Hi Dan,
cool, this is the newest Version of Apache CXF :-)
So I took my EAR added the new libs (not contained in Geronimo 2.1.2,
why?)
cxf-rt-ws-security-2.0.8.jar
wss4j-1.5.4.jar
and tried to deploy to the new Geronimo:
...
09:25:28,770 ERROR [GBeanInstanceState] Error while starting; GBean is now
in the FAILED state:
abstractName="myapp/app/1.0/ear?configurationName=myapp/app/1.0/ear"
org.apache.geronimo.kernel.config.InvalidConfigException: Class not
loadable in classloader:
[org.apache.geronimo.kernel.config.MultiParentClassLoader
id=myapp/app/1.0/ear]
at
org.apache.geronimo.kernel.config.SerializedGBeanState.loadGBeans(Seria
...
Caused by: java.lang.ClassNotFoundException: Unable to find class used in
GBeanData
myapp/app/1.0/ear?J2EEApplication=myapp/app/1.0/ear,j2eeType=EJBModule,name=MyAppEJB.jar,
attribute: ejbJarInfo
at
org.apache.geronimo.gbean.GBeanData$V0Externalizable.readExternal(GBeanData.java:293)
... 33 more
Caused by: java.lang.ClassNotFoundException: Could not load class
javax.xml.namespace.QName from classloader: myapp/app/1.0/ear, destroyed
state: false
at
org.apache.geronimo.kernel.ClassLoading.loadClass(ClassLoading.java:213)
...
So I thought maybe "xml-apis-1.3.02.jar" is missing, but adding to the EAR
leads to:
...
Caused by: java.io.InvalidClassException: javax.xml.namespace.QName; local
class incompatible: stream classdesc serialVersionUID =
-9120448754896609940, local class serialVersionUID = 4418622981026545151
at
java.io.ObjectStreamClass.initNonProxy(ObjectStreamClass.java:546)
at
java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1552)
...
I need the QName in my Webservice. What can I do to get my App deployed?
Thanx in advance.
-Josef
Daniel Kulp <[EMAIL PROTECTED]>
05.08.2008 16:42
Bitte antworten an
[email protected]
An
[email protected]
Kopie
Thema
Re: Change Version of Apache CXF for Geronimo
You might want to just try Geronimo 2.1.2. The vote apparently passed
last
night:
http://www.nabble.com/-VOTE--Geronimo-Server-2.1.2-Release-to18746852s134.html
so it should be made available shortly. You can download the candidates.
2.1.2 is using CXF 2.0.8.
Dan
On Tuesday 05 August 2008 6:03:51 am [EMAIL PROTECTED] wrote:
> Hi Glen,
>
> because I got stuck in solving the problem with Geronimo 2.1.1 and
> included CXF 2.0.2 I thought maybe CXF 2.0.8 solves my problem?
>
> So I tried to change the WS-Stack of my Geronimo from the old version to
> CXF 2.0.8. I had certain essays:
>
> 1) http://www.jroller.com/gmazza/date/20080612:
> -> In Geronimo is no <prefer-application-packages> available, I tried
with
> <inverse-classloading/> but I got a lot of problems with the
classloader.
> If I added all JARS necessary - see file WHICH_JARS - I got class cast
> exceptions, adding a certain minimum leads to NoClassDefError.
> <hidden-classes> or <non-overridable-classes> won't help?
> 2) Adding CXF under Services - Repository with a dependency-entry in the
> deployment plan:
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf</artifactId>
> <version>2.0.8</version>
> <type>jar</type>
> </dependency>
> changed nothing.
> 3) ???
>
> Can you please help?
>
> -Josef
>
>
>
>
> [EMAIL PROTECTED]
> 04.08.2008 16:09
> Bitte antworten an
> [email protected]
>
>
> An
> [email protected]
> Kopie
>
> Thema
> Antwort: Re: Antwort: Re: Antwort: Re: WS-Stack Apache CXF asks for
> Axis2-Classes
>
>
>
>
>
>
> Hi Dan,
>
> I checked your blog and I didn't found big differences in the
> code(Server-Part is in my case more JEE5 like - see
>
http://depressedprogrammer.wordpress.com/2007/07/31/cxf-ws-security-using-j
>sr-181-interceptor-annotations-xfire-migration/
>
> ).
>
> The difference I see compared with your blog-example is in the request
> itself:
>
> 1) from http://cwiki.apache.org/CXF20DOC/ws-security.html:
> <wsse:Security
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> "
> soap:mustUnderstand="1">
> <wsse:UsernameToken
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> "
> xmlns:wsu="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-
>1.0.xsd
>
> "
> wsu:Id="UsernameToken-25268096">
> <wsse:Username
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> ">
> joe
> </wsse:Username>
> <wsse:Password
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> "
> Type="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-prof
>ile-1.0#PasswordDigest
>
> ">
> ymyLPVTLrQMBJo82akcw4aBSlJQ=
> </wsse:Password>
> <wsse:Nonce
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> ">
> MK3TTlJxaevzcFaxV/oKyw==
> </wsse:Nonce>
> <wsu:Created
> xmlns:wsu="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-
>1.0.xsd
>
> ">
> 2008-07-16T23:05:07.300Z
> </wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
>
> 2) my request:
> <wsse:Security
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> "
> soap:mustUnderstand="1">
> <wsse:UsernameToken
> xmlns:wsu="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-
>1.0.xsd
>
> "
> wsu:Id="UsernameToken-12189822">
> <wsse:Username>
> blabla
> </wsse:Username>
> <wsse:Password
> Type="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-prof
>ile-1.0#PasswordDigest
>
> ">
> uIqdbKqsp5VCvM4bPTps1PmnMZI=</wsse:Password>
> <wsse:Nonce>YmoBKVpJrAjM2P3ss7MUNg==</wsse:Nonce>
> <wsu:Created>
> 2008-08-04T10:08:15.245Z
> </wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
>
>
> I miss the namespace
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> "
> and not only me but also the WSSecurityUtil.class in line 92:
>
> list =
> soapHeaderElement.getElementsByTagNameNS(WSConstants.WSSE_NS,
> WSConstants.WSSE_LN);
>
> And therefore the method
> public static Element getSecurityHeader(Document doc, String actor,
> SOAPConstants sc) {
>
> results in an null-Element. The class WSSecurityEngine and in the end
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor throws the error:
>
> WARNUNG: Request does not contain required Security header
>
> What am I doing wrong with WS-Security 1.1 ???? I have now the sources
for
>
> apacche-cxf-2.0.2 and wss4j-1.5.1, if I can debug to a certain step let
me
>
> know.
>
> -Josef
>
>
>
>
>
> Glen Mazza <[EMAIL PROTECTED]>
> 26.07.2008 03:03
> Bitte antworten an
> [email protected]
>
>
> An
> [email protected]
> Kopie
>
> Thema
> Re: Antwort: Re: Antwort: Re: WS-Stack Apache CXF asks for Axis2-Classes
>
>
>
>
>
>
>
> Have you checked our documentation on this:
> http://cwiki.apache.org/CXF20DOC/ws-security.html
>
> Also I blogged about this recently, maybe something you can use:
> http://www.jroller.com/gmazza/entry/using_cxf_and_wss4j_to
>
> HTH,
> Glen
>
> Josef.Eisele wrote:
> > Hi Dan,
> >
> > I solved the last problem copying libraries (xmlsec-1.3.0.jar,
> > wss4j-1.5.1.jar, cxr-rt-ws-securitity-2.0.2-...) from the WAR-Part to
>
> the
>
> > EAR-Part:
> > (WebContent/WEB-INF/lib -> EarContent/lib)
> >
> > One Problem solved another arises:
> >
> > Client writes the SecurityHeader:
> > ..
> > <wsse:Security xmlns:wsse="
>
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
>.0.xsd
>
> > " soap:mustUnderstand="1">
> > <wsse:UsernameToken xmlns:wsu="
>
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-
>1.0.xsd
>
> > " wsu:Id="UsernameToken-12189822">
> > <wsse:Username>chef</wsse:Username>
> > <wsse:Password Type="
>
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-prof
>ile-1.0#PasswordDigest
>
> > ">MxsuASsgtCzGlTTif0kcbqXIHxM=</wsse:Password>
> > <wsse:Nonce>HAYlnYvfdo0dddeYXGsxdw==</wsse:Nonce>
> > <wsu:Created>2008-07-25T11:22:20.886Z</wsu:Created>
> > </wsse:UsernameToken>
> > </wsse:Security>
> > ...
> >
> > Server is configured with the interceptor:
> > @InInterceptors(interceptors={ "de.mypath.WSSecurityInterceptor" })
> >
> > In this class I configure 3 Interceptors:
> > public void handleMessage(Message message) throws Fault {
> > Map<String, Object> props = new HashMap<String,
>
> Object>();
>
> > props.put(WSHandlerConstants.ACTION,
> > WSHandlerConstants.USERNAME_TOKEN);
> > props.put(WSHandlerConstants.PASSWORD_TYPE,
> > WSConstants.PW_DIGEST);
> > props.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> > ServerPasswordCallback.class.getName());
> >
> > WSS4JInInterceptor wss4jInInterceptor =
new
> > WSS4JInInterceptor(props);
> > ValidateUserTokenInterceptor userTokenInterceptor =
new
> > ValidateUserTokenInterceptor(Phase.POST_PROTOCOL);
> >
> > message.getInterceptorChain().add(wss4jInInterceptor);
> > //org.apache.cxf.binding.soap.SoapFault: No
SOAPMessage
> > DOM was found. Please enable the SAAJInInterceptor.
> > message.getInterceptorChain().add(new
> > SAAJInInterceptor());
> > message.getInterceptorChain().add(userTokenInterceptor);
> > }
> >
> > UserTokenInterceptor works fine, SAAJInInterceptor is necessary
>
> otherwise
>
> > excepton but now I get an exception on the wss4jInInterceptor:
> >
> > 25.07.2008 13:03:44
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
> > handleMessage
> > WARNUNG: Request does not contain required Security header
> > 25.07.2008 13:03:44 org.apache.cxf.phase.PhaseInterceptorChain
>
> doIntercept
>
> > INFO: Interceptor has thrown exception, unwinding now
> > org.apache.cxf.binding.soap.SoapFault: Request does not contain
required
> >
> >
> > Security header.
> > at
>
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInIn
>terceptor.java:153)
>
> > at
>
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInIn
>terceptor.java:60)
>
> > at
>
>
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:208)
>
> > at
> > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:429)
> > at
>
>
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRespons
>e(HTTPConduit.java:1955)
>
> > at
>
>
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPCon
>duit.java:1791)
>
> > at
> >
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> > at
> > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:575)
> > at
>
>
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInte
>rceptor.handleMessage(MessageSenderInterceptor.java:62)
>
> > at
>
>
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChai
>n.java:208)
>
> > at
>
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
>
> > at
>
> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
>
> > at
> > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> > at
> >
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
> >
> > How do I know what is wrong with my SecurityHeader?
> >
> > -Josef
> >
> >
> >
> >
> > Daniel Kulp <[EMAIL PROTECTED]>
> > 23.07.2008 14:42
> > Bitte antworten an
> > [email protected]
> >
> >
> > An
> > [email protected]
> > Kopie
> > [EMAIL PROTECTED]
> > Thema
> > Re: Antwort: Re: WS-Stack Apache CXF asks for Axis2-Classes
> >
> > On Jul 23, 2008, at 7:24 AM, [EMAIL PROTECTED] wrote:
> >> Hi Kevin, Lin, Daniel, Glen,
> >>
> >> @Daniel: Your VM-Parameters solved this problem. Thank you very much
> >> for
> >> your help.
> >
> > Yea, but it definitely shouldn't have been necessary.
> >
> >> @Glen: Thank you very much for your tipp, we will wait for Geronimo
> >> 2.1.2
> >> and then we have Apache CXF2.0.6...
> >
> > Actually, CXF 2.0.8. :-)
> >
> >> @All: Now I have two new issues ;-)
> >> 1) The client is written like described in
> >> http://cwiki.apache.org/CXF20DOC/ws-security.html. For the server
> >> part -
> >> because of JavaEE5 - we choose
>
>
http://depressedprogrammer.wordpress.com/2007/07/31/cxf-ws-security-using-j
>sr-181-interceptor-annotations-xfire-migration/
>
> >> .
> >> In the first run I added
> >> @InInterceptors
> >> (interceptors={ "de.myapp.WSSecurityInterceptor" }) to
> >> the WS-Implementation-Class and nothing happend. Afterwards I had a
> >> try
> >> with the interface class and added the same
> >> @InInterceptors(interceptors={ "de.myapp.WSSecurityInterceptor" }).
> >> After this changed the class de.myapp.WSSecurityInterceptor was
> >> accessed.
> >> Why do I have to add @... in implementation AND interface?
> >
> > Not sure on that. Feel free to log a CXF bug. It should be
> > possible to just put it on the implementation. The interface should
> > be shareable between clients/servers and having interceptors defined
> > on it that should just be there for the server is not a good thing.
> >
> >> 2) In the handleMessage(Message message) I receive after:
> >> ...
> >> props.put(WSHandlerConstants.PASSWORD_TYPE,
> >> WSConstants.PW_TEXT);
> >> props.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> >> ServerPasswordCallback.class.getName());
> >>
> >> WSS4JInInterceptor wss4jInHandler = new
> >> WSS4JInInterceptor(props);
> >> ...
> >>
> >> .........................
> >>
> >> Caused by: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in
prolog
> >> at [row,col {unknown-source}]: [1,0]
> >> at
> >> com.ctc.wstx.sr.StreamScanner.throwUnexpectedEOF(StreamScanner.java:
> >> 661)
> >> at
> >> com.ctc.wstx.sr.BasicStreamReader.handleEOF(BasicStreamReader.java:
> >> 2134)
> >> at
> >
> > With CXF 2.0.2, that stack could result from a BUNCH of things. We
> > actually would get that stack if the server sent back and html error
> > page without setting a 404 or similar. Several things can cause
> > it. If you can tcpdump or wireshark the wire transfers to see what's
> > going on, that would be helpful. Good news is that this changed in
> > 2.0.5 to get a better error message. :-)
> >
> >
> > ---
> > Daniel Kulp
> > [EMAIL PROTECTED]
> > http://www.dankulp.com/blog
> >
> >
> >
> >
> >
> >
> > BGS Beratungsgesellschaft
> > Software Systemplanung AG
> >
> >
> >
> >
> > Niederlassung Rhein/Main
> > Robert-Koch-Straße 41
> > 55129 Mainz
> > Fon: +49 (0) 6131 / 914-0
> > Fax: +49 (0) 6131 / 914-400
> > www.bgs-ag.de
> > Geschäftssitz Mainz
> > Registergericht
> > Amtsgericht Mainz
> > HRB 62 50
> >
> > Aufsichtsratsvorsitzender
> > Klaus Hellwig
> > Vorstand
> > Hanspeter Gau
> > Hermann Kiefer
> > Nils Manegold
--
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog
BGS Beratungsgesellschaft
Software Systemplanung AG
Niederlassung Rhein/Main
Robert-Koch-Straße 41
55129 Mainz
Fon: +49 (0) 6131 / 914-0
Fax: +49 (0) 6131 / 914-400
www.bgs-ag.de
Geschäftssitz Mainz
Registergericht
Amtsgericht Mainz
HRB 62 50
Aufsichtsratsvorsitzender
Klaus Hellwig
Vorstand
Hanspeter Gau
Hermann Kiefer
Nils Manegold
