Hi, I've fixed the NPE in WSS4J. With WSS4J 1.6.x, you need to specify a "samlPropFile" value when adding a SAML Token. For example:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/resources/saml_sv.properties?view=markup http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/resources/saml_hok.properties?view=markup With WSS4J 2.0.0 (not yet release), the samlPropFile stuff is removed, and all of the configuration is taken via the CallbackHandler instead. Colm. On Tue, Apr 8, 2014 at 9:25 AM, Nicolas74 <nmugn...@gnubila.fr> wrote: > Hi, > > I would like to add a WSS4JOutInterceptor to my CXF endpoint. > I do not use a samlPropFile. > > I configure my interceptor as follows: > <cxf:outInterceptors> > <bean id="wssOutInterceptor" > > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <property name="properties"> > <map> > <entry key="action" > value="SAMLTokenUnsigned"/> > <entry key="samlPropFile" > value=""/> > <entry > key="passwordCallbackClass" > > value="security.SamlCallackHandler"/> > </map> > </property> > </bean> > </cxf:outInterceptors> > I'm getting this exception: > org.apache.cxf.binding.soap.SoapFault: Security processing failed. > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:280)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:141)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)[155:org.apache.cxf.cxf-api:2.7.0.redhat-610376] > at > > org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)[155:org.apache.cxf.cxf-api:2.7.0.redhat-610376] > at > > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:467)[155:org.apache.cxf.cxf-api:2.7.0.redhat-610376] > at > > org.apache.camel.component.cxf.CxfProducer.process(CxfProducer.java:112)[149:org.apache.camel.camel-cxf:2.12.0.redhat-610376] > at > > org.apache.camel.processor.SendProcessor.process(SendProcessor.java:110)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:72)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:398)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:191)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.Pipeline.process(Pipeline.java:118)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.Pipeline.process(Pipeline.java:80)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:191)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerConsumer.java:139)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.component.timer.TimerConsumer$1.run(TimerConsumer.java:64)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at java.util.TimerThread.mainLoop(Timer.java:555)[:1.7.0_51] > at java.util.TimerThread.run(Timer.java:505)[:1.7.0_51] > Caused by: org.apache.ws.security.WSSecurityException: General security > error (Cannot load the resource ) > at > > org.apache.ws.security.saml.SAMLIssuerFactory.getProperties(SAMLIssuerFactory.java:162)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.saml.SAMLIssuerFactory.getInstance(SAMLIssuerFactory.java:123)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.action.SAMLTokenSignedAction.loadSamlIssuer(SAMLTokenSignedAction.java:134)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.action.SAMLTokenUnsignedAction.execute(SAMLTokenUnsignedAction.java:36)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:232)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > ... 16 more > > > > If I remove the samlPropFile line, I'm getting a NPE: > <map> > <entry key="action" > value="SAMLTokenUnsigned"/> > <entry > key="passwordCallbackClass" > > value="security.SamlCallackHandler"/> > </map> > java.lang.NullPointerException > at > > org.apache.felix.framework.BundleRevisionImpl.getResourceLocal(BundleRevisionImpl.java:520)[org.apache.felix.framework-4.0.3.redhat-610376.jar:] > at > > org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1505)[org.apache.felix.framework-4.0.3.redhat-610376.jar:] > at > > org.apache.felix.framework.BundleWiringImpl.getResourceByDelegation(BundleWiringImpl.java:1417)[org.apache.felix.framework-4.0.3.redhat-610376.jar:] > at > > org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.getResource(BundleWiringImpl.java:2415)[org.apache.felix.framework-4.0.3.redhat-610376.jar:] > at > > org.apache.ws.security.util.Loader.getResource(Loader.java:80)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.saml.SAMLIssuerFactory.getProperties(SAMLIssuerFactory.java:160)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.saml.SAMLIssuerFactory.getInstance(SAMLIssuerFactory.java:123)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.action.SAMLTokenSignedAction.loadSamlIssuer(SAMLTokenSignedAction.java:134)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.action.SAMLTokenUnsignedAction.execute(SAMLTokenUnsignedAction.java:36)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:232)[202:org.apache.ws.security.wss4j:1.6.14] > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > at > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:141)[184:org.apache.cxf.cxf-rt-ws-security:2.7.0.redhat-610376] > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)[155:org.apache.cxf.cxf-api:2.7.0.redhat-610376] > at > > org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)[155:org.apache.cxf.cxf-api:2.7.0.redhat-610376] > at > > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:467)[155:org.apache.cxf.cxf-api:2.7.0.redhat-610376] > at > > org.apache.camel.component.cxf.CxfProducer.process(CxfProducer.java:112)[149:org.apache.camel.camel-cxf:2.12.0.redhat-610376] > at > > org.apache.camel.processor.SendProcessor.process(SendProcessor.java:110)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:72)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:398)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:191)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.Pipeline.process(Pipeline.java:118)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.Pipeline.process(Pipeline.java:80)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:191)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerConsumer.java:139)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at > > org.apache.camel.component.timer.TimerConsumer$1.run(TimerConsumer.java:64)[147:org.apache.camel.camel-core:2.12.0.redhat-610376] > at java.util.TimerThread.mainLoop(Timer.java:555)[:1.7.0_51] > at java.util.TimerThread.run(Timer.java:505)[:1.7.0_51] > > > > > > Any suggestions ? > > Best, > Nicolas. > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/Troubles-to-add-WSS4JOutInterceptor-to-my-cxf-endpoint-tp5749970.html > Sent from the Camel - Users mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
