On Thu, Dec 23, 2010 at 10:59 PM, Dennis Sosnoski <[email protected]> wrote:
> Looks like something changed post 2.2.8 - I get the same error you > reported when I try using my sample code with 2.3.1, and also with > 2.2.10, though it works with 2.2.8. The best thing to do is to enter a > Jira and attach the CXF sample code from the article, In fact, code doesn't work in 2.2.9. https://issues.apache.org/jira/browse/CXF-3218 > and try using > 2.2.8 (available from the archive, look for the link on the download > page) for now. > > - Dennis > > > On 12/24/2010 04:13 PM, John Franey wrote: > > Dennis, Glen, > > > > I would rate my experience level as "uninitiated". Thanks for taking the > > time to help me get some legs. > > > > > > On Thu, Dec 23, 2010 at 6:00 PM, Dennis Sosnoski <[email protected]> > wrote: > > > > > >> John, you might try downloading the sample code from the > >> SymmetricBinding article referenced by Glen > >> (http://www.ibm.com/developerworks/java/library/j-jws17/index.html) as > a > >> basis for trying your policy. First build and test the supplied sample > >> using your CXF installation, then substitute your policy for the one in > >> the sample code WSDL. Hopefully that could help you find the cause of > >> the problems. > >> > >> > >> > > I ran the SecureConversation example because that matches the policy my > > target service setting. > > > > Tomcat 5.5.31, jdk 1.6.0_22, linux ubuntu 10.10, cxf 2.3.1, > > dennis' war: cxf-seismic-scencr.war, > > > > client run command: ant run-scencr > > > > I got this exception (server side log): > > > > Dec 23, 2010 9:32:28 PM org.apache.cxf.phase.PhaseInterceptorChain > > doDefaultLogging > > WARNING: Interceptor for { > > > http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}RequestSecurityTokenhas > > thrown exception, unwinding now > > org.apache.cxf.binding.soap.SoapFault: Action > > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT not supported > > at > > > org.apache.cxf.ws.addressing.MAPAggregator.mediate(MAPAggregator.java:572) > > at > > > org.apache.cxf.ws.addressing.MAPAggregator.handleMessage(MAPAggregator.java:227) > > at > > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) > > at > > > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) > > at > > > org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) > > at > > > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) > > at > > > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188) > > at > > > org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:148) > > at > > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179) > > at > > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:647) > > > > I took up Glen's hint and put cxf-rt-ws-security*.jar and > > cxf-rt-ws-policy*.jar from ${cxf-home}/modules into the war. And got the > > same exception. > > > > How shall I interpret this exception? Do I need another module? > > > > The comment from the article that "CXF was the only stack that worked > > > >> with the policy as written." only applied to the WS-SecureConversation > >> policy shown in Listing 2. WS-SC configurations tend to be more > >> failure-prone than regular WS-Security configurations, in my experience, > >> since there are more "moving parts" involved in the operation. All three > >> of the stacks I tried were able to handle the basic SymmetricBinding > >> configuration. > >> > >> - Dennis > >> > >> Dennis M. Sosnoski > >> Java SOA and Web Services Consulting < > http://www.sosnoski.com/consult.html > >> > >>> > >> Axis2/CXF/Metro SOA and Web Services Training > >> <http://www.sosnoski.com/training.html> > >> Web Services Jump-Start <http://www.sosnoski.com/jumpstart.html> > >> > >> > >> On 12/24/2010 10:26 AM, Glen Mazza wrote: > >> > >>> If *could* be your service provider is not detecting the > >>> SymmetricBinding tag because two additional libraries need to be > >>> declared in your web.xml: > >>> http://www.jroller.com/gmazza/entry/cxf_x509_profile_secpol (see the > >>> section on |contextConfigLocation|, it will point you to a username > >>> token article.) > >>> > >>> HTH, > >>> Glen > >>> > >>> > >>> > >>> > >>> On 23.12.2010 16:20, John Franey wrote: > >>> > >>>> Thanks. > >>>> > >>>> On Thu, Dec 23, 2010 at 4:01 PM, Glen Mazza<[email protected]> > >>>> wrote: > >>>> > >>>> > >>>>> On http://www.sosnoski.com/articles.html, I think you'll want the > 2nd > >>>>> article:WS-Security without client certificates< > >>>>> http://www.ibm.com/developerworks/java/library/j-jws17/index.html> > >>>>> > >>>>> This statement from that article is why I am wanting to use CXF: > >>>>> "CXF was > >>>>> > >>>> the only stack that worked with the policy as written." > >>>> > >>>> The policy I am consuming looks much like the ones in his article. > >>>> So, I'm > >>>> expecting success. I believe symmetric binding is supported. > >>>> > >>>> Should I conclude that the 'right wsdl' is enough to activate > symmetric > >>>> binding? or is there some other configuration needed? > >>>> > >>>> The message "SymmetricBinding not supported" implies the latter, I > >>>> think. > >>>> > >>>> > >>>> HTH, > >>>> > >>>>> Glen > >>>>> > >>>>> > >>>>> > >>>>> On 23.12.2010 15:32, John Franey wrote: > >>>>> > >>>>> > >>>>>> I believe symmetric binding policy is supported in cxf 2.3.1, but > >>>>>> this log > >>>>>> message says no: > >>>>>> > >>>>>> [PolicyEngineImpl] Alternative { > >>>>>> > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}SymmetricBinding > >>>>>> > >> < > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DSymmetricBinding > >> > >>> is > >>> > >>>>>> not > >>>>>> supported > >>>>>> > >>>>>> I've been working over the cxf documentation for over a day. I am > >>>>>> stumped. > >>>>>> > >>>>>> What do I have to do to turn on support for symmetric binding? > >>>>>> > >>>>>> I'm writing a client that will run in jbossws-cxf 3.4.0. > >>>>>> > >>>>>> Thanks, > >>>>>> John > >>>>>> > >>>>>> > >>>>>> > >>>>> -- > >>>>> > >>>>> Glen Mazza > >>>>> gmazza at apache dot org > >>>>> http://www.jroller.com/gmazza > >>>>> > >>>>> > >>> > >>> > >> > > >
