Hi Giriraj, Not sure that version of CXF and WSS4J you use, but encrypting passwords in keystores is supported out of the box in WSS4J 2.0 and CXF 3.0.0. Follow Colm's blog for details: http://coheigea.blogspot.de/2014/02/apache-wss4j-200-part-iv.html
Regards, Andrei. > -----Original Message----- > From: Giriraj Bhojak [mailto:girira...@gmail.com] > Sent: Freitag, 25. April 2014 05:59 > To: users@cxf.apache.org; Colm O hEigeartaigh > Subject: Re: Issue extending the WSS4JOutInterceptor. > > It does. > The unit test works properly. > It's only when I integrate this into a web app, I start seeing issues. I am > not sure > why. All the spring dependencies are common between junit's classpath and > web app's classpath > > Andy, > I am currently trying the SignaturePropRefId option. I have written a class > that > does exactly what you mentioned. > I will let you know how it goes. I was more inclined to extend the interceptor > with future needs in mind. But I fell your approach is more clean and easy. > > Thank you so much Colm and Andy. > > Thanks, > Giriraj. > > > On Thu, Apr 24, 2014 at 6:34 PM, Colm O hEigeartaigh > <cohei...@apache.org>wrote: > > > Does your new interceptor have a constructor that takes a Map<String, > > Object>? I modified a system test to use a subclass of > > Object>WSS4JOutInterceptor > > which just had an empty constructor + a constructor with Map<String, > > Object> which called super in both cases, and it worked ok. > > > > Colm. > > > > > > On Thu, Apr 24, 2014 at 7:35 PM, Giriraj Bhojak <girira...@gmail.com> > > wrote: > > > > > Here is the working config: > > > > > > <beans xmlns="http://www.springframework.org/schema/beans"; > > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:jaxws=" > > > http://cxf.apache.org/jaxws"; > > > xmlns:util="http://www.springframework.org/schema/util"; xmlns:cxf=" > > > http://cxf.apache.org/core"; > > > xsi:schemaLocation=" http://www.springframework.org/schema/beans > > > http://www.springframework.org/schema/beans/spring-beans.xsd > > > http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd > > > http://www.springframework.org/schema/util > > > http://www.springframework.org/schema/util/spring-util.xsd > > > http://cxf.apache.org/core > > > http://cxf.apache.org/schemas/core.xsd";> > > > > > > > > > <import resource="classpath:META-INF/cxf/cxf.xml" /> > > > <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> > > > > > > <import resource="classpath:META-INF/cxf/cxf.xml" /> > > > <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> > > > > > > <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" > > > id="outInterceptor" > > > > <constructor-arg> > > > <map> > > > <entry key="action" value="Timestamp Signature Encrypt" > > /> > > > <entry key="user" value="client" /> > > > <entry key="signaturePropFile" > > value="keystore.properties" > > > /> > > > <entry key="encryptionPropFile" > > value="keystore.properties" > > > /> > > > <entry key="encryptionUser" value="user" /> > > > <entry key="passwordCallbackClass" > > > value="PasswordCallback" /> > > > <entry key="signatureParts" > > > value="{Element}{ > > > > > > > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-uti > > lity-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envel > > ope/}Body > > > " > > > /> > > > <entry key="encryptionParts" > > > value="{Element}{ > > > > > > > > http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas. > > xmlsoap.org/soap/envelope/}Body > > > " > > > /> > > > <entry key="encryptionSymAlgorithm" value=" > > > http://www.w3.org/2001/04/xmlenc#aes128-cbc"; /> > > > <entry key="encryptionKeyTransportAlgorithm" value=" > > > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; /> > > > <entry key="signatureAlgorithm" value=" > > > http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > > > <entry key="isBSPCompliant" value="false" /> > > > </map> > > > </constructor-arg> > > > </bean> > > > > > > <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor" > > > id="ininterceptor"> > > > <constructor-arg> > > > <map> > > > <entry key="action" value="Timestamp Signature Encrypt" > > /> > > > <entry key="signaturePropFile" > > value="keystore.properties" > > > /> > > > <entry key="decryptionPropFile" > > value="keystore.properties" > > > /> > > > <entry key="passwordCallbackClass" > > > value="PasswordCallback" /> > > > <entry key="encryptionKeyTransportAlgorithm" value=" > > > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; /> > > > <entry key="signatureAlgorithm" value=" > > > http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > > > </map> > > > </constructor-arg> > > > </bean> > > > <bean id="logInbound" > > > class="org.apache.cxf.interceptor.LoggingInInterceptor"> > > > </bean> > > > <bean id="logOutbound" > > > class="org.apache.cxf.interceptor.LoggingOutInterceptor"> > > > </bean> > > > <cxf:bus> > > > <cxf:inInterceptors> > > > <ref bean="logInbound" /> > > > </cxf:inInterceptors> > > > <cxf:outInterceptors> > > > <ref bean="logOutbound" /> > > > </cxf:outInterceptors> > > > <cxf:outFaultInterceptors> > > > <ref bean="logOutbound" /> > > > </cxf:outFaultInterceptors> > > > <cxf:inFaultInterceptors> > > > <ref bean="logInbound" /> > > > </cxf:inFaultInterceptors> > > > </cxf:bus> > > > </beans> > > > > > > > > > The only change I made that led to error is using a different class > > > for > > the > > > bean with id 'outInterceptor'. > > > The new class simply extends > > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor and overrides > > > loadCrypto(String, String, RequestData) Basically I am trying to > > > extend Merlin implementation in order to use encrypted properties > > > for keystore. > > > When I start the application, I get classcast exceptions due to > > > classloader(that's what I believe). > > > So defining a new merlin implementation via keystore.properties does > > > not help. > > > Hence I have been trying to inject the new merlin impl by overriding > > > loadCrypto. > > > > > > Could you please help me figure out what's wrong? > > > > > > Thanks, > > > Giriraj. > > > > > > > > > On Thu, Apr 24, 2014 at 2:17 PM, Colm O hEigeartaigh < > > cohei...@apache.org > > > >wrote: > > > > > > > I don't quite follow. Could you paste your entire spring config please? > > > > > > > > Colm. > > > > > > > > > > > > On Thu, Apr 24, 2014 at 7:08 PM, Giriraj Bhojak > > > > <girira...@gmail.com> > > > > wrote: > > > > > > > > > Hello, > > > > > > > > > > I am running into a problem if I extend the > > > > > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor via spring > > beans. > > > > > > > > > > I have a bean definition defined as(haven't shown complete > > > > > <bean> > > > > > definition) : > > > > > <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" > > > > > id="interceptor" > > > > > > <constructor-arg> > > > > > <map> > > > > > <entry key="action" value="Encrypt" /> > > > > > ............................................................. > > > > > > > > > > I need to extend WSS4JOutInterceptor to provide some customized > > > behavior > > > > > for crypto properties. > > > > > But when I do that and use the new class in the above bean > > definition, > > > I > > > > > get following: > > > > > > > > > > java.lang.IllegalStateException: Cannot convert value of type > > > > > [NewOutInterceptor] to required type > > > > > [org.apache.cxf.interceptor.Interceptor] for property > > > > 'outInterceptors[0]': > > > > > no matching editors or conversion strategy found. > > > > > > > > > > I am on version 2.7.8 of cxf-rt-ws-security-2.7.8. > > > > > Could anyone please help me with it? > > > > > > > > > > Thanks, > > > > > Giriraj. > > > > > > > > > > > > > > > > > > > > > -- > > > > Colm O hEigeartaigh > > > > > > > > Talend Community Coder > > > > http://coders.talend.com > > > > > > > > > > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > >
