Hi
I'm new in Apache CXF. Try develop soap service with Apache cxf 3.3.3,
Spring Boot 2.1.7, java 11(Amazon Open JDK)
Service well work without basic authority. Need add security(basic auth+
https(its be a later))
Configure endpoind:
*
@Bean
public Endpoint endpointReferenceService(Bus bus, ReferenceServiceImpl
referenceService) {
EndpointImpl endpoint = new EndpointImpl(bus, referenceService);
Map<String,Object> inProps = new HashMap<String,Object>();
inProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN);
//inProps.put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_TEXT);
inProps.put(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_DIGEST);
inProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ServerPasswordCallback.class.getName());
WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
endpoint.getInInterceptors().add(wssIn);
endpoint.publish("/ReferenceService");
return endpoint;
}
*
Configure callback:
*
public class ServerPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<>();
public ServerPasswordCallback() {
passwords.put("soap", "123");
}
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
}*
client - SoapUI
1.png <http://cxf.547215.n5.nabble.com/file/t341863/1.png>
get error after run web service method:
*2019-10-25 12:24:24.662 WARN 5523 --- [http-nio-9090-exec-4]
o.a.c.w.s.wss4j.WSS4JInInterceptor : Security processing failed
(actions mismatch)
2019-10-25 12:24:24.663 WARN 5523 --- [http-nio-9090-exec-4]
o.a.cxf.phase.PhaseInterceptorChain : Interceptor for
{http://endpoint.mobilcard.ru/}ReferenceServiceImplService#{http://services.mobilcard.ru/}getGlobalReferenceList
has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: A security error was encountered when
verifying the message
at
org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:234)
~[cxf-rt-ws-security-3.3.3.jar:3.3.3]
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:376)
~[cxf-rt-ws-security-3.3.3.jar:3.3.3]
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:212)
~[cxf-rt-ws-security-3.3.3.jar:3.3.3]
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:92)
~[cxf-rt-ws-security-3.3.3.jar:3.3.3]
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
~[cxf-core-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
~[cxf-core-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)
~[cxf-rt-transports-http-3.3.3.jar:3.3.3]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
~[tomcat-embed-websocket-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:118)
~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[na:na]
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[na:na]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
~[tomcat-embed-core-9.0.22.jar:9.0.22]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error was
discovered processing the <wsse:Security> header
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:470)
~[cxf-rt-ws-security-3.3.3.jar:3.3.3]
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:358)
~[cxf-rt-ws-security-3.3.3.jar:3.3.3]
... 50 common frames omitted*
--
Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
