Hi Leonardo, You need an IssuedToken policy in the normal use-case. The other solution is to manually use STSClient to get a token from the STS and manually append it to the headers of the request.
Colm. On Thu, Jan 30, 2020 at 3:20 PM Leonardo Battagli <[email protected]> wrote: > Hi Colm, > > I tried the unit test you are referring then I added my operation/port > type/binding in the wsdl they are using (double.wsdl) and added a new > method to try it but the result is the same (output message body cames out > empty). > > One difference I can look at is the securityPolicy. > > Mine test contains 'usernameToken' > > <sp:SignedSupportingTokens xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";< > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>> > <wsp:Policy> > <sp:UsernameToken sp:IncludeToken=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > "< > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > >/> > </wsp:Policy> > </sp:SignedSupportingTokens> > > while the others contains a policy with the inner tag 'RSTTemplate' > > <sp:SignedEndorsingSupportingTokens xmlns:sp=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";< > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702>> > <wsp:Policy> > <sp:IssuedToken sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > "< > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > >> > <sp:RequestSecurityTokenTemplate> > <t:TokenType> > http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1 > </t:TokenType> > <t:KeyType> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType> > </sp:RequestSecurityTokenTemplate> > <wsp:Policy> > <sp:RequireInternalReference/> > </wsp:Policy> > </sp:IssuedToken> > </wsp:Policy> > </sp:SignedEndorsingSupportingTokens> > > could perhaps be this the cause of the null body ? > > Leonardo > > > On 29/01/2020 11:43, Colm O hEigeartaigh wrote: > > Hi Leonardo, > > Here is an example of a system test in CXF that uses the STSClient, rather > than configuring it in Spring, perhaps this might help you: > > > https://github.com/apache/cxf/blob/fc89f35c1f80863d8500eef359ba6259fac49e44/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java#L124 > > Colm. > > On Mon, Jan 20, 2020 at 4:27 PM Leonardo Battagli < > [email protected]><mailto:[email protected]> > wrote: > > > > Hi all, > > I am trying to use CXF with ws-trust and I am trying to use it with simple > java code without Spring. > > I have the policy configuration with sp:SignedSupportingTokens and > sp:UserNameToken but after settings property on the STSClient and putting > in the Bus I have is a empty body (</wsa:Action></soap:Header><*soap:Body* > /></soap:Envelope). > > Output message has been logged with LoggingInterceptor. > > The STS service I am sending it to is answering that RST is missing > (<env:Text xml:lang="en">The required element wst:RequestSecurityToken is > missing</env:Text>) > > I configured the STSClient on the bus and I set it with its property > (ws-security.sts.client) but how can I dig out why this STSClient does not > get called ? > > Is it possible to use CXF Ws-Trust support without Spring ? I can't > understand what is missing > > I am attaching URL of XValueSTS JunitTest. > > https://github.com/Leonets/XValueSTS.git > > GitHub project contains WSDL of the server, URI of the server is not > available because it is on a private VPN. > > Best Regards > > Leonardo > -- > > *Leonardo Battagli* > IT Solution > Direzione PAC/Sanità > [email protected]<mailto:[email protected]> > > *Engineering Ingegneria Informatica SpA* > Via Torre degli Agli, 48 - I- 50144 Firenze - ITALY > Tel. +39-055.4365454 > Interno 5454 > Mobile +39- > > www.eng.it<http://www.eng.it> > > [image: cid:[email protected]] > > Rispetta l'ambiente. Non stampare questa e-mail se non necessario. > Respect the environment. Please don't print this e-mail unless you really > need to. > > Le informazioni trasmesse sono destinate esclusivamente alla persona o > alla società in indirizzo e sono da intendersi confidenziali e riservate. > Ogni trasmissione, inoltro, diffusione o altro uso di queste informazioni a > persone o società differenti dal destinatario è proibita. Se ricevete > questa comunicazione per errore, contattate il mittente e cancellate le > informazioni da ogni computer. > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential and/or privileged > material. Any review, retransmission, dissemination or other use of, or > taking of any action in reliance upon, this information by persons or > entities other than the intended recipient is prohibited. If you received > this in error, please contact the sender and delete the material from any > computer. > > > > > >
