Hi Freeman,
The @OutInterceptors and @InInterceptors are both on the interface:
@Stateless
@WebService(name="MyWS", serviceName="MyWSService", portName="ZielPort")
public class MyWSImpl implements MyWSIF {
@WebService(name="MyWS", serviceName="MyWSService", portName="ZielPort")
@InInterceptors(interceptors={ "myPath.WSSecurityInInterceptor" })
@OutInterceptors(interceptors={ "myPath.WSSecurityOutInterceptor" })
public interface MyWSIF {
If I put the InInterceptor only on the implementation class, it is not
used. I haven't tested all possibilities with Out- and In-Interceptors,
but I had better results on the interface.
-Josef
Freeman Fang <[EMAIL PROTECTED]>
08.09.2008 12:08
Bitte antworten an
[email protected]
An
[email protected]
Kopie
Thema
Re: Antwort: Re: Antwort: Re: Antwort: Re: WS-Client throws Exception in
WSS4JInInterceptor
the error shows the messge.getContent(SOAPMessage.class) return null,
SAAJOutInterceptor should set this content, are you sure you add
SAAJOutInterceptor to the @OutInterceptors annotation of your
serviceImpl class?
Regards
Freeman
[EMAIL PROTECTED] wrote:
> Hi Freeman,
>
> thanx a lot for your fast response. I added the 2 interceptors using the
> annotation @OutInterceptors
>
> Now I get the error from the server:
> 05.09.2008 16:42:53 org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor
> handleMessage
> WARNUNG: SAAJOutHandler must be enabled for WS-Security!
> 05.09.2008 16:42:53 org.apache.cxf.phase.PhaseInterceptorChain
doIntercept
>
> or in SOAP:
> <soap:Fault>
> <faultcode>soap:Server</faultcode>
> <faultstring>NO_SAAJ_DOC</faultstring>
> </soap:Fault>
>
> I created a new class WSSecurityOutInterceptor and in the
> handleMessage-Method I tried:
>
> 1) message.getInterceptorChain().add(new
> SAAJOutInterceptor());
> message.getInterceptorChain().add(new
> WSS4JOutInterceptor());
>
> or 2):
> Map<String,Object> props = new HashMap<String,Object>();
> props.put(WSHandlerConstants.ACTION,
> WSHandlerConstants.USERNAME_TOKEN
> + " " + WSHandlerConstants.SIGNATURE);
> // TODO Anpassen, User aus DB
> props.put(WSHandlerConstants.USER, "user");
> props.put(WSHandlerConstants.PASSWORD_TYPE,
> WSConstants.PW_DIGEST);
> props.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> ClientPasswordCallback.class.getName());
> props.put(WSHandlerConstants.SIG_PROP_FILE,
> "client_sign.properties");
>
> message.getInterceptorChain().add(new
> SAAJOutInterceptor());
> message.getInterceptorChain().add(new
> WSS4JOutInterceptor(props));
>
>
> How can I activate the SAAJOutHandler or what do I wrong?
>
> -Josef
>
>
>
>
>
> Freeman Fang <[EMAIL PROTECTED]>
> 05.09.2008 16:34
> Bitte antworten an
> [email protected]
>
>
> An
> [email protected]
> Kopie
>
> Thema
> Re: Antwort: Re: Antwort: Re: WS-Client throws Exception in
> WSS4JInInterceptor
>
>
>
>
>
>
> Hi Josef,
>
> Take a look at [1] about the interceptors in cxf.
>
> For your code, I believe add it into annotation @OutInterceptors should
> be fine, also you can find several other ways from [1] to configure it.
>
> But I'm not sure
> message.getInterceptorChain().add(new SAAJOutInterceptor());
> works for you, since the message here in your code is incoming message
> but you need add interceptors to process the outgoing message.
>
> Regards
> Freeman
>
> [1]http://cwiki.apache.org/CXF20DOC/interceptors.html
>
> [EMAIL PROTECTED] wrote:
>
>> Hi Freeman,
>>
>> o.k. I will try that. Do I have to add the OutInterceptors in the way:
>>
>> @OutInterceptors...
>>
>> or here:
>>
>> message.getInterceptorChain().add(new SAAJOutInterceptor());
>> ...
>> ??
>>
>> Is there any documentation on that?
>>
>> - Josef
>>
>>
>>
>>
>> Freeman Fang <[EMAIL PROTECTED]>
>> 05.09.2008 11:31
>> Bitte antworten an
>> [email protected]
>>
>>
>> An
>> [email protected]
>> Kopie
>>
>> Thema
>> Re: Antwort: Re: WS-Client throws Exception in WSS4JInInterceptor
>>
>>
>>
>>
>>
>>
>> Hi Josef,
>> You should add WSS4JOutInterceptor and SAAJOutInterceptor for your
>> server side as well.
>>
>> Regards
>> Freeman
>>
>> [EMAIL PROTECTED] wrote:
>>
>>
>>> Hi Freeman,
>>>
>>> no as I understand we did not add OutInterceptors on the ServerSide:
>>>
>>> We use EJB3.0 and the WSImpl class looks like:
>>>
>>> @Stateless
>>> @WebService(name="MyWS", serviceName="MyService", portName="ZielPort")
>>> @InInterceptors(interceptors={ myPath.WSSecurityInterceptor" })
>>> public class MyWSImpl implements MyWSInterface {
>>>
>>> The myPath.WSSecurityInterceptor class adds the Interceptors in the
>>>
> way:
>
>>> message.getInterceptorChain().add(new SAAJInInterceptor());
>>> ...
>>>
>>> Is this o.k.?
>>>
>>> -Josef
>>>
>>>
>>>
>>>
>>>
>>> Freeman Fang <[EMAIL PROTECTED]>
>>> 05.09.2008 11:01
>>> Bitte antworten an
>>> [email protected]
>>>
>>>
>>> An
>>> [email protected]
>>> Kopie
>>>
>>> Thema
>>> Re: WS-Client throws Exception in WSS4JInInterceptor
>>>
>>>
>>>
>>>
>>>
>>>
>>> One quick question, did you also add WSS4JOutInterceptor and
>>> SAAJOutInterceptor for your server side?
>>>
>>> Regards
>>> Freeman
>>>
>>> [EMAIL PROTECTED] wrote:
>>>
>>>
>>>
>>>> Hi,
>>>>
>>>> we use UsernameToken and Signature in our WS-Security Secenario.
>>>>
>>>> For the Client we add SAAJOutInterceptor (because of Apache CXF
2.0.x)
>>>>
>
>
>>>>
>>> and
>>>
>>>
>>>
>>>> WSS4JOutInterceptor as additional OutInterceptors. ()
>>>> For the Server we add SAAJInInterceptor (because of Apache CXF
2.0.x),
>>>>
>
>
>>>> WSS4JInInterceptor and ValidateUserTokenInterceptor(own
>>>>
> Implementation)
>
>>
>>> as
>>>
>>>
>>>
>>>> InInterceptors.
>>>>
>>>> The client puts all necessary information into the request, as far as
>>>>
> I
>
>>
>>>> understand the data in my TCP/IP Monitor. The server processes the
>>>>
>>>>
>>>>
>>> Request
>>>
>>>
>>>
>>>> and I see no errors in WSSecurityEngine, WSS4jInInterceptor etc. The
>>>> server sends a HTTP/1.1 200 OK back to the client. And now the client
>>>> throws an error:
>>>>
>>>> INFO: Interceptor has thrown exception, unwinding now
>>>> org.apache.cxf.binding.soap.SoapFault: Request does not contain
>>>>
>>>>
>> required
>>
>>
>>>> Security header.
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:150)
>
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:60)
>
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
>
>>>> at
>>>> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:395)
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1932)
>
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1790)
>
>>>> at
>>>>
>>>>
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
>
>>>> at
>>>> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:576)
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
>
>>>> at
>>>>
>>>>
>>>>
>>>>
>
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:207)
>
>>>> at
>>>>
>>>>
>>>>
>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:254)
>>>
>>>
>>>
>>>> at
>>>>
>>>>
>>>>
>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:205)
>>>
>>>
>>>
>>>> at
>>>> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>>> at
>>>>
>>>>
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
>
>>>> I checked the code of WSS4JInInterceptor and I see wsResult == null,
>>>> because
>>>> wsResult =
>>>> secEngine.processSecurityHeader(doc.getSOAPPart(), actor, cbHandler,
>>>> reqData
>>>> .getSigCrypto(), reqData.getDecCrypto());
>>>> is null as well.
>>>>
>>>> I don't understand why the client calls this InInterceptor ???
>>>>
>>>> -Josef
>>>> BGS Beratungsgesellschaft
>>>> Software Systemplanung AG Niederlassung Rhein/Main
>>>> Robert-Koch-Straße 41
>>>> 55129 Mainz
>>>> Fon: +49 (0) 6131 / 914-0
>>>> Fax: +49 (0) 6131 / 914-400
>>>> www.bgs-ag.de Geschäftssitz Mainz
>>>> Registergericht
>>>> Amtsgericht Mainz
>>>> HRB 62 50
>>>> Aufsichtsratsvorsitzender
>>>> Klaus Hellwig
>>>> Vorstand
>>>> Hanspeter Gau
>>>> Hermann Kiefer
>>>> Nils Manegold
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>> BGS Beratungsgesellschaft
>>> Software Systemplanung AG
>>>
>>>
>>>
>>>
>>> Niederlassung Rhein/Main
>>> Robert-Koch-Straße 41
>>> 55129 Mainz
>>> Fon: +49 (0) 6131 / 914-0
>>> Fax: +49 (0) 6131 / 914-400
>>> www.bgs-ag.de
>>> Geschäftssitz Mainz
>>> Registergericht
>>> Amtsgericht Mainz
>>> HRB 62 50
>>>
>>> Aufsichtsratsvorsitzender
>>> Klaus Hellwig
>>> Vorstand
>>> Hanspeter Gau
>>> Hermann Kiefer
>>> Nils Manegold
>>>
>>>
>>>
>>>
>>>
>>
>> BGS Beratungsgesellschaft
>> Software Systemplanung AG Niederlassung Rhein/Main
>> Robert-Koch-Straße 41
>> 55129 Mainz
>> Fon: +49 (0) 6131 / 914-0
>> Fax: +49 (0) 6131 / 914-400
>> www.bgs-ag.de Geschäftssitz Mainz
>> Registergericht
>> Amtsgericht Mainz
>> HRB 62 50
>> Aufsichtsratsvorsitzender
>> Klaus Hellwig
>> Vorstand
>> Hanspeter Gau
>> Hermann Kiefer
>> Nils Manegold
>>
>>
>>
>>
>
>
>
> BGS Beratungsgesellschaft
> Software Systemplanung AG Niederlassung Rhein/Main
> Robert-Koch-Straße 41
> 55129 Mainz
> Fon: +49 (0) 6131 / 914-0
> Fax: +49 (0) 6131 / 914-400
> www.bgs-ag.de Geschäftssitz Mainz
> Registergericht
> Amtsgericht Mainz
> HRB 62 50
> Aufsichtsratsvorsitzender
> Klaus Hellwig
> Vorstand
> Hanspeter Gau
> Hermann Kiefer
> Nils Manegold
>
>
BGS Beratungsgesellschaft
Software Systemplanung AG Niederlassung Rhein/Main
Robert-Koch-Straße 41
55129 Mainz
Fon: +49 (0) 6131 / 914-0
Fax: +49 (0) 6131 / 914-400
www.bgs-ag.de Geschäftssitz Mainz
Registergericht
Amtsgericht Mainz
HRB 62 50
Aufsichtsratsvorsitzender
Klaus Hellwig
Vorstand
Hanspeter Gau
Hermann Kiefer
Nils Manegold
