In WSS4J 1.6 the password is not supplied to the CallbackHandler, only the username. The CallbackHandler is expected to supply the password to the default Validator (UsernameTokenValidator) in this case. If you wish to implement some custom scenario, you must implement your own Validator implementation. See here for more information:
http://coheigea.blogspot.com/2011/04/wss4j-16-introducing-validators.html Colm. On Mon, Jun 27, 2011 at 3:36 PM, Vivek Alampally <vivek2...@gmail.com> wrote: > Here is the actual problem when integrating CXF 2.4.1 with WSS4J 1.6.1. So > does this change require change in configuration.. Can anybody please help > me in fixing this issue. > > java.lang.NullPointerException > at > com.fdt.sdl.security.authentication.util.ServerPasswordCallback.handle(ServerPasswordCallback.java:41) > at > org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:168) > at > org.apache.ws.security.validate.UsernameTokenValidator.verifyPlaintextPassword(UsernameTokenValidator.java:142) > at > org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:100) > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:118) > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:52) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:249) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:85) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) > at > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:118) > at > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:208) > at > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223) > at > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:205) > at > org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:113) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:184) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:107) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:163) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100) > at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:403) > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:301) > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:162) > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:140) > at > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309) > at > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > at java.lang.Thread.run(Thread.java:662) > > On Mon, Jun 27, 2011 at 10:22 AM, Vivek Alampally <vivek2...@gmail.com>wrote: > >> Sorry this exception got resolved when I removed XMLSchema1.4.7.jar >> >> >> On Mon, Jun 27, 2011 at 10:14 AM, Vivek Alampally <vivek2...@gmail.com>wrote: >> >>> Hi, >>> Thanks for your prompt response. >>> >>> When I add WSS4j 1.6.1 the below exception is coming. >>> org.springframework.beans.factory.BeanDefinitionStoreException: Factory >>> method [public java.lang.Object >>> org.apache.cxf.jaxws.JaxWsProxyFactoryBean.create()] threw exception; nested >>> exception is java.lang.NoSuchFieldError: QUALIFIED >>> >>> >>> Does this change require any change in configuration as well. >>> >>> >>> >>> On Mon, Jun 27, 2011 at 9:53 AM, Colm O hEigeartaigh <cohei...@apache.org >>> > wrote: >>> >>>> They are incompatible - you must use WSS4J 1.6.x with CXF 2.4.x. >>>> >>>> Colm. >>>> >>>> On Mon, Jun 27, 2011 at 2:47 PM, Vivek Alampally <vivek2...@gmail.com> >>>> wrote: >>>> > Hi >>>> > I am getting the following exception while replacing existing cxf 2.3.3 >>>> jar >>>> > with Apache CXF 2.4.1 >>>> > java.lang.NoSuchMethodError< >>>> http://download.oracle.com/javase/6/docs/api/java/lang/NoSuchMethodError.html >>>> >: >>>> > >>>> org.apache.ws.security.util.WSSecurityUtil.decodeAction(Ljava/lang/String;Ljava/util/List;)I >>>> > >>>> > Can anyone please tell me whether there are any compatibility issues >>>> > with Apache CXF 2.4 and wss4j 1.5.11. >>>> > >>>> >>>> >>>> >>>> -- >>>> Colm O hEigeartaigh >>>> >>>> http://coheigea.blogspot.com/ >>>> Talend - http://www.talend.com >>>> >>> >>> >> > -- Colm O hEigeartaigh http://coheigea.blogspot.com/ Talend - http://www.talend.com
