complexType name="StringArray"> > <s:complexContent mixed="false"> > <s:restriction base="soapenc:Array"> > <s:sequence> > <s:element minOccurs="0" maxOccurs="unbounded" name="String" > type="s:string" /> > </s:sequence> > </s:restriction> > </s:complexContent> > </s:complexType> > </s:schema> > </wsdl:types> > <wsdl:message name="LoginSoapIn"> > <wsdl:part name="parameters" element="tns:Login" /> > </wsdl:message> > <wsdl:message name="LoginSoapOut"> > <wsdl:part name="parameters" element="tns:LoginResponse" /> > </wsdl:message> > <wsdl:portType name="MyModuleServiceSoap"> > <wsdl:operation name="Login"> > <wsdl:input message="tns:LoginSoapIn" /> > <wsdl:output message="tns:LoginSoapOut" /> > </wsdl:operation> > </wsdl:portType> > <wsdl:binding name="MyModuleServiceSoap" type="tns:MyModuleServiceSoap"> > <soap:binding transport="http://schemas.xmlsoap.org/soap/http"; /> > <wsdl:operation name="Login"> > <soap:operation soapAction="http://soa.mycompany.com/webservices/Login"; > style="document" /> > <wsdl:input> > <soap:body use="literal" /> > </wsdl:input> > <wsdl:output> > <soap:body use="literal" /> > </wsdl:output> > </wsdl:operation> > </wsdl:binding> > <wsdl:service name="MyModuleService"> > <wsdl:port name="MyModuleServiceSoap" binding="tns:MyModuleServiceSoap"> > <soap:address > location="http://soa.0002.dev.mycompany.com/MyModuleFacility/MyModuleService.asmx"; > /> > </wsdl:port> > </wsdl:service> > </wsdl:definitions> >
On the face of it that looks OK. Can you tell if the IOOB was on the request or the response? Do you still have the full stack trace? Simon -- Apache Tuscany committer: tuscany.apache.org Co-author of a book about Tuscany and SCA: tuscanyinaction.com
