Re: Antwort: Re: Antwort: Re: WS-Client throws Exception in WSS4JInInterceptor

[Freeman Fang]

Hi Josef,

Take a look at [1] about the interceptors in cxf.
For your code, I believe add it into annotation @OutInterceptors should 
be fine, also you can find several other ways from [1] to configure it.

But I'm not sure
message.getInterceptorChain().add(new SAAJOutInterceptor());
works for you, since the message here in your code is incoming message 
but you need add interceptors to process the outgoing message.

Regards
Freeman

[1]http://cwiki.apache.org/CXF20DOC/interceptors.html

[EMAIL PROTECTED] wrote:
Hi Freeman,

o.k. I will try that. Do I have to add the OutInterceptors in the way:

@OutInterceptors...

or here:

message.getInterceptorChain().add(new SAAJOutInterceptor());
...
??

Is there any documentation on that?

- Josef




Freeman Fang <[EMAIL PROTECTED]> 
05.09.2008 11:31
Bitte antworten an
users@cxf.apache.org


An
users@cxf.apache.org
Kopie

Thema
Re: Antwort: Re: WS-Client throws Exception in WSS4JInInterceptor






Hi Josef,
You should add WSS4JOutInterceptor and SAAJOutInterceptor for your 
server side  as well.

Regards
Freeman

[EMAIL PROTECTED] wrote:
  
Hi Freeman,

no as I understand we did not add OutInterceptors on the ServerSide:

We use EJB3.0 and the WSImpl class looks like:

@Stateless
@WebService(name="MyWS", serviceName="MyService", portName="ZielPort")
@InInterceptors(interceptors={ myPath.WSSecurityInterceptor" })
public class MyWSImpl implements MyWSInterface {

The myPath.WSSecurityInterceptor class adds the Interceptors in the way:

message.getInterceptorChain().add(new SAAJInInterceptor());
...

Is this o.k.? 

-Josef





Freeman Fang <[EMAIL PROTECTED]> 
05.09.2008 11:01
Bitte antworten an
users@cxf.apache.org


An
users@cxf.apache.org
Kopie

Thema
Re: WS-Client throws Exception in WSS4JInInterceptor






One quick question, did you also add WSS4JOutInterceptor and 
SAAJOutInterceptor for your server side?

Regards
Freeman

[EMAIL PROTECTED] wrote:

    
Hi,

we use UsernameToken and Signature in our WS-Security Secenario. 

For the Client we add SAAJOutInterceptor (because of Apache CXF 2.0.x) 

      
and 

    
WSS4JOutInterceptor as additional OutInterceptors. ()
For the Server we add SAAJInInterceptor (because of Apache CXF 2.0.x), 
WSS4JInInterceptor and ValidateUserTokenInterceptor(own Implementation) 
      

  
as 

    
InInterceptors.

The client puts all necessary information into the request, as far as I 
      

  
understand the data in my TCP/IP Monitor. The server processes the 

      
Request 

    
and I see no errors in WSSecurityEngine, WSS4jInInterceptor etc. The 
server sends a HTTP/1.1 200 OK back to the client. And now the client 
throws an error:

INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Request does not contain 
      
required 
  
    
Security header.
        at 


      
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:150)
  
        at 


      
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:60)
  
        at 


      
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
  
        at 
org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:395)
        at 


      
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1932)
  
        at 


      
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1790)
  
        at 
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
        at 
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:576)
        at 


      
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
  
        at 


      
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
  
        at 

      
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)

    
        at 

      
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)

    
        at 
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
        at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)

I checked the code of WSS4JInInterceptor and I see wsResult == null, 
because
                wsResult = 
secEngine.processSecurityHeader(doc.getSOAPPart(), actor, cbHandler, 
reqData
                    .getSigCrypto(), reqData.getDecCrypto());
is null as well.

I don't understand why the client calls this InInterceptor ???

-Josef
BGS Beratungsgesellschaft 
Software Systemplanung AG         Niederlassung Rhein/Main 
Robert-Koch-Straße 41 
55129 Mainz 
Fon: +49 (0) 6131 / 914-0 
Fax: +49 (0) 6131 / 914-400 
www.bgs-ag.de Geschäftssitz Mainz 
Registergericht 
Amtsgericht Mainz 
HRB 62 50 
  Aufsichtsratsvorsitzender 
Klaus Hellwig 
Vorstand 
Hanspeter Gau 
Hermann Kiefer 
Nils Manegold 




      

BGS Beratungsgesellschaft 
Software Systemplanung AG 




Niederlassung Rhein/Main 
Robert-Koch-Straße 41 
55129 Mainz 
Fon: +49 (0) 6131 / 914-0 
Fax: +49 (0) 6131 / 914-400 
www.bgs-ag.de 
Geschäftssitz Mainz 
Registergericht 
Amtsgericht Mainz 
HRB 62 50 

Aufsichtsratsvorsitzender 
Klaus Hellwig 
Vorstand 
Hanspeter Gau 
Hermann Kiefer 
Nils Manegold 



    



BGS Beratungsgesellschaft 
Software Systemplanung AG         Niederlassung Rhein/Main 
Robert-Koch-Straße 41 
55129 Mainz 
Fon: +49 (0) 6131 / 914-0 
Fax: +49 (0) 6131 / 914-400 
www.bgs-ag.de Geschäftssitz Mainz 
Registergericht 
Amtsgericht Mainz 
HRB 62 50 
  Aufsichtsratsvorsitzender 
Klaus Hellwig 
Vorstand 
Hanspeter Gau 
Hermann Kiefer 
Nils Manegold