Remember the server-side configuration is a little bit different based
on whether you're using WS-SecurityPolicy (Policy statements in the
WSDL) or WSS4JIn/OutInterceptors:
http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile#UTCXF5 ;
make sure you have the right configuration commented / uncommented
depending on your setup.
HTH,
Glen
On 07/12/2013 10:39 AM, Colm O hEigeartaigh wrote:
Hi,
It is complaining about not finding a CallbackHandler on the service side.
I can't see anything wrong with the configuration. Could you create a
test-project so that I can take a look?
Colm.
On Wed, Jul 10, 2013 at 6:58 PM, tulika <[email protected]> wrote:
Hi Colm,
Please find the log below(at the end).
I have password callbacks at both client and web service server side as
explained in the tutorial.
Can you please tell me, whether it is complaining about callback handler
not
present at the client side or at the server side... also, it s complaining
about callback handler for username token?
My setup details :
I set up http ssl with basic authentication as per tutorial
(http://www.jroller.com/gmazza/entry/ssl_for_web_services) on basic
doubleIt
web service and then added ws-security as per
(http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile).
For adding ws security I used Netbeans as explained in
(http://www.jroller.com/gmazza/entry/metro_usernametoken_profile#MetroUT1
),
but I didn't add "ValidatorConfiguration" element in wsdl or
PlainTestPasswordValidator in CXF server(because the code present in this
class is specific to metro library). However I have http basic
authentication enabled on my web service.. So, could this be the cause of
this issue?? How can I provide usernameValidator in cxf?
<text from doubleit.wsdl having ws-security)
<sc:ValidatorConfiguration wspp:visibility="private">
<sc:Validator name="usernameValidator"
classname="service.PlainTextPasswordValidator"/>
</sc:ValidatorConfiguration>
Thanks,
Tulika
Please find the log below:
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
<soap:Header>
<Action
xmlns="http://www.w3.org/2005/08/addressing";>
http://www.example.org/contract/DoubleIt/DoubleItPortType/DoubleItRequest
</Action>
<MessageID
xmlns="http://www.w3.org/2005/08/addressing
">urn:uuid:3798aef3-027a-438f-b746-446633944a65</MessageID>
<To
xmlns="http://www.w3.org/2005/08/addressing";>
https://localhost:8443/CXFWebService/services/DoubleItPort</To>
<ReplyTo xmlns="http://www.w3.org/2005/08/addressing";>
<Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
</ReplyTo>
<wsse:Security
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="TS-1">
<wsu:Created>2013-07-10T09:16:56.277Z</wsu:Created>
<wsu:Expires>2013-07-10T09:21:56.277Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-2">
<wsse:Username>bob</wsse:Username>
<wsse:Password
Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
">trombone</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<ns2:DoubleIt
xmlns:ns2="http://www.example.org/schema/DoubleIt
"><numberToDouble>7</numberToDouble></ns2:DoubleIt>
</soap:Body>
</soap:Envelope>
--------------------------------------
Jul 10, 2013 2:46:56 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
handleMessage
WARNING:
org.apache.ws.security.WSSecurityException: General security error
(WSSecurityEngine: No password callback supplied)
at
org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:155)
at
org.apache.ws.security.validate.UsernameTokenValidator.verifyPlaintextPassword(UsernameTokenValidator.java:142)
at
org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:100)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:172)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:67)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:277)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:214)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:194)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:225)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:145)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:201)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:576)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:562)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:395)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:250)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:166)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Jul 10, 2013 2:46:56 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://www.example.org/contract/DoubleIt}DoubleItService has thrown
exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: General security error
(WSSecurityEngine: No password callback supplied)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:767)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:334)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:214)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:194)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:130)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:225)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:145)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:201)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:576)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:562)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:395)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:250)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:166)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.apache.ws.security.WSSecurityException: General security
error (WSSecurityEngine: No password callback supplied)
at
org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:155)
at
org.apache.ws.security.validate.UsernameTokenValidator.verifyPlaintextPassword(UsernameTokenValidator.java:142)
at
org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:100)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:172)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:67)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:277)
... 29 more
Jul 10, 2013 2:46:56 PM
org.apache.cxf.services.DoubleItService.DoubleItPort.DoubleItPortType
INFO: Outbound Message
---------------------------
ID: 4
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml
Headers: {}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
"><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>General
security error (WSSecurityEngine: No password callback
supplied)</faultstring></soap:Fault></soap:Body></soap:Envelope>
--------------------------------------
Jul 10, 2013 2:50:41 PM
org.apache.cxf.services.DoubleItService.DoubleItPort.DoubleItPortType
INFO: Inbound Message
----------------------------
ID: 5
Address: https://localhost:8443/CXFWebService/services/DoubleItPort?wsdl
Http-Method: GET
Content-Type: text/xml
Headers: {Accept=[*/*], Authorization=[Basic Ym9iOnRyb21ib25l],
cache-control=[no-cache], connection=[keep-alive], content-type=[text/xml],
host=[localhost:8443], pragma=[no-cache], user-agent=[Apache CXF 2.6.8]}
--------------------------------------
Jul 10, 2013 2:50:51 PM
org.apache.cxf.services.DoubleItService.DoubleItPort.DoubleItPortType
INFO: Inbound Message
----------------------------
ID: 6
Address: https://localhost:8443/CXFWebService/services/DoubleItPort
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml; charset=UTF-8
Headers: {Accept=[*/*], Authorization=[Basic Ym9iOnRyb21ib25l],
cache-control=[no-cache], connection=[keep-alive], Content-Length=[1373],
content-type=[text/xml; charset=UTF-8], host=[localhost:8443],
pragma=[no-cache], SOAPAction=[""], user-agent=[Apache CXF 2.6.8]}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
"><soap:Header><Action
xmlns="http://www.w3.org/2005/08/addressing";>
http://www.example.org/contract/DoubleIt/DoubleItPortType/DoubleItRequest
</Action><MessageID
xmlns="http://www.w3.org/2005/08/addressing
">urn:uuid:525b8206-fa5f-4da5-84f9-82efe8bc128a</MessageID><To
xmlns="http://www.w3.org/2005/08/addressing";>
https://localhost:8443/CXFWebService/services/DoubleItPort</To><ReplyTo
xmlns="http://www.w3.org/2005/08/addressing";><Address>
http://www.w3.org/2005/08/addressing/anonymous
</Address></ReplyTo><wsse:Security
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
soap:mustUnderstand="1"><wsu:Timestamp
wsu:Id="TS-1"><wsu:Created>2013-07-10T09:20:51.293Z</wsu:Created><wsu:Expires>2013-07-10T09:25:51.293Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken
wsu:Id="UsernameToken-2"><wsse:Username>bob</wsse:Username><wsse:Password
Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
">trombone</wsse:Password></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body><ns2:DoubleIt
xmlns:ns2="http://www.example.org/schema/DoubleIt
"><numberToDouble>7</numberToDouble></ns2:DoubleIt></soap:Body></soap:Envelope>
--------------------------------------
Jul 10, 2013 2:50:51 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
handleMessage
WARNING:
org.apache.ws.security.WSSecurityException: General security error
(WSSecurityEngine: No password callback supplied)
at
org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:155)
at
org.apache.ws.security.validate.UsernameTokenValidator.verifyPlaintextPassword(UsernameTokenValidator.java:142)
at
org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:100)
--
View this message in context:
http://cxf.547215.n5.nabble.com/UserName-token-security-on-CXF-General-security-error-WSSecurityEngine-No-password-callback-supplied-tp5730451p5730571.html
Sent from the cxf-user mailing list archive at Nabble.com.
