I forgot to include the webservice2.xml file :
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:jaxws="http://cxf.apache.org/jaxws"; xmlns:cxf="http://cxf.apache.org/core"; xmlns:p="http://cxf.apache.org/policy"; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd "> <cxf:bus> <cxf:features> <p:policies/> <cxf:logging/> </cxf:features> </cxf:bus> <jaxws:client id="WorkListServiceProxyFactory" name="{http://services.brm.n2.tibco.com}WorkListService_EP"; serviceClass="com.tibco.n2.brm.services.WorkListService" address="http://192.168.2.212:8080/amxbpm/WorkListService";> <jaxws:properties> <entry key="ws-security.callback-handler" value="com.mansonthomas.amxbpm.customwebapp.services.amxbpm.security.PasswordCallbackHandler" /> </jaxws:properties> </jaxws:client> </beans> On Wed, Oct 2, 2013 at 12:37 PM, Thomas Manson <[email protected]>wrote: > Hi Colm, > > I can't make it work while I'm exactly in the configuration you're > suggesting (and that is in the example you gave me) and I don't get what I > miss : > > So in my spring bean, I initialize as suggested the WebService : > > > > ################################################################################### > public WorkListServiceImpl2( ContextService contextService) throws > Exception > { > this.contextService = contextService; > > SpringBusFactory bf = new SpringBusFactory(); > URL busFile = > this.contextService.getResource("/WEB-INF/spring/webservices2.xml"); > > Bus bus = bf.createBus(busFile.toString()); > SpringBusFactory.setDefaultBus(bus); > SpringBusFactory.setThreadDefaultBus(bus); > > URL wsdl = this.contextService.getResource("/wsdl/brm.wsdl"); > > Service service = Service.create(wsdl, new QName(" > http://services.brm.n2.tibco.com","WorkListService";)); > QName portQName = new QName("http://services.brm.n2.tibco.com";, > "WorkListService_EP"); > > this.workListService = service.getPort(portQName, WorkListService.class); > > } > > ################################################################################### > > I use afterPropertySet() of Spring to call the webservice right after > Spring init. > > > ################################################################################### > public List<WorkItemFwk> getWorkListItems(String username, > WorkListItemQuery workListItemQuery) > { > //... init this object : getWorkListItems > try > { > > ((BindingProvider)this.workListService).getRequestContext().put("thread.local.request.context", > "true"); > > ((BindingProvider)this.workListService).getRequestContext().put(SecurityConstants.USERNAME, > username); > > getWorkListItemsResponse = > this.workListService.getWorkListItems(getWorkListItems); > } > catch(Exception e) > { > logger.error("Error while getting worklistItems for > "+workListItemQuery.toString(),e); > } > > ################################################################################### > > And yet there's no SOAP header set in the request: > > > oct. 02, 2013 12:28:11 PM > org.apache.cxf.services.WorkListService.WorkListService_EP.WorkListService > INFO: Outbound Message > --------------------------- > ID: 1 > Address: http://192.168.2.212:8080/amxbpm/WorkListService > Encoding: UTF-8 > Http-Method: POST > Content-Type: text/xml > Headers: {Accept=[*/*], SOAPAction=["getWorkListItems"]} > Payload: <soap:Envelope xmlns:soap=" > http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><ns2:getWorkListItems > xmlns:ns2="http://api.brm.n2.tibco.com"; xmlns:ns3=" > http://exception.api.brm.n2.tibco.com"; xmlns:ns4=" > http://exception.api.common.n2.tibco.com"; xmlns:ns5=" > http://www.tibco.com/XPD/ScriptDescriptor/"; xmlns:ns6=" > http://exception.api.de.n2.tibco.com"; startPosition="0" > numberOfItems="10" getTotalCount="true"><entityID entity-type="RESOURCE" > guid="tibco-admin" > model-version="-1"/><orderFilterCriteria/></ns2:getWorkListItems></soap:Body></soap:Envelope> > -------------------------------------- > > So I get the following expection : > > javax.xml.ws.soap.SOAPFaultException: Authentication Failed. > AuthNSAML20Principal set in Subject is null or empty. > > > oct. 02, 2013 12:28:11 PM > org.apache.cxf.services.WorkListService.WorkListService_EP.WorkListService > INFO: Inbound Message > ---------------------------- > ID: 1 > Response-Code: 500 > Encoding: UTF-8 > Content-Type: text/xml; charset=utf-8 > Headers: {Content-Length=[605], content-type=[text/xml; charset=utf-8], > Date=[Wed, 02 Oct 2013 10:27:43 GMT], Expires=[Thu, 01 Jan 1970 00:00:00 > GMT], > Set-Cookie=[JSESSIONID=1houdu4luwh4caof40jy2d8x6;Path=/amxbpm;HttpOnly]} > Payload: <?xml version="1.0" encoding="UTF-8"?> > <SOAP-ENV:Envelope xmlns:SOAP-ENV=" > http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>SOAP-ENV:Server</faultcode><faultstring>Authentication > Failed. AuthNSAML20Principal set in Subject is null or > empty.</faultstring><faultactor>DefaultRole</faultactor><detail><tibco:myFaultDetail > xmlns:tibco="http://tibcouri/";>com.tibco.amf.spline.api.context.SplineMessagingException: > Authentication Failed. AuthNSAML20Principal set in Subject is null or empty. > > </tibco:myFaultDetail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope> > -------------------------------------- > > > > > Any idea before I jump through the window ? ;) > > Thanks, > Thomas. > > > > > On Thu, Sep 26, 2013 at 4:36 PM, Thomas Manson <[email protected] > > wrote: > >> Hi Colm, >> >> I know I'm probably exasperating you with my dumb questions, but I really >> need help... >> >> >> So reading the FAQ, I understand that we're thread safe if we use : >> >> ((BindingProvider)proxy).getRequestContext().put( >> "thread.local.request.context", "true"); >> >> before calling >> >> ((BindingProvider)*this*.workListService >> ).getRequestContext().put(SecurityConstants.*USERNAME*, "Alice"); >> >> Right ? >> >> >> With the JaxWSClient, I've tried to use >> >> >> ((BindingProvider)utPort).getRequestContext().put(SecurityConstants.USERNAME, >> "Alice"); >> >> and it didn't had any effect... (I was making subsequent call, and >> changing the username) >> >> The web service response was the same for the two user, while one should >> have replied an empty response. >> >> * try >> * { >> ((BindingProvider)*this*.workListService >> ).getRequestContext().put(SecurityConstants.*USERNAME*, username); >> getWorkListItemsResponse = *this*.workListService >> .getWorkListItems(getWorkListItems); >> } >> *catch*(Exception e) >> { >> *logger*.error("Error while getting worklistItems for " >> +workListItemQuery.toString()); >> } >> >> Did I miss somehting ? >> >> >> >> One other thing I did understand in the meantime, is that, by using >> >> JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); >> factory.setServiceClass(WorkListService.class); >> factory.setAddress(this.endpoint); >> // >> factory.setWsdlLocation("D:/ARTIC/SOURCE/artic/trunk/webapp/src/main/webapp/WSDL/brm.wsdl"); >> factory.setServiceName(new QName("http://services.brm.n2.tibco.com";, >> "WorkListService")); >> >> Or >> >> SpringBusFactory bf = new SpringBusFactory(); >> URL busFile = WorkListServiceImpl2.class.getResource("client.xml"); >> >> Bus bus = bf.createBus(busFile.toString()); >> SpringBusFactory.setDefaultBus(bus); >> SpringBusFactory.setThreadDefaultBus(bus); >> >> URL wsdl = WorkListServiceImpl2.class.getResource( >> "/Users/tmanson/Dropbox/crf/AMXBPM-2.1-WS-Client/src/main/resources/brm.wsdl" >> ); >> Service service = Service.create(wsdl, new QName(" >> http://api.brm.n2.tibco.com";, "WorkListService")); >> QName portQName = new QName("http://services.brm.n2.tibco.com";, >> "WorkListService_EP"); >> this.workListService = >> service.getPort(portQName, WorkListService.class); >> >> etc... >> >> we ask CXF to generate on the fly the WS Client, is it correct? >> >> >> Now I've already generated a client (with CXF/Ant), which I want to >> invoke instead with this code : >> >> WorkListService_Service proxy = *new* WorkListService_Service(*new* URL(" >> http://localhost:8080/amxbpm-web/wsdl/brm.wsdl";), >> *new* QName("http://services.brm.n2.tibco.com","WorkListService"; >> )); >> *this*.workListService = proxy.getPort( *new* QName(" >> http://services.brm.n2.tibco.com";, "WorkListService_EP"), >> WorkListService.*class*); >> >> I wonder how it can be used in conjonction with this code, and How >> should I handle the authentication part...: >> >> SpringBusFactory bf = *new* SpringBusFactory(); >> URL busFile = WorkListServiceImpl2.*class*.getResource("client.xml"); >> Bus bus = bf.createBus(busFile.toString()); >> SpringBusFactory.*setDefaultBus*(bus); >> SpringBusFactory.*setThreadDefaultBus*(bus); >> >> >> I still dont get what file should I put instead of client.xml as I'm >> already in a spring context, should I specify the file where I define my >> bean already ? >> it's quite confusing... >> >> >> Thomas. >> >> >> On Wed, Sep 25, 2013 at 3:36 PM, Colm O hEigeartaigh <[email protected] >> > wrote: >> >>> > Is it thread safe ? >>> >>> http://cxf.apache.org/faq.html#FAQ-AreJAXWSclientproxiesthreadsafe%3F >>> >>> All you need is a JAX-WS client proxy, how you obtain one or set up your >>> project is up to you... >>> >>> Colm. >>> >>> >>> On Tue, Sep 24, 2013 at 2:07 PM, Thomas Manson >>> <[email protected]>wrote: >>> >>> > Hi Colm, >>> > >>> > I'm starting to understand that it's another way to configure the >>> client. >>> > >>> > I've two questions : >>> > >>> > - Is it thread safe ? >>> > I guess that it is as I see that the ServiceBus specify a Thread. >>> > In a J2EE context, should I specify something else than >>> > SpringBusFactory.setThreadDefaultBus(bus); ? >>> > >>> > >>> > - I'm a bit puzzled by the configuration: >>> > >>> > >>> > SpringBusFactory bf = new SpringBusFactory(); >>> > URL busFile = UsernameTokenTest.class.getResource("client/client.xml"); >>> > >>> > >>> > This code load a Spring configuration file, while I already have mine + >>> > the client.xml configuration has some cxf:bus definition (is it the >>> same >>> > thing ? SringBusFactory & cxf:bus ?). >>> > >>> > So I wonder I can't just use this code in an existing spring context, >>> How >>> > should I transpose this within an existing spring context? >>> > >>> > >>> > How I think it would work is : >>> > >>> > >>> > - Use your way to setup SpringBus and the Client >>> > - Have a Spring class X that has the WS Client as dependency >>> > - X implement each method of the WS(+some additional business logic) >>> > and set the username dynamically <= I still don't know how to do >>> this... >>> > >>> > Is it the correct way ? >>> > >>> > Thomas. >>> > >>> > Here is my current work in progress spring file >>> > >>> > <beans xmlns="http://www.springframework.org/schema/beans"; >>> > >>> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:cxf=" >>> > http://cxf.apache.org/core"; >>> > xsi:schemaLocation=" >>> > http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd >>> > http://www.springframework.org/schema/beans >>> > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";> >>> > >>> > >>> > <cxf:bus> >>> > <cxf:features> >>> > <cxf:logging /> >>> > </cxf:features> >>> > </cxf:bus> >>> > >>> > >>> > >>> > <!-- >>> > >>> /Users/tmanson/Dropbox/crf/AMXBPM-2.1-WS-Client/src/main/resources/de.wsdl >>> > --> >>> > <jaxws:client >>> > name="{http://services.brm.n2.tibco.com >>> }EntityResolverService" >>> > >>> > >>> wsdlLocation="/Users/tmanson/Dropbox/crf/AMXBPM-2.1-WS-Client/src/main/resources/de.wsdl" >>> > serviceClass="com.tibco.n2.de.services.EntityResolverService" >>> > address=" >>> http://192.168.2.202:8080/amxbpm/EntityResolverService"; >>> > createdFromAPI="true"> >>> > <jaxws:properties> >>> > <entry key="ws-security.callback-handler" >>> > >>> > >>> >>> value="com.mansonthomas.amxbpm.customwebapp.services.amxbpm.security.PasswordCallbackHandler" >>> > /> >>> > </jaxws:properties> >>> > </jaxws:client> >>> > >>> > </beans> >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > On Tue, Sep 24, 2013 at 11:41 AM, Colm O hEigeartaigh < >>> [email protected] >>> > > wrote: >>> > >>> >> Look at the last test here: >>> >> >>> >> >>> >> >>> http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/ut/UsernameTokenTest.java?view=markup >>> >> >>> >> >>> >> >>> ((BindingProvider)utPort).getRequestContext().put(SecurityConstants.USERNAME, >>> >> "Alice"); >>> >> >>> >> Colm. >>> >> >>> >> >>> >> On Tue, Sep 24, 2013 at 10:33 AM, Thomas Manson >>> >> <[email protected]>wrote: >>> >> >>> >> > Hi Colm, >>> >> > >>> >> > I'm back working on this subject (was on pause as I was working >>> for >>> >> other >>> >> > clients) >>> >> > >>> >> > I've checked out the SVN repo you gave me, and I've looked >>> through the >>> >> > samples configurations (client.xml) and I can't find anything >>> >> appropriate. >>> >> > >>> >> > In the UT (Username Token I guess), the username is always >>> provided in >>> >> the >>> >> > configuration file. >>> >> > The saml/x509 configuration still refers to Alice.properties... >>> >> > >>> >> > >>> >> > In my case, the username shouldn't appear in the configuration >>> files, >>> >> as >>> >> > I need to use the J2EE Principal as login, and call the webservice >>> to >>> >> > authenticate the user. >>> >> > >>> >> > Could you point me to the right direction ? >>> >> > >>> >> > Thomas. >>> >> > >>> >> > >>> >> > >>> >> > >>> >> > >>> >> > On Sat, Jul 13, 2013 at 1:45 AM, Thomas Manson >>> >> > <[email protected]>wrote: >>> >> > >>> >> > > Thanks, it will surely help a lot :) >>> >> > > >>> >> > > Thomas. >>> >> > > >>> >> > > >>> >> > > On Fri, Jul 12, 2013 at 6:05 PM, Colm O hEigeartaigh < >>> >> > [email protected]>wrote: >>> >> > > >>> >> > >> Please take a look at the tests here: >>> >> > >> >>> >> > >> >>> >> > >> >>> >> > >>> >> >>> http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/ws-security-examples/ >>> >> > >> >>> >> > >> Colm. >>> >> > >> >>> >> > >> >>> >> > >> On Fri, Jul 12, 2013 at 4:22 PM, Thomas Manson >>> >> > >> <[email protected]>wrote: >>> >> > >> >>> >> > >> > Do you have any other pointer that this page : >>> >> > >> > >>> >> > >> > cxf.apache.org/docs/ws-securitypolicy.html >>> >> > >> > >>> >> > >> > it's way to short for me as documentation to build something >>> that >>> >> > work. >>> >> > >> > When I read the properties described, I feel there's a mix >>> between >>> >> > >> server >>> >> > >> > side properties (which I'm not interested as I'm just >>> implementing >>> >> a >>> >> > >> > client)... + it starts with extra properties... where are the >>> basic >>> >> > >> ones? >>> >> > >> > >>> >> > >> > what would help is a full example of the code of a client. >>> >> > >> > >>> >> > >> > I'm quite lost ;) >>> >> > >> > >>> >> > >> > >>> >> > >> > >>> >> > >> > >>> >> > >> > On Fri, Jul 12, 2013 at 5:09 PM, Colm O hEigeartaigh < >>> >> > >> [email protected] >>> >> > >> > >wrote: >>> >> > >> > >>> >> > >> > > >>> >> > >> > > If you follow the WS-SecurityPolicy approach then it will >>> work, >>> >> as >>> >> > >> all of >>> >> > >> > > the configuration is taken from the context rather than a >>> >> properties >>> >> > >> Map. >>> >> > >> > > >>> >> > >> > > Colm. >>> >> > >> > > >>> >> > >> > > >>> >> > >> > > On Fri, Jul 12, 2013 at 4:01 PM, Thomas Manson < >>> >> > >> > [email protected] >>> >> > >> > > > wrote: >>> >> > >> > > >>> >> > >> > >> I already does what you say as follow, but it mean one >>> >> instance of >>> >> > >> the >>> >> > >> > >> client per user connected. >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> I've search quite some time dans didn't find a way to set >>> >> something >>> >> > >> like >>> >> > >> > >> the password callback handler. >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> JaxWsProxyFactoryBean factory = new >>> JaxWsProxyFactoryBean(); >>> >> > >> > >> >>> >> > >> > >> factory.setServiceClass(WorkListService.class); >>> >> > >> > >> >>> >> > >> > >> factory.setAddress(this.endpoint); >>> >> > >> > >> >>> >> > >> > >> // >>> >> > >> > >> >>> >> > >> > >>> >> > >> >>> >> > >>> >> >>> factory.setWsdlLocation("D:/ARTIC/SOURCE/artic/trunk/webapp/src/main/webapp/WSDL/brm.wsdl"); >>> >> > >> > >> >>> >> > >> > >> factory.setServiceName(new QName(" >>> >> > >> http://services.brm.n2.tibco.com >>> >> > >> > ", >>> >> > >> > >> "WorkListService")); >>> >> > >> > >> >>> >> > >> > >> WorkListService workListService = (WorkListService) >>> >> > >> > factory.create(); >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> Client client = >>> ClientProxy.getClient(workListService); >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> Map<String, Object> properties = new HashMap<String, >>> >> Object>(); >>> >> > >> > >> >>> >> > >> > >> properties.put(WSHandlerConstants.ACTION , >>> >> > >> > >> WSHandlerConstants.USERNAME_TOKEN); >>> >> > >> > >> >>> >> > >> > >> properties.put(WSHandlerConstants.USER , >>> >> > >> this.username); >>> >> > >> > >> >>> >> > >> > >> properties.put(WSHandlerConstants.PASSWORD_TYPE , >>> >> > WSConstants. >>> >> > >> > >> PW_TEXT);// "PasswordDigest" >>> >> > >> > >> >>> >> > >> > >> properties.put(WSHandlerConstants.PW_CALLBACK_REF , >>> >> > >> > newPasswordCallbackHandler( >>> >> > >> > >> this.username, password, "password")); >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> client.getOutInterceptors().add(new >>> >> > >> > WSS4JOutInterceptor(properties)); >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> On Fri, Jul 12, 2013 at 4:36 PM, Colm O hEigeartaigh < >>> >> > >> > [email protected] >>> >> > >> > >> > wrote: >>> >> > >> > >> >>> >> > >> > >>> ou could create a CXF interceptor that sets the username >>> on the >>> >> > fly, >>> >> > >> > >>> before the WSS4JOutInterceptor is called. >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > >> >>> >> > >> > > >>> >> > >> > > >>> >> > >> > > -- >>> >> > >> > > Colm O hEigeartaigh >>> >> > >> > > >>> >> > >> > > Talend Community Coder >>> >> > >> > > http://coders.talend.com >>> >> > >> > > >>> >> > >> > >>> >> > >> >>> >> > >> >>> >> > >> >>> >> > >> -- >>> >> > >> Colm O hEigeartaigh >>> >> > >> >>> >> > >> Talend Community Coder >>> >> > >> http://coders.talend.com >>> >> > >> >>> >> > > >>> >> > > >>> >> > >>> >> >>> >> >>> >> >>> >> -- >>> >> Colm O hEigeartaigh >>> >> >>> >> Talend Community Coder >>> >> http://coders.talend.com >>> >> >>> > >>> > >>> >>> >>> -- >>> Colm O hEigeartaigh >>> >>> Talend Community Coder >>> http://coders.talend.com >>> >> >> >
