Hello again,
thanks for your answer.
Here is a sample project.
I think some configurations might be wrong, but I can't find out what needs to
be changed, in order to run this project properly.
I just started with web service development and I thought the UsernameToken +
password-example should be easy.
It would be nice if you could help me.
Thanks in advance.
Regards
Stephanie
Here is the sample code:
The service
package net.eads.astrium;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.xml.bind.annotation.XmlSeeAlso;
import javax.xml.namespace.QName;
import javax.xml.ws.RequestWrapper;
import javax.xml.ws.ResponseWrapper;
import org.apache.cxf.annotations.EndpointProperties;
import org.apache.cxf.annotations.EndpointProperty;
import javax.jws.soap.SOAPBinding;
import javax.jws.soap.SOAPBinding.*;
@WebService
@SOAPBinding(style=Style.DOCUMENT, use=Use.ENCODED)
@EndpointProperties(
{
@EndpointProperty(key = "action", value="UsernameToken"),
@EndpointProperty(key = "passwordType", value="PasswordText"),
})
@XmlSeeAlso({net.eads.astrium.types.ObjectFactory.class})
public interface CurrentTimeReadable {
public final static QName TimerPort = new
QName("http://localhost:8181/cxf/CurrentTimeReadableService";, "TimerPort");
@RequestWrapper(localName = "GetCurrentTimeReadable", className =
"net.eads.astrium.types.GetCurrentTimeReadable")
@ResponseWrapper(localName = "GetCurrentTimeReadableResponse", className =
"net.eads.astrium.types.GetCurrentTimeReadableResponse")
@WebMethod(operationName = "GetCurrentTimeReadable")
public void getCurrentTime(
@WebParam(mode = WebParam.Mode.OUT, name = "time")
javax.xml.ws.Holder<java.lang.String> ssn
);
}
The serviceImpl
package net.eads.astrium;
import java.text.DateFormat;
import java.util.Date;
import javax.jws.WebService;
import javax.xml.ws.Holder;
@WebService(serviceName = "CurrentTimeReadableService", endpointInterface =
"net.eads.astrium.CurrentTimeReadable")
public class CurrentTimeReadableImpl implements CurrentTimeReadable {
public void getCurrentTime(Holder<String> time)
{
time.value = DateFormat.getDateTimeInstance().format(new Date());
}
}
The server
package net.eads.astrium;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.ws.Endpoint;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxws.EndpointImpl;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
public class Server {
protected Server() throws Exception {
System.out.println("Starting Server");
Object implementor = new CurrentTimeReadableImpl();
String address = "http://localhost:8181/cxf/CurrentTimeReadableService";;
EndpointImpl impl = (EndpointImpl)Endpoint.publish(address,
implementor);
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put("action", "UsernameToken Timestamp");
outProps.put("passwordType", "PasswordText");
outProps.put("user", "Alice");
outProps.put("passwordCallbackClass",
"net.eads.astrium.UTPasswordCallback");
impl.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
Map<String, Object> inProps = new HashMap<String, Object>();
inProps.put("action", "UsernameToken Timestamp");
inProps.put("passwordType", "PasswordDigest");
inProps.put("passwordCallbackClass",
"net.eads.astrium.UTPasswordCallback");
impl.getInInterceptors().add(new WSS4JInInterceptor(inProps));
}
public static void main(String args[]) throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = Server.class.getResource("/wssec.xml");
System.out.println("URL: " + busFile);
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
new Server();
System.out.println("Server ready...");
Thread.sleep(5 * 60 * 1000);
bus.shutdown(true);
System.out.println("Server exiting");
System.exit(0);
}
}
The PasswordCallback (same for Client and server)
package net.eads.astrium;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
/**
*/
public class UTPasswordCallback implements CallbackHandler {
private Map<String, String> passwords =
new HashMap<String, String>();
public UTPasswordCallback() {
passwords.put("Alice", "ecilA");
passwords.put("abcd", "dcba");
}
/**
* Here, we attempt to get the password from the private
* alias/passwords map.
*/
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
/**
* Add an alias/password pair to the callback mechanism.
*/
public void setAliasPassword(String alias, String password) {
passwords.put(alias, password);
}
}
The client
package net.eads.astrium.client;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import net.eads.astrium.CurrentTimeReadable;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.frontend.ClientProxy;
public class Client {
public static void main(String args[]) throws Exception {
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(CurrentTimeReadable.class);
if (args != null && args.length > 0 && !"".equals(args[0])) {
factory.setAddress(args[0]);
} else {
factory.setAddress("http://localhost:8181/cxf/CurrentTimeReadableService";);
}
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put("action", "UsernameToken Timestamp");
outProps.put("passwordType", "PasswordDigest");
outProps.put("user", "abcd");
outProps.put("passwordCallbackClass",
"net.eads.astrium.client.UTPasswordCallback");
Map<String, Object> inProps = new HashMap<String, Object>();
inProps.put("action", "UsernameToken Timestamp");
inProps.put("passwordType", "PasswordText");
inProps.put("passwordCallbackClass",
"net.eads.astrium.client.UTPasswordCallback");
CurrentTimeReadable client = (CurrentTimeReadable) factory.create();
ClientProxy.getClient(client).getInInterceptors().add(new
WSS4JInInterceptor(inProps));
ClientProxy.getClient(client).getOutInterceptors().add(new
WSS4JOutInterceptor(outProps));
System.out.println("Invoking getCurrentTime...");
javax.xml.ws.Holder<java.lang.String> _getCurrentTime_time = new
javax.xml.ws.Holder<java.lang.String>();
client.getCurrentTime(_getCurrentTime_time);
System.out.println("the current time from "+factory.getAddress()+"=" +
_getCurrentTime_time.value);
}
}
META_Inf/sping/beans.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- Generated by Apache ServiceMix Archetype -->
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:jaxws="http://cxf.apache.org/jaxws";
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://www.springframework.org/schema/osgi
http://www.springframework.org/schema/osgi/spring-osgi.xsd";>
<!-- <bean id="UsernameCallback"
class="net.eads.astrium.test.ClientPasswordCallback"/> -->
<jaxws:endpoint id="HTTPEndpoint"
implementor="net.eads.astrium.CurrentTimeReadableImpl"
address="/CurrentTimeReadableService">
</jaxws:endpoint>
</beans>
Pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
<!-- Generated by Apache ServiceMix Archetype -->
<modelVersion>4.0.0</modelVersion>
<groupId>net.eads.astrium</groupId>
<artifactId>cxf-basic-currenttimereadable</artifactId>
<packaging>bundle</packaging>
<version>1.1-SNAPSHOT</version>
<name>Apache ServiceMix :: CXF Current Time Readable OSGi Bundle #1.1</name>
<dependencies>
<dependency>
<groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-ws-metadata_2.0_spec</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-jaxws_2.2_spec</artifactId>
<version>1.0</version>
</dependency>
<!-- Needed for Client -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>2.6.0</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>2.6.0</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>3.0.0</version>
</dependency>
</dependencies>
<build>
<defaultGoal>install</defaultGoal>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.0.2</version>
<configuration>
<source>1.5</source>
<target>1.5</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<version>2.4.3</version>
<configuration>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>2.3.6</version>
<extensions>true</extensions>
<configuration>
<instructions>
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
<Import-Package>
javax.jws,
javax.wsdl,
javax.xml.bind,
javax.xml.bind.annotation,
javax.xml.namespace,
javax.xml.ws,
META-INF.cxf,
META-INF.cxf.osgi,
org.apache.cxf.bus,
org.apache.cxf.bus.spring,
org.apache.cxf.bus.resource,
org.apache.cxf.configuration.spring,
org.apache.cxf.resource,
org.apache.cxf.jaxws,
org.apache.cxf.transport.http,
org.springframework.beans.factory.config
</Import-Package>
<Private-Package>
!net.eads.astrium.client,
net.eads.astrium,
net.eads.astrium.types
</Private-Package>
<Require-Bundle>org.apache.cxf.bundle</Require-Bundle>
<DynamicImport-Package>*</DynamicImport-Package>
</instructions>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>client</id>
<build>
<defaultGoal>test</defaultGoal>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<executions>
<execution>
<phase>test</phase>
<goals>
<goal>java</goal>
</goals>
<configuration>
<mainClass>net.eads.astrium.client.CurrentTimeClient</mainClass>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
Von: Stephanie Dammann
Gesendet: Montag, 23. Juni 2014 16:03
An: '[email protected]'
Betreff: WS-Security
Hello there,
I am trying to build an Java-First Web Service with WS-Security (UsernameToken
+ Password).
I have found the CXF sample ws_security/ut and I wanted to use this example to
extend my own Web Service.
I have build the Client with the WSS4Jin- and OutInterceptor and so on, but it
isn't working.
I have got this exception Exception in thread "main"
javax.xml.ws.soap.SOAPFaultException: MustUnderstand headers:
[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
are not understood.
I can't find out what I need to do. I have included the
cxf-rt-ws-security-dependency in the pom.xml and I have imported the library.
Could you please help me?
Thanks in advance.
Regards
Stephanie
