Hi Dan, thank you for your detailed reply. According to your first question, please find below my project classpath:
activation-1.1.jar ant-1.6.5.jar antlr-2.7.6.jar aopalliance-1.0.jar apache-pdfbox-0.8.0-incubator-dev.jar arq.jar arq-extra.jar asm.jar asm-attrs.jar aspectjrt-1.5.4.jar backport-util-concurrent.jar barbecue-1.5-beta1.jar bcprov-jdk15-140.jar c3p0-0.9.1.jar castor-0.9.6.jar cglib-2.1.3.jar clibwrapper_jiio.jar commons-beanutils.jar commons-chain-1.1.jar commons-codec-1.3.jar commons-collections-2.1.1.jar commons-digester.jar commons-discovery.jar commons-el.jar commons-fileupload.jar commons-validator-1.3.1.jar core-3.1.1.jar cxf-2.2.jar dom4j-1.6.1.jar ehcache-1.4.1.jar ejb3-persistence.jar el-ri.jar FastInfoset-1.2.2.jar filetimes.jar FontBox-0.2.0-dev.jar geronimo-activation_1.1_spec-1.0.2.jar geronimo-annotation_1.0_spec-1.1.1.jar geronimo-servlet_2.5_spec-1.2.jar geronimo-stax-api_1.0_spec-1.0.1.jar hibernate3.jar hibernate-annotations.jar hibernate-commons-annotations.jar icefaces.jar icefaces-comps.jar icefaces-facelets.jar icu4j_3_4.jar iri.jar iText-2.1.3.jar jai_codec.jar jai_core.jar jai_imageio.jar jawin.jar jawin-stubs.jar jaxb-impl-2.1.7.jar jaxb-xjc-2.1.7.jar jaxen-1.1.jar jcifs-1.2.24.jar jcl-over-slf4j-1.5.6.jar jdom-1.0.jar jena.jar jenatest.jar jettison-1.0.jar jetty-6.1.15.jar jetty-util-6.1.15.jar jsf-api-1.2.jar jsf-impl-1.2.jar json.jar jsp-2.1-glassfish-9.1.1.B51.25.p1.jar jsp-2.1-jetty-6.1.15.jar jsp-api-2.1-glassfish-9.1.1.B51.25.p1.jar jsr107cache-1.0.jar jstl.jar jta.jar krysalis-jCharts-1.0.0-alpha-1.jar license-1.0.0.0.jar license-internal-1.0.0.0.jar log4j-1.2.15.jar lucene-core-2.2.0.jar mail-1.4.jar mysql-connector-java-3.1.14-bin.jar neethi-2.0.4.jar opensaml-1.1.jar PDFRenderer.jar poi-3.2-FINAL-20081019.jar poi-contrib-3.2-FINAL-20081019.jar poi-scratchpad-3.2-FINAL-20081019.jar postgresql-8.2-508.jdbc3.jar satanet-app.jar serializer-2.7.1.jar servlet-api-2.5-20081211.jar slf4j-api-1.5.6.jar slf4j-log4j12-1.5.6.jar spring.jar spring-security-acl-2.0.4.jar spring-security-cas-client-2.0.4.jar spring-security-catalina-2.0.4.jar spring-security-core-2.0.4.jar spring-security-core-tiger-2.0.4.jar spring-security-jboss-2.0.4.jar spring-security-jetty-2.0.4.jar spring-security-ntlm-2.0.4.jar spring-security-openid-2.0.4.jar spring-security-portlet-2.0.4.jar spring-security-resin-2.0.4.jar spring-security-taglibs-2.0.4.jar standard-1.1.2.jar stax-api-1.0.jar stax-utils-20060502.jar wsdl4j-1.6.2.jar wss4j-1.5.7.jar xalan-2.7.1.jar xercesImpl.jar xml-apis.jar xml-resolver-1.2.jar XmlSchema-1.4.2.jar xmlsec-1.4.0.jar xpp3_min-1.1.4c.jar xstream-1.2.1.jar I've just checked the available snapshots for CXF 2.2 but it seems that the latest was built on Tuesday 5th, so I guess it isn't the one you worked on. Today I'll be out of office but tomorrow (Friday 8th) I'll test your changes and let you know. Marco dkulp wrote: > > > > Well, I'm not able to reproduce the issue. I've pretty much created a > testcase in our aegis tests that enable wss4j with username/password > combos > just like you have and send "jack&jill" and it works. > > HOWEVER, if I send " jack&jill ", the string ended up trimmed. > Digging > into that more, I did discover a bug that COULD cause what you are seeing. > The DOM reader (when using WSS4J, the message ends up as DOM) we have had > two > issues: > 1) It only checked the first TEXT node. I THINK this is what you are > seeing. > Whatever parser you are using was splitting the text into multiple text > nodes. > Are you using something other than woodstox? > > 2) It was also calling trim on the resulting string. > > > I've gone ahead and fixed those issues and am running the tests now. > I'll > get that committed shortly (providing the tests pass). New snapshots > should > be up tomorrow (or you could checkout from SVN and build). It would be > great > if you could test those to see if your issue is fixed as well. > > Dan > > > > On Wed May 6 2009 10:16:56 am marcob wrote: >> Hi, >> >> I tested that the problem occurs if I enable WS-Security. Below the test >> case. >> >> Service Interface: >> @WebService(name = "BatchManagerService", targetNamespace = >> "http://www.satanet.it/kfi";) >> public interface IBatchManagerService { >> @WebResult(targetNamespace = "http://www.satanet.it/kfi";) >> public String echo(@WebParam(name="text") String txt); >> } >> >> Service implementation: >> @WebService(endpointInterface = >> "it.satanet.karthaForInvoice.commonInterfaces.batchManager.IBatchManagerSer >>vice", serviceName = "BatchManagerService", targetNamespace = >> "http://www.satanet.it/kfi";) >> public class BatchManagerServiceImpl implements IBatchManagerService { >> >> @Override >> public String echo(String txt) { >> System.out.println(txt); >> return txt; >> } >> >> } >> >> Service Spring cfg: >> <bean id="aegisDatabinding" >> class="org.apache.cxf.aegis.databinding.AegisDatabinding" >> scope="prototype" >> /> >> >> <bean id="myPasswordCallback" >> class="it.satanet.karthaForInvoice.commonInterfaces.ws_util.ServerPasswordC >>allback"/> >> >> <!-- WS --> >> >> <bean id="wsService" >> class="it.satanet.karthaForInvoice.batchManager.service.BatchManagerService >>Impl" /> >> <bean id="serviceFactory" >> class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean" >> scope="prototype"> >> <property name="dataBinding" ref="aegisDatabinding" /> >> </bean> >> <jaxws:server id="wsServiceEndpoint" serviceBean="#wsService" >> serviceClass="it.satanet.karthaForInvoice.batchManager.service.BatchManager >>ServiceImpl" address="/ws"> >> <jaxws:serviceFactory> >> <ref bean="serviceFactory" /> >> </jaxws:serviceFactory> >> >> <jaxws:inInterceptors> >> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> >> <constructor-arg> >> <map> >> <entry key="action" value="UsernameToken"/> >> <entry key="passwordType" value="PasswordText"/> >> <entry key="passwordCallbackRef"> >> <ref bean="myPasswordCallback"/> >> </entry> >> </map> >> </constructor-arg> >> </bean> >> </jaxws:inInterceptors> >> >> <jaxws:properties> >> <entry key="mtom-enabled" value="true" /> >> </jaxws:properties> >> >> </jaxws:server> >> >> >> Client (generic, but you can replace T with the service interface): >> @SuppressWarnings("unchecked") >> public T getClientProxy(Class<T> c) { >> JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); >> >> // logging >> // factory.getInInterceptors().add(new LoggingInInterceptor()); >> // factory.getOutInterceptors().add(new LoggingOutInterceptor()); >> >> Map<String, Object> outProps = new HashMap<String, Object>(); >> WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); >> factory.getOutInterceptors().add(wssOut); >> outProps.put(WSHandlerConstants.ACTION, >> WSHandlerConstants.USERNAME_TOKEN); >> // Specify our username >> outProps.put(WSHandlerConstants.USER, >> ServerPasswordCallback.WS_SECURITY_USER); >> // Password type : plain text >> outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); >> // for hashed password use: >> // properties.put(WSHandlerConstants.PASSWORD_TYPE, >> WSConstants.PW_DIGEST); >> outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, >> ClientPasswordHandler.class.getName()); >> >> // invocation >> factory.setServiceClass(c); >> AegisDatabinding dataBinding = new AegisDatabinding(); >> dataBinding.setMtomEnabled(MTOM_ENABLED); >> dataBinding.setMtomUseXmime(MTOM_ENABLED); >> factory.setDataBinding(dataBinding); >> factory.setAddress(wsUrl); >> Map<String, Object> properties = factory.getProperties(); >> if (properties == null) { >> properties = new HashMap<String, Object>(); >> factory.setProperties(properties); >> } >> properties.put("mtom-enabled", MTOM_ENABLED); >> >> return (T) factory.create(); >> } >> >> By disabling WSS4J support, everything works fine. >> Right now, I think I can do without WSS4J but I'd like to know what goes >> wrong. >> Marco >> >> dkulp wrote: >> > A simple testcase for this would be great if at all possible. >> > >> > I just tested this by adding the string "john&marry" to the testString >> > stuff >> > in our type tests and it passed fine. The full string was properly >> > echoed >> > back. Thus, I'm not sure what would be going on. A test case >> would >> > definitely be useful. >> > >> > >> > Dan >> > >> > On Fri May 1 2009 3:38:44 am marcob wrote: >> >> That was my first reaction as well! >> >> Yes, I have CXF at both ends. I don't know if it might help, but in >> the >> >> previous post I forgot to say that my WS stack also includes a WS >> >> Security >> >> Interceptor. When I come back to the office (Monday), I'll test the >> same >> >> code without WS-Security and check whether exists a more updated >> version >> >> of >> >> woodstox library. >> >> In the meanwhile, any further suggestion is very welcome! >> >> Marco >> >> >> >> bimargulies wrote: >> >> > My first reaction is that I don't believe it. It is the woodstox >> code >> >> > that handles all of this, not us. Is the CXF on both ends? >> >> > >> >> > On Thu, Apr 30, 2009 at 12:21 PM, marcob <[email protected]> wrote: >> >> >> Hi, >> >> >> >> >> >> I've found this unexpected behaviour while using cxf 2.2.x + JaxWS >> + >> >> >> Aegis. >> >> >> If I define a method that accepts string parameters, e.g. >> >> >> >> >> >> public void echo(String text) { >> >> >> System.out.println(text); >> >> >> } >> >> >> >> >> >> and I pass a string containing the ampersand character (&), e.g. >> >> >> "john&lucy", the echo method only prints "john". I investigated the >> >> >> problem >> >> >> with an HTTP Monitor and it seems that at client side the string is >> >> >> correctly escaped (the SOAP request contains the >> "john&amp;lucy" >> >> >> text) >> >> >> but, at server side, the string is truncated at the & character >> >> >> position. >> >> >> >> >> >> From my point of view, it seems to be a bug. >> >> >> Any solution? >> >> >> Thanks >> >> >> Marco >> >> >> -- >> >> >> View this message in context: >> >> >> >> >> http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23319655.html >> >> >> >> >> Sent from the cxf-user mailing list archive at Nabble.com. >> > >> > -- >> > Daniel Kulp >> > [email protected] >> > http://www.dankulp.com/blog > > -- > Daniel Kulp > [email protected] > http://www.dankulp.com/blog > > -- View this message in context: http://www.nabble.com/CXF-2.2.x-ampersand-issue-tp23319655p23421006.html Sent from the cxf-user mailing list archive at Nabble.com.
