RE: ClassNotFoundException for CallbackHandlers from WSS4JInInterceptor

Malisetti, Ramanjaneyulu Mon, 07 Jan 2013 22:31:40 -0800

Hi Freeman,

                We start JAX-WS service like below and provide callback details 
using setProperties() on JaxWsServerFactoryBean. How can we modify this to pass 
callback handler ref?


            String endpointURL = getEndpointURL(serviceURL);
            factory = new JaxWsServerFactoryBean();
            factory.setAddress(endpointURL);
            factory.setServiceBean(this);
            factory.setProperties(getSecurityProperties());



    public Map<String, Object> getSecurityProperties() {
        Map<String, Object> serviceProperties = new HashMap<String, Object>();
        String serviceUrl = 
serviceData.getProperties().getProperty(ServiceData.SERVICE_URI);
        if (serviceUrl.toLowerCase().startsWith("https")) {
            serviceProperties.put("ws-security.callback-handler", 
PasswordCallbackHandler.class.getName());
            serviceProperties.put("ws-security.validate.token", "false");
            serviceProperties.put("ws-security.ut.no-callbacks", "true");
            serviceProperties.put("ws-security.ut.validator", 
CustomUTValidator.class.getName());
        }
        return serviceProperties;
    }

Thank you

Regards
Raman

-----Original Message-----
From: Freeman Fang [mailto:[email protected]] 
Sent: Monday, January 07, 2013 10:49 AM
To: [email protected]
Subject: Re: ClassNotFoundException for CallbackHandlers from WSS4JInInterceptor

Hi,

I assume the  class com.ca.ucf.security.impl.PasswordCallbackHandler is already 
in your customer bundle, right?

If so, another place you need be careful in OSGi container is that, don't use 
<entry key="passwordCallbackClass" 
value="com.ca.ucf.security.impl.PasswordCallbackHandler"/>  to configure your 
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
Using something like

<bean id="myPasswordCallback" 
class="com.ca.ucf.security.impl.PasswordCallbackHandler"/>

and then in the WSS4JInInterceptor configuration, using 
                      <entry key="passwordCallbackRef">
                            <ref bean="myPasswordCallback"/>
                        </entry>
instead, this way, you pass a bean instance reference into WSS4JInInterceptor 
but not a String classname(which avoid the Class.forName(classname) under the 
hood), as the Class.forName(classname) thing doesn't work well in OSGi 
container.


Freeman
－－－－－－－－－－－－－
Freeman(Yue) Fang

Red Hat, Inc. 
FuseSource is now part of Red Hat
Web: http://fusesource.com | http://www.redhat.com/
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: @Freeman小屋

On 2013-1-7, at 下午12:43, Malisetti, Ramanjaneyulu wrote:

> We are using Apache Karaf which has eclipse equinox as default OSGi 
> implementation.
> 
> 
> Manifest-Version: 1.0
> Bundle-ManifestVersion: 2
> Bundle-Name: RemoteLayer
> Bundle-SymbolicName: com.ca.bind
> Main-Class: com.ca.bind.BindingManagerTest
> Bundle-Version: 3.3.0.50
> Bundle-Vendor: CA
> Import-Package:
> commonj.sdo,
> commonj.sdo.helper,
> javax.activation,
> javax.annotation,
> javax.jms,
> javax.jws,
> javax.jws.soap,
> javax.mail,
> javax.mail.event,
> javax.mail.internet,
> javax.mail.search,
> javax.mail.util,
> javax.servlet;version="2.5.0",
> javax.servlet.http;version="2.5.0",
> javax.servlet.resources;version="2.5.0",
> javax.ws.rs,
> javax.ws.rs.core,
> org.aopalliance.aop,
> org.aopalliance.intercept,
> org.apache.commons.codec.binary,
> org.apache.commons.collections,
> org.apache.commons.collections.bag,
> org.apache.commons.collections.bidimap,
> org.apache.commons.collections.buffer,
> org.apache.commons.collections.collection,
> org.apache.commons.collections.comparators,
> org.apache.commons.collections.functors,
> org.apache.commons.collections.iterators,
> org.apache.commons.collections.keyvalue,
> org.apache.commons.collections.list,
> org.apache.commons.collections.map,
> org.apache.commons.collections.set,
> org.apache.commons.httpclient,
> org.apache.commons.httpclient.auth,
> org.apache.commons.httpclient.methods,
> org.apache.commons.httpclient.params,
> org.apache.commons.lang,
> org.apache.commons.lang.builder,
> org.apache.commons.lang.enum,
> org.apache.commons.lang.enums,
> org.apache.commons.lang.exception,
> org.apache.commons.lang.math,
> org.apache.commons.lang.mutable,
> org.apache.commons.lang.reflect,
> org.apache.commons.lang.text,
> org.apache.commons.lang.time,
> org.apache.commons.logging,
> org.apache.cxf;version="[2.5,3.0]",
> org.apache.cxf.binding;version="[2.5,3.0]",
> org.apache.cxf.binding.soap;version="[2.5,3.0]",
> org.apache.cxf.binding.soap.interceptor;version="[2.5,3.0]",
> org.apache.cxf.bus.spring;version="[2.5,3.0]",
> org.apache.cxf.common.util;version="[2.5,3.0]",
> org.apache.cxf.configuration.jsse;version="[2.5,3.0]",
> org.apache.cxf.configuration.security;version="[2.5,3.0]",
> org.apache.cxf.endpoint;version="[2.5,3.0]",
> org.apache.cxf.headers;version="[2.5,3.0]",
> org.apache.cxf.helpers;version="[2.5,3.0]",
> org.apache.cxf.interceptor;version="[2.5,3.0]",
> org.apache.cxf.jaxrs;version="[2.5,3.0]",
> org.apache.cxf.jaxrs.ext.multipart;version="[2.5,3.0]",
> org.apache.cxf.jaxrs.impl;version="[2.5,3.0]",
> org.apache.cxf.jaxws;version="[2.5,3.0]",
> org.apache.cxf.message;version="[2.5,3.0]",
> org.apache.cxf.transport;version="[2.5,3.0]",
> org.apache.cxf.transport.http;version="[2.5,3.0]",
> org.apache.cxf.transport.http_jetty;version="[2.5,3.0]",
> org.apache.cxf.transports.http.configuration;version="[2.5,3.0]",
> org.apache.cxf.ws.addressing;version="[2.5,3.0]",
> org.apache.cxf.wsdl;version="[2.5,3.0]",
> org.apache.http,
> org.apache.http.client.methods,
> org.apache.http.impl.client,
> org.apache.log4j;provider=paxlogging;version="[1.2,2.0)",
> org.apache.ws.security,
> org.apache.ws.security.handler,
> org.apache.ws.security.message.token,
> org.apache.ws.security.validate,
> org.joda.time,
> org.joda.time.format,
> org.osgi.framework,
> org.osgi.service.event,
> org.slf4j;provider=paxlogging;version="[1.6.1,1.7)",
> org.slf4j.helpers;provider=paxlogging;version="[1.6.1,1.7)",
> org.slf4j.spi;provider=paxlogging;version="[1.6.1,1.7)"
> Bundle-Blueprint: OSGI-INF/remote.xml
> Bundle-ClassPath: .,
> lib/core4j.jar,
> lib/odata4j-core.jar,
> lib/activemq-all-5.7.0.jar
> Export-Package: 
> org.odata4j.expression
> Require-Bundle: org.springframework.aop;bundle-version="3.0.7",
> org.springframework.asm;bundle-version="3.0.7",
> org.springframework.beans;bundle-version="3.0.7",
> org.springframework.context;bundle-version="3.0.7",
> org.springframework.core;bundle-version="3.0.7",
> org.springframework.expression;bundle-version="3.0.7",
> org.springframework.jms;bundle-version="3.0.7",
> org.springframework.transaction;bundle-version="3.0.7",
> com.springsource.org.aopalliance;bundle-version="1.0.0"
> 
> 
> Regards
> Raman
> 
> -----Original Message-----
> From: Freeman Fang [mailto:[email protected]]
> Sent: Monday, January 07, 2013 6:35 AM
> To: [email protected]
> Subject: Re: ClassNotFoundException for CallbackHandlers from 
> WSS4JInInterceptor
> 
> Hi,
> 
> What's the OSGi container you're using?
> How your customer bundle OSGi metadata header looks like?
> －－－－－－－－－－－－－
> Freeman(Yue) Fang
> 
> Red Hat, Inc. 
> FuseSource is now part of Red Hat
> Web: http://fusesource.com | http://www.redhat.com/
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
> http://blog.sina.com.cn/u/1473905042
> weibo: @Freeman小屋
> 
> On 2013-1-7, at 上午12:37, Malisetti, Ramanjaneyulu wrote:
> 
>> Hi,
>>       In OSGi env we are getting the following exception. How can we make 
>> WSS4JInInterceptor find our callback handler? We are using CXF 2.7.1.
>> 
>> 2013-01-06 11:21:21,238 ERROR  [Thread] client.WSModuleProxy 
>> -118-com.ca.ucf.core.bind-3.3.0.50 - 
>> com.ca.ucf.security.impl.PasswordCallbackHandler.
>> javax.xml.ws.soap.SOAPFaultException: 
>> com.ca.ucf.security.impl.PasswordCallbackHandler
>>       at 
>> org.apache.cxf.jaxws.DispatchImpl.mapException(DispatchImpl.java:287)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:392)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243)[101:org.apache.cxf.bundle:2.7.1]
>>       at
>> com.ca.ucf.remote.ws.SOAPHelper.proxyInvoke(SOAPHelper.java:257)[118:
>> c om.ca.ucf.core.bind:3.3.0.50] Caused by:
>> org.apache.cxf.binding.soap.SoapFault: 
>> com.ca.ucf.security.impl.PasswordCallbackHandler
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:793)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:329)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:95)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1590)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1488)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1307)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:354)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:385)[101:org.apache.cxf.bundle:2.7.1]
>>       ... 5 more
>> Caused by: org.apache.ws.security.WSSecurityException: 
>> com.ca.ucf.security.impl.PasswordCallbackHandler
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:638)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:621)[101:org.apache.cxf.bundle:2.7.1]
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:238)[101:org.apache.cxf.bundle:2.7.1]
>>       ... 21 more
>> Caused by: java.lang.ClassNotFoundException: 
>> com.ca.ucf.security.impl.PasswordCallbackHandler
>>       at 
>> org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:501)
>>       at 
>> org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:421)
>>       at 
>> org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:412)
>>       at 
>> org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107)
>>       at java.lang.ClassLoader.loadClass(Unknown Source)[:1.7.0_12-ea]
>>       at 
>> org.apache.cxf.common.classloader.ClassLoaderUtils.loadClass2(ClassLoaderUtils.java:287)
>>       at 
>> org.apache.cxf.common.classloader.ClassLoaderUtils.loadClass(ClassLoaderUtils.java:261)
>>       at 
>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:636)[101:org.apache.cxf.bundle:2.7.1]
>>       ... 23 more
>> 
>

RE: ClassNotFoundException for CallbackHandlers from WSS4JInInterceptor

Reply via email to