Hi Freeman,
no as I understand we did not add OutInterceptors on the ServerSide:
We use EJB3.0 and the WSImpl class looks like:
@Stateless
@WebService(name="MyWS", serviceName="MyService", portName="ZielPort")
@InInterceptors(interceptors={ myPath.WSSecurityInterceptor" })
public class MyWSImpl implements MyWSInterface {
The myPath.WSSecurityInterceptor class adds the Interceptors in the way:
message.getInterceptorChain().add(new SAAJInInterceptor());
...
Is this o.k.?
-Josef
Freeman Fang <[EMAIL PROTECTED]>
05.09.2008 11:01
Bitte antworten an
[email protected]
An
[email protected]
Kopie
Thema
Re: WS-Client throws Exception in WSS4JInInterceptor
One quick question, did you also add WSS4JOutInterceptor and
SAAJOutInterceptor for your server side?
Regards
Freeman
[EMAIL PROTECTED] wrote:
> Hi,
>
> we use UsernameToken and Signature in our WS-Security Secenario.
>
> For the Client we add SAAJOutInterceptor (because of Apache CXF 2.0.x)
and
> WSS4JOutInterceptor as additional OutInterceptors. ()
> For the Server we add SAAJInInterceptor (because of Apache CXF 2.0.x),
> WSS4JInInterceptor and ValidateUserTokenInterceptor(own Implementation)
as
> InInterceptors.
>
> The client puts all necessary information into the request, as far as I
> understand the data in my TCP/IP Monitor. The server processes the
Request
> and I see no errors in WSSecurityEngine, WSS4jInInterceptor etc. The
> server sends a HTTP/1.1 200 OK back to the client. And now the client
> throws an error:
>
> INFO: Interceptor has thrown exception, unwinding now
> org.apache.cxf.binding.soap.SoapFault: Request does not contain required
> Security header.
> at
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:150)
> at
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:60)
> at
>
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
> at
> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:395)
> at
>
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1932)
> at
>
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1790)
> at
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> at
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:576)
> at
>
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> at
>
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
> at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
> at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
> at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
>
> I checked the code of WSS4JInInterceptor and I see wsResult == null,
> because
> wsResult =
> secEngine.processSecurityHeader(doc.getSOAPPart(), actor, cbHandler,
> reqData
> .getSigCrypto(), reqData.getDecCrypto());
> is null as well.
>
> I don't understand why the client calls this InInterceptor ???
>
> -Josef
> BGS Beratungsgesellschaft
> Software Systemplanung AG Niederlassung Rhein/Main
> Robert-Koch-Straße 41
> 55129 Mainz
> Fon: +49 (0) 6131 / 914-0
> Fax: +49 (0) 6131 / 914-400
> www.bgs-ag.de Geschäftssitz Mainz
> Registergericht
> Amtsgericht Mainz
> HRB 62 50
> Aufsichtsratsvorsitzender
> Klaus Hellwig
> Vorstand
> Hanspeter Gau
> Hermann Kiefer
> Nils Manegold
>
>
>
BGS Beratungsgesellschaft
Software Systemplanung AG
Niederlassung Rhein/Main
Robert-Koch-Straße 41
55129 Mainz
Fon: +49 (0) 6131 / 914-0
Fax: +49 (0) 6131 / 914-400
www.bgs-ag.de
Geschäftssitz Mainz
Registergericht
Amtsgericht Mainz
HRB 62 50
Aufsichtsratsvorsitzender
Klaus Hellwig
Vorstand
Hanspeter Gau
Hermann Kiefer
Nils Manegold
