Hello, OK but how do you choose the method WSS4J interceptors or WS-SecurityPolicy ?
Best Regards. -----Original Message----- From: Glen Mazza [mailto:gma...@talend.com] Sent: vendredi 3 février 2012 19:29 To: users@cxf.apache.org Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken The only reference to WSHandlerConstants.USER in the blog article is in the case where you're using WSS4J interceptors and not WS-SecurityPolicy. Remember just before that code block the article says to activate the section of the code depending on the method you're using--WSS4J interceptors or WS-SecurityPolicy. Glen On 02/03/2012 01:03 PM, COURTAULT Francois wrote: > Hello, > > I don't understand because the 2 ways of coding seem feasible > according the article at: > http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile > > So do you mean that the client code provided in this article is wrong ? > > Best Regards > > -----Original Message----- > From: Colm O hEigeartaigh [mailto:cohei...@apache.org] > Sent: vendredi 3 février 2012 18:17 > To: users@cxf.apache.org > Subject: Re: Issue with CXF-2.5.2 regarding UsernameToken > > Hi Francois, > > In the code you have that works, you are (correctly) setting the username via > the tag "ws-security.username". This is defined in the following > documentation "Configuring the extra properties": > > http://cxf.apache.org/docs/ws-securitypolicy.html > > However in the code that does not work, you are setting the username via the > tag WSHandlerConstants.USER. This is a configuration tag used by WSS4J and it > works with CXF for the non-WS-SecurityPolicy use-case. > As you are using WS-SecurityPolicy (TransportBindingHandler), it does not > work. > > Colm. > > On Fri, Feb 3, 2012 at 5:10 PM, COURTAULT > Francois<francois.courta...@gemalto.com> wrote: >> Hello everybody, >> >> For UsernameToken, in my client code I have used the following code which is: >> Map<String, Object> ctx = ((BindingProvider) >> port).getRequestContext(); >> ctx.put("ws-security.username", "myusername"); >> ctx.put("ws-security.password", "mypassword"); It >> works :) >> >> But if I replace this one with: >> Map<String, Object> outProps = new HashMap<String, >> Object>(); >> outProps.put(WSHandlerConstants.ACTION, >> WSHandlerConstants.USERNAME_TOKEN); >> outProps.put(WSHandlerConstants.USER, "myusername"); >> outProps.put(WSHandlerConstants.PASSWORD_TYPE, >> WSConstants.PW_TEXT); >> outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, >> ClientPasswordCB.class.getName()); >> >> WSS4JOutInterceptor wssOut = new >> WSS4JOutInterceptor(outProps); >> >> Client client = >> org.apache.cxf.frontend.ClientProxy.getClient(port); >> Endpoint cxfEndpoint = client.getEndpoint(); >> >> cxfEndpoint.getOutInterceptors().add(wssOut); >> >> with >> public class ClientPasswordCB implements CallbackHandler { >> >> @Override >> public void handle(Callback[] callbacks) throws IOException, >> UnsupportedCallbackException { >> // TODO Auto-generated method stub >> WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; >> if ("myusername".equals(pc.getIdentifier())) { >> pc.setPassword("mypassword"); >> } >> } >> >> } >> >> I got the following error: >> févr. 2012 18:04:50 org.apache.cxf.phase.PhaseInterceptorChain >> doDefaultLogging >> ATTENTION: Interceptor for >> {http://gemalto/test/ws/}SimpleWSEJBService#{http://gemalto/test/ws/} >> h elloWorld has thrown exception, unwinding now >> org.apache.cxf.interceptor.Fault: No username available >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl >> e >> r.handleBinding(TransportBindingHandler.java:151) >> at >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic >> y >> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt >> e >> rceptor.java:158) >> at >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic >> y >> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt >> e >> rceptor.java:88) >> at >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept >> o >> rChain.java:263) >> at >> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319) >> at >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88) >> at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:13 >> 4 >> ) >> at $Proxy27.helloWorld(Unknown Source) >> at >> com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimp >> l >> eWSCXFClientHttpsUsername.java:85) >> Caused by: org.apache.cxf.ws.policy.PolicyException: No username >> available >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .policyNotAsserted(AbstractBindingBuilder.java:301) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .addUsernameToken(AbstractBindingBuilder.java:804) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .handleSupportingTokens(AbstractBindingBuilder.java:475) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .handleSupportingTokens(AbstractBindingBuilder.java:462) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl >> e >> r.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl >> e >> r.handleBinding(TransportBindingHandler.java:144) >> ... 11 more >> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: No >> username available >> at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:15 >> 6 >> ) >> at $Proxy27.helloWorld(Unknown Source) >> at >> com.gemalto.test.cxf.TestSimpleWSCXFClientHttpsUsername.main(TestSimp >> l >> eWSCXFClientHttpsUsername.java:85) >> Caused by: org.apache.cxf.ws.policy.PolicyException: No username >> available >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .policyNotAsserted(AbstractBindingBuilder.java:301) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .addUsernameToken(AbstractBindingBuilder.java:804) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .handleSupportingTokens(AbstractBindingBuilder.java:475) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilde >> r >> .handleSupportingTokens(AbstractBindingBuilder.java:462) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl >> e >> r.handleNonEndorsingSupportingTokens(TransportBindingHandler.java:200) >> at >> org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandl >> e >> r.handleBinding(TransportBindingHandler.java:144) >> at >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic >> y >> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt >> e >> rceptor.java:158) >> at >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$Polic >> y >> BasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInt >> e >> rceptor.java:88) >> at >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept >> o >> rChain.java:263) >> at >> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319) >> at >> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88) >> at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:13 >> 4 >> ) >> ... 2 more >> >> Any idea ? What's wrong with this code ? >> >> Best Regards. > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com -- Glen Mazza Talend Community Coders - coders.talend.com blog: www.jroller.com/gmazza