Hi, I suggest to have a look to this Apache Camel Unit test to see how Camel + CXF & Security should be used together :
https://github.com/apache/camel/blob/master/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/wssecurity/camel/WSSecurityRouteTest.java https://github.com/apache/camel/blob/master/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/wssecurity/client/wssec.xml CXF doc could be also very helful : http://cxf.apache.org/docs/ws-security.html Regards, On Mon, Oct 27, 2014 at 4:40 PM, sonusmile01 <sonusmil...@gmail.com> wrote: > I am using > camel: 2.12.1 > spring: 4.0.5.RELEASE > CXF : 2.7.13 > > My goal is to deliver a soap message with wsse:security header(as mentioned > below) in Payload mode from my camel router to some endpoint. > > <wsse:Security soapenv:mustUnderstand="1" > > xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > " > > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > "> > > <wsse:UsernameToken > wsu:Id="UsernameToken-D5896C4D7E4684BCF8141101393698197"> > <wsse:Username><xsl:value-of select="User" > /></wsse:Username> > <wsse:Password > > Type=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText > "><xsl:value-of > select="password" /></wsse:Password> > <wsu:Created><xsl:value-of select="$START_TIME" > /></wsu:Created> > </wsse:UsernameToken> > </wsse:Security> > > To achieve this, I have created a config file which has the below entry > > <jaxws:client name="{http://com.abc/CallingService}CallingService" > createdFromAPI="true"> > <jaxws:properties> > <entry key="ws-security.username" value= "User" /> > <entry key="ws-security.password" value="password" /> > </jaxws:properties> > </jaxws:client> > > But not sure how can I use this file or call this somewhere in route or > some > other spring config file , so that I can have a soap header in my out going > message. > > I am currently getting the exception > > org.apache.cxf.ws.policy.PolicyException: No username available > at > > org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.policyNotAsserted(AbstractTokenInterceptor.java:229) > ~[cxf-rt-ws-security-2.7.13.jar:2.7.13] > at > > org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:361) > ~[cxf-rt-ws-security-2.7.13.jar:2.7.13] > at > > org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addToken(UsernameTokenInterceptor.java:307) > ~[cxf-rt-ws-security-2.7.13.jar:2.7.13] > at > > org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:95) > ~[cxf-rt-ws-security-2.7.13.jar:2.7.13] > at > > org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61) > ~[cxf-rt-ws-security-2.7.13.jar:2.7.13] > > My wsdl's policy is as below: > > <wsp:Policy wsu:Id="EndpointSecurityPolicy" > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> > <wsp:ExactlyOne> > <wsp:All> > <sp:TransportBinding> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > <sp:HttpsToken> > <wsp:Policy> > <sp:RequireClientCertificate/> > </wsp:Policy> > </sp:HttpsToken> > </wsp:Policy> > </sp:TransportToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic128/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:IncludeTimestamp/> > </wsp:Policy> > </sp:TransportBinding> > <sp:SupportingTokens> > <wsp:Policy> > <sp:UsernameToken> > <wsp:Policy> > <sp:NoPassword/> > </wsp:Policy> > </sp:UsernameToken> > </wsp:Policy> > </sp:SupportingTokens> > </wsp:All> > <wsp:All> > <sp:TransportBinding> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > <sp:HttpsToken> > <wsp:Policy/> > </sp:HttpsToken> > </wsp:Policy> > </sp:TransportToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic128/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:IncludeTimestamp/> > </wsp:Policy> > </sp:TransportBinding> > <sp:SupportingTokens> > <wsp:Policy> > <sp:UsernameToken> > <wsp:Policy> > <sp:WssUsernameToken11/> > </wsp:Policy> > </sp:UsernameToken> > </wsp:Policy> > </sp:SupportingTokens> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > > > > -- > View this message in context: > http://camel.465427.n5.nabble.com/Issue-with-adding-wsse-security-header-in-Apache-Camel-Route-tp5758106.html > Sent from the Camel - Users mailing list archive at Nabble.com. > -- Charles Moulliard Apache Committer / Architect @RedHat Twitter : @cmoulliard | Blog : http://cmoulliard.github.io