saravanan.t wrote:
Ok, thanks, I will use 3.3 example client to test the service on SMX4.
My understanding about the wss4j interceptor is that it does include
SAAJInInterceptor implicitly, in the version included in SMX4. correct me if
i am wrong.
I just check the cxf code, yeah, after cxf 2.1, the SAAJInInterceptor is
added by WSS4JInInterceptor, so you needn't add it explicitly. Sorry, my
fault.
Another question I had is why I needed to copy the bundle version of the
saaj impl while the lib version is already included in the SA/SU packaging.
Because SMX4 is osgi cantainer, all libs should be installed as osgi
bundle, so that the class is available in osgi env.
Thanks!
Freeman Fang wrote:
Some more questions
May I ask how would you know the request message is correct one? Do you
ever test it in SMX 3.x?
If not, what I can suggest here first is
write your testcase based on cxf-ws-security demo shipped with FUSE
ESB(which is based on Apache Servicemix, you can find the latest
releasedkit from [1])
write a java client which can work with SAs you deployed in SMX3, like
we do in cxf-ws-security, and dump the onwire soap request message, so
that you know the request message is correct.
Ensure the testcase working in SMX3 is a good start to porting it in SMX4
Btw, your testcase seems miss
org.apache.cxf.binding.soap.saaj.SAAJInInterceptor, which is necessary
when use ws-security
[1]http://repo.open.iona.com/maven2/org/apache/servicemix/apache-servicemix/3.3.1.17-fuse/
Thanks
Freeman
saravanan.t wrote:
Please see attached. I have upated the readme file to reflect the changes
I
made, added the saaj-impl bundle.
Freeman Fang wrote:
Hi,
I assume your test is based on the cxf-ws-security demo from FUSE ESB
kit, right?
Would you please send your testcase(with a README) to me and I can do a
quick test.
Freeman
saravanan.t wrote:
This is my client request:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:typ="http://servicemix.apache.org/samples/wsdl-first/types";>
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<wsse:UsernameToken wsu:Id="UsernameToken-21566635"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsse:Username>smx</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>nLk0R9C8jmaHBMwFq74GuweJbQs=</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<typ:GetPerson>
<typ:personId>1</typ:personId>
</typ:GetPerson>
</soapenv:Body>
</soapenv:Envelope>
The password is the same as the one on users.properties file. Is this
correct?
I also noticed this:
java.lang.NoClassDefFoundError: org/opensaml/SAMLException
only on the console!
I also realised that wss4j bundle imports org.opensaml optionally. Do i
need
this saml bundle..? I cannot seem to find that bundle from smx repo
though.
Freeman Fang wrote:
The error shows client request can't be authenticated correctly.
How you send client request?
saravanan.t wrote:
packaging the saaj.impl jar inside the cxf-bc su didn't help. when i
tried
copying the org.apache.servicemix.bundles.saaj-impl-1.3_1.jar bundle
into
the deploy folder, i got this fault:
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
<soap:Body>
<soap:Fault>
<faultcode
xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>ns1:InvalidSecurity</faultcode>
<faultstring>An error was discovered processing the
<wsse:Security> header</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
Freeman Fang wrote:
quick question:
Do you have saaj-impl bundle installed already?
Freeman
saravanan.t wrote:
Thanks for your quick response!
I did try adding the dependency on saaj in cxfbc-su pom like this:
<dependency>
<groupId>com.sun.xml</groupId>
<artifactId>saaj-impl</artifactId>
<version>1.3</version>
</dependency>
I could see the saaj-impl jar file in that su zip file.
But, i still seem to get the same error. is it with the version?
Freeman Fang wrote:
Hi,
Seems your consumer su miss saaj-impl dependency.
Freeman
saravanan.t wrote:
Hello,
I have been playing with SMX4 for few days now and I started
liking
it
already, as it nicely integrates the best 3 things: spring, osgi
&
JBI
(in
addition to Camel/AMQ/CXF and others).
Thanks to you guys for a great job!
The question I had is related to enabling ws-security to a
service
on
CXF.
To understand this, I thought it is good to take the shipped
cxf-wsdl-first
example and try to make it ws-security enabled by:
adding WSS4J interceptor on cxf-bc su:
<code>
<beans xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0";
xmlns:person="http://servicemix.apache.org/samples/wsdl-first";>
<cxfbc:consumer wsdl="classpath:person.wsdl"
targetService="person:PersonService"
targetInterface="person:Person">
<!-- WS-Security interceptors -->
<cxfbc:inInterceptors>
<ref bean="wss4jin"/>
</cxfbc:inInterceptors>
</cxfbc:consumer>
<bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"
id="wss4jin">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordDigest" />
<entry key="passwordCallbackClass"
value="org.apache.servicemix.samples.wsdl_first.ServerPasswordCallback"/>
</map>
</constructor-arg>
</bean>
</beans>
</code>
and then testing it on soap-ui client with:
<code>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:typ="http://servicemix.apache.org/samples/wsdl-first/types";>
<soapenv:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:UsernameToken
wsu:Id="UsernameToken-2956574"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsse:Username>smx</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>7vBUrC3FJYywtWp2S9t6RKgT0GQ=</wsse:Password><wsse:Nonce>XCTIgEZbX0l9qJQl2nXEkg==</wsse:Nonce><wsu:Created>2009-04-14T11:03:09.342Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header>
<soapenv:Body>
<typ:GetPerson>
<typ:personId>1</typ:personId>
</typ:GetPerson>
</soapenv:Body>
</soapenv:Envelope>
</code>
but the response is:
<code>
<faultcode>soap:Client</faultcode>
<faultstring>Problems creating SAAJ object
model</faultstring>
</code>
Any idea what i am missing...?
Thanks!
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
http://www.nabble.com/file/p23055692/cxf-wsdl-first.rar
cxf-wsdl-first.rar
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
