Geek Answers Handbook

Apache CXF - credentials not sent with WSS4JOutInterceptor?

I am trying to connect to a web service using WS-Security UsernameToken spec 1.0 using apache cxf 2.4.0.

I copied the code from CXF documents, but I get: org.apache.cxf.ws.policy.PolicyException: username is not available

MyService_Service ss = new MyService_Service(wsdlURL, SERVICE_NAME); MyService port = ss.getBasicHttpBindingMyService (); Client client = ClientProxy.getClient(port); Endpoint cxfEndpoint = client.getEndpoint(); Map<String,Object> outProps = new HashMap<String,Object>(); outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, "USERNAME"); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordHandler.class.getName()); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); cxfEndpoint.getOutInterceptors().add(wssOut);

I also implemented the ClientPasswordHandler class, again from the docs, but it looks like the username is never sent (according to the error). Here is the password handler:

 public class ClientPasswordHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; pc.setPassword("Password"); } }

Is there a way to see if a WSS4Jinterceptor is being applied and a UsernameToken is being sent?

+8
java web-services ws-security cxf
source share
3 answers

Are you getting a Client-side PolicyException? If so, that probably means that the WSDL you use has a WS-SecucurityPolicy snippet in it that describes the UsernameToken policy that it wants and expects. In this case, you should not configure the WSS4JOutInterceptor at all. The WS-Policy runtime will process it, and you just need to provide some properties that they might need.

Docs for SecurityPolicy material: http://cxf.apache.org/docs/ws-securitypolicy.html

You probably just need to use:

 Map ctx = ((BindingProvider)port).getRequestContext(); ctx.put("ws-security.username", "USERNAME"); ctx.put("ws-security.password", "Password");
+16
source share

When using the answer from Daniel, I got the following exception

 Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with http://.. at .apache.cxf.inorg.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1555) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1494) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1402) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:649) at orgterceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:535) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:465) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:368)

I used below and it started working

 Map ctx = ((BindingProvider) ssPort).getRequestContext(); ctx.put(BindingProvider.USERNAME_PROPERTY, "user"); ctx.put(BindingProvider.PASSWORD_PROPERTY, "pass"); ctx.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://c
0
source share

Thanks to Daniel, the complete working configuration for me is this:

  webServicePort = webService_service.getPort(WebService.class); Client client = ClientProxy.getClient(webServicePort); Endpoint cxfEndpoint = client.getEndpoint(); Map<String, Object> props = ((BindingProvider) webServicePort).getRequestContext(); props.put("ws-security.username", PravoRuConstants.USERNAME); props.put("ws-security.password", PravoRuConstants.PASSWORD); props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); props.put(WSHandlerConstants.USER, PravoRuConstants.USERNAME); props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); props.put(WSHandlerConstants.PW_CALLBACK_CLASS, PravoRuPasswordHandler.class.getName()); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(props); cxfEndpoint.getOutInterceptors().add(wssOut);
0
source share

More articles:


All Articles