Not really sure, but I certainly wouldn't suggest subclassing the HolderInInterceptor. That's one of the interceptors that Camel will remove in some cases as normal Camel operation doesn't support Holders. Thus, the interceptor gets removed. Your configuration may be adding it back in in some strange way that Camel isn't expecting.
Dan On Monday, February 27, 2012 11:51:19 AM sram wrote: > I have two endpoints, one derived from jaxws:endpoint and other via Provider > interface. Both have different service ports, names but share same binding. > Both are wired with WS-Security policy. > > <service name="Service1"> > <port name="ServicePort" binding="tns:ReportServiceBinding"> > <soap:address location="http://localhost/reportService/"; /> > </port> > </service> > <service name="Service2"> > <port name="ServiceRouterPort" binding="tns:ReportServiceBinding"> > <soap:address > location="http://L151ATS033040:9081/ewbservice/soap/praService"; /> > </port> > </service> > > Service 1 is jaxws:endpoint with jaxws:inInterceptor > > <jaxws:endpoint id="service1" endpointName="s:ServicePort" > serviceName="s:MyService" implementor="#ServiceEndpoint" > xmlns:s="http://services.mycomp.com/services"; > address="/Service1"> > > <jaxws:inInterceptors> > <ref bean="logInbound" /> > <ref bean="ValidationInterceptor" /> > </jaxws:inInterceptors> > > <jaxws:properties> > <entry key="mtom-enabled" value="true" /> > <entry key="ws-security.ut.validator"> > <ref bean="SecurityInterceptor" /> > </entry> > </jaxws:properties> > > </jaxws:endpoint> > > Service 2, is a provider endpoint, where after authentication I route > request via camel to an external webservice > > <cxf-camel:cxfEndpoint id="Service2" address="/praService" > endpointName="s:ServiceRouterPort" serviceName="s:Service2" > xmlns:s="http://services.mycomp.com/services"; > serviceClass="#otherServiceEndpoint"> > > <cxf-camel:properties> > <entry key="ws-security.ut.validator"> > <ref bean="SecurityInterceptor" /> > </entry> > </cxf-camel:properties> > > > </cxf-camel:cxfEndpoint> > > > While testing with security policies enabled, > > Service 2 works as expected. > > Service 1 works as expected when Service 2 is not wired to security policy > > Service 1, and 2 works as expected when both wired to security policy AND > ValidationInterceptor on Service 1 is disabled. Note: LoggingInInterceptor > is still active and is called even before PolicyInterceptor. > > ValidationInterceptor extends HolderInInterceptor in my implemenation. > > I use WSDL first, but tried to inject policies via annotation and as well > WSDL. I can see the policies on ?WSDL in both cases. > > Looking at CXF code, both PolicyInInterceptor and HolderInInterceptor > extends AbstractPhaseInterceptor, so how do you make sure the security > policies are executed first before any of your application level interceptor > extensions. If the behavior posted here, is is as per design, how do I make > sure my ValidationInterceptor is invoked before the thread enters my > service? > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Multiple-endpoints-and-security-policy-tp55 > 19904p5519904.html Sent from the cxf-user mailing list archive at > Nabble.com. -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
