I am good now. Thanks a lot for quick response. Regards Raman
-----Original Message----- From: Freeman Fang [mailto:[email protected]] Sent: Tuesday, January 08, 2013 12:13 PM To: [email protected] Subject: Re: ClassNotFoundException for CallbackHandlers from WSS4JInInterceptor Hi, Change serviceProperties.put("ws-security.callback-handler", PasswordCallbackHandler.class.getName()); to serviceProperties.put("ws-security.callback-handler", new PasswordCallbackHandler()); As I said, pass in a instance reference, but not a classname string. With a instance reference, the PasswordCallbackHandler get loaded in your own customer bundle(Your customer bundle class loader is aware of this class so can load it successfully). With classname string, the PasswordCallbackHandler will try to get loaded in CXF code with Class.forName(), but CXF bundle class loader doesn't know your PasswordCallbackHandler, that's why you run into such exception. Hope this helps ------------- Freeman(Yue) Fang Red Hat, Inc. FuseSource is now part of Red Hat Web: http://fusesource.com | http://www.redhat.com/ Twitter: freemanfang Blog: http://freemanfang.blogspot.com http://blog.sina.com.cn/u/1473905042 weibo: @Freeman小屋 On 2013-1-8, at 下午2:30, Malisetti, Ramanjaneyulu wrote: > Hi Freeman, > > We start JAX-WS service like below and provide callback > details using setProperties() on JaxWsServerFactoryBean. How can we modify > this to pass callback handler ref? > > String endpointURL = getEndpointURL(serviceURL); > factory = new JaxWsServerFactoryBean(); > factory.setAddress(endpointURL); > factory.setServiceBean(this); > factory.setProperties(getSecurityProperties()); > > > > public Map<String, Object> getSecurityProperties() { > Map<String, Object> serviceProperties = new HashMap<String, Object>(); > String serviceUrl = > serviceData.getProperties().getProperty(ServiceData.SERVICE_URI); > if (serviceUrl.toLowerCase().startsWith("https")) { > serviceProperties.put("ws-security.callback-handler", > PasswordCallbackHandler.class.getName()); > serviceProperties.put("ws-security.validate.token", "false"); > serviceProperties.put("ws-security.ut.no-callbacks", "true"); > serviceProperties.put("ws-security.ut.validator", > CustomUTValidator.class.getName()); > } > return serviceProperties; > } > > Thank you > > Regards > Raman > > -----Original Message----- > From: Freeman Fang [mailto:[email protected]] > Sent: Monday, January 07, 2013 10:49 AM > To: [email protected] > Subject: Re: ClassNotFoundException for CallbackHandlers from > WSS4JInInterceptor > > Hi, > > I assume the class com.ca.ucf.security.impl.PasswordCallbackHandler is > already in your customer bundle, right? > > If so, another place you need be careful in OSGi container is that, > don't use <entry key="passwordCallbackClass" > value="com.ca.ucf.security.impl.PasswordCallbackHandler"/> to > configure your org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor > Using something like > > <bean id="myPasswordCallback" > class="com.ca.ucf.security.impl.PasswordCallbackHandler"/> > > and then in the WSS4JInInterceptor configuration, using > <entry key="passwordCallbackRef"> > <ref bean="myPasswordCallback"/> > </entry> > instead, this way, you pass a bean instance reference into WSS4JInInterceptor > but not a String classname(which avoid the Class.forName(classname) under the > hood), as the Class.forName(classname) thing doesn't work well in OSGi > container. > > > Freeman > ------------- > Freeman(Yue) Fang > > Red Hat, Inc. > FuseSource is now part of Red Hat > Web: http://fusesource.com | http://www.redhat.com/ > Twitter: freemanfang > Blog: http://freemanfang.blogspot.com > http://blog.sina.com.cn/u/1473905042 > weibo: @Freeman小屋 > > On 2013-1-7, at 下午12:43, Malisetti, Ramanjaneyulu wrote: > >> We are using Apache Karaf which has eclipse equinox as default OSGi >> implementation. >> >> >> Manifest-Version: 1.0 >> Bundle-ManifestVersion: 2 >> Bundle-Name: RemoteLayer >> Bundle-SymbolicName: com.ca.bind >> Main-Class: com.ca.bind.BindingManagerTest >> Bundle-Version: 3.3.0.50 >> Bundle-Vendor: CA >> Import-Package: >> commonj.sdo, >> commonj.sdo.helper, >> javax.activation, >> javax.annotation, >> javax.jms, >> javax.jws, >> javax.jws.soap, >> javax.mail, >> javax.mail.event, >> javax.mail.internet, >> javax.mail.search, >> javax.mail.util, >> javax.servlet;version="2.5.0", >> javax.servlet.http;version="2.5.0", >> javax.servlet.resources;version="2.5.0", >> javax.ws.rs, >> javax.ws.rs.core, >> org.aopalliance.aop, >> org.aopalliance.intercept, >> org.apache.commons.codec.binary, >> org.apache.commons.collections, >> org.apache.commons.collections.bag, >> org.apache.commons.collections.bidimap, >> org.apache.commons.collections.buffer, >> org.apache.commons.collections.collection, >> org.apache.commons.collections.comparators, >> org.apache.commons.collections.functors, >> org.apache.commons.collections.iterators, >> org.apache.commons.collections.keyvalue, >> org.apache.commons.collections.list, >> org.apache.commons.collections.map, >> org.apache.commons.collections.set, >> org.apache.commons.httpclient, >> org.apache.commons.httpclient.auth, >> org.apache.commons.httpclient.methods, >> org.apache.commons.httpclient.params, >> org.apache.commons.lang, >> org.apache.commons.lang.builder, >> org.apache.commons.lang.enum, >> org.apache.commons.lang.enums, >> org.apache.commons.lang.exception, >> org.apache.commons.lang.math, >> org.apache.commons.lang.mutable, >> org.apache.commons.lang.reflect, >> org.apache.commons.lang.text, >> org.apache.commons.lang.time, >> org.apache.commons.logging, >> org.apache.cxf;version="[2.5,3.0]", >> org.apache.cxf.binding;version="[2.5,3.0]", >> org.apache.cxf.binding.soap;version="[2.5,3.0]", >> org.apache.cxf.binding.soap.interceptor;version="[2.5,3.0]", >> org.apache.cxf.bus.spring;version="[2.5,3.0]", >> org.apache.cxf.common.util;version="[2.5,3.0]", >> org.apache.cxf.configuration.jsse;version="[2.5,3.0]", >> org.apache.cxf.configuration.security;version="[2.5,3.0]", >> org.apache.cxf.endpoint;version="[2.5,3.0]", >> org.apache.cxf.headers;version="[2.5,3.0]", >> org.apache.cxf.helpers;version="[2.5,3.0]", >> org.apache.cxf.interceptor;version="[2.5,3.0]", >> org.apache.cxf.jaxrs;version="[2.5,3.0]", >> org.apache.cxf.jaxrs.ext.multipart;version="[2.5,3.0]", >> org.apache.cxf.jaxrs.impl;version="[2.5,3.0]", >> org.apache.cxf.jaxws;version="[2.5,3.0]", >> org.apache.cxf.message;version="[2.5,3.0]", >> org.apache.cxf.transport;version="[2.5,3.0]", >> org.apache.cxf.transport.http;version="[2.5,3.0]", >> org.apache.cxf.transport.http_jetty;version="[2.5,3.0]", >> org.apache.cxf.transports.http.configuration;version="[2.5,3.0]", >> org.apache.cxf.ws.addressing;version="[2.5,3.0]", >> org.apache.cxf.wsdl;version="[2.5,3.0]", >> org.apache.http, >> org.apache.http.client.methods, >> org.apache.http.impl.client, >> org.apache.log4j;provider=paxlogging;version="[1.2,2.0)", >> org.apache.ws.security, >> org.apache.ws.security.handler, >> org.apache.ws.security.message.token, >> org.apache.ws.security.validate, >> org.joda.time, >> org.joda.time.format, >> org.osgi.framework, >> org.osgi.service.event, >> org.slf4j;provider=paxlogging;version="[1.6.1,1.7)", >> org.slf4j.helpers;provider=paxlogging;version="[1.6.1,1.7)", >> org.slf4j.spi;provider=paxlogging;version="[1.6.1,1.7)" >> Bundle-Blueprint: OSGI-INF/remote.xml >> Bundle-ClassPath: ., >> lib/core4j.jar, >> lib/odata4j-core.jar, >> lib/activemq-all-5.7.0.jar >> Export-Package: >> org.odata4j.expression >> Require-Bundle: org.springframework.aop;bundle-version="3.0.7", >> org.springframework.asm;bundle-version="3.0.7", >> org.springframework.beans;bundle-version="3.0.7", >> org.springframework.context;bundle-version="3.0.7", >> org.springframework.core;bundle-version="3.0.7", >> org.springframework.expression;bundle-version="3.0.7", >> org.springframework.jms;bundle-version="3.0.7", >> org.springframework.transaction;bundle-version="3.0.7", >> com.springsource.org.aopalliance;bundle-version="1.0.0" >> >> >> Regards >> Raman >> >> -----Original Message----- >> From: Freeman Fang [mailto:[email protected]] >> Sent: Monday, January 07, 2013 6:35 AM >> To: [email protected] >> Subject: Re: ClassNotFoundException for CallbackHandlers from >> WSS4JInInterceptor >> >> Hi, >> >> What's the OSGi container you're using? >> How your customer bundle OSGi metadata header looks like? >> ------------- >> Freeman(Yue) Fang >> >> Red Hat, Inc. >> FuseSource is now part of Red Hat >> Web: http://fusesource.com | http://www.redhat.com/ >> Twitter: freemanfang >> Blog: http://freemanfang.blogspot.com >> http://blog.sina.com.cn/u/1473905042 >> weibo: @Freeman小屋 >> >> On 2013-1-7, at 上午12:37, Malisetti, Ramanjaneyulu wrote: >> >>> Hi, >>> In OSGi env we are getting the following exception. How can we make >>> WSS4JInInterceptor find our callback handler? We are using CXF 2.7.1. >>> >>> 2013-01-06 11:21:21,238 ERROR [Thread] client.WSModuleProxy >>> -118-com.ca.ucf.core.bind-3.3.0.50 - >>> com.ca.ucf.security.impl.PasswordCallbackHandler. >>> javax.xml.ws.soap.SOAPFaultException: >>> com.ca.ucf.security.impl.PasswordCallbackHandler >>> at >>> org.apache.cxf.jaxws.DispatchImpl.mapException(DispatchImpl.java:287)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:392)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> com.ca.ucf.remote.ws.SOAPHelper.proxyInvoke(SOAPHelper.java:257)[118: >>> c om.ca.ucf.core.bind:3.3.0.50] Caused by: >>> org.apache.cxf.binding.soap.SoapFault: >>> com.ca.ucf.security.impl.PasswordCallbackHandler >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:793)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:329)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:95)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1590)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1488)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1307)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:354)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:385)[101:org.apache.cxf.bundle:2.7.1] >>> ... 5 more >>> Caused by: org.apache.ws.security.WSSecurityException: >>> com.ca.ucf.security.impl.PasswordCallbackHandler >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:638)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:621)[101:org.apache.cxf.bundle:2.7.1] >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:238)[101:org.apache.cxf.bundle:2.7.1] >>> ... 21 more >>> Caused by: java.lang.ClassNotFoundException: >>> com.ca.ucf.security.impl.PasswordCallbackHandler >>> at >>> org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:501) >>> at >>> org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:421) >>> at >>> org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:412) >>> at >>> org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107) >>> at java.lang.ClassLoader.loadClass(Unknown Source)[:1.7.0_12-ea] >>> at >>> org.apache.cxf.common.classloader.ClassLoaderUtils.loadClass2(ClassLoaderUtils.java:287) >>> at >>> org.apache.cxf.common.classloader.ClassLoaderUtils.loadClass(ClassLoaderUtils.java:261) >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.getCallback(WSS4JInInterceptor.java:636)[101:org.apache.cxf.bundle:2.7.1] >>> ... 23 more >>> >> >
