-
15. Re: WS-Security Newbie Question...
asoldano Jan 18, 2008 8:56 AM (in response to lafaserem)This is finally a core ws-security implementation exception. You should check the logs for the complete exception stacktrace (a WSSecurityException that is then converted to the CommonSOAPFaultException you get) or error, giving us hints about the problem. Generally speaking this is somehow related to the keystore/truststore configuration since in the try/catch block that might raise this exception, actual sign/encrypt is performed.
-
16. Re: WS-Security Newbie Question...
peterj Jan 18, 2008 11:52 AM (in response to lafaserem)The book JBoss in Action (http://www.manning.com/jamae/) contains a chapter on web services (chapter 9). (You have to sign up for MEAP to get access to that chapter.) In that chapter, I describe all of the steps necessary to set up WSSecurity for a web service and its client, including both encryption and signing. The section on signing uses both signing and encryption, but you can leave off the encryption part.
The example code in that chapter is complete, even the statements to build the keystores are provided. So it should have everything you need. (At some point, the source code for the book will also be posted. Not sure of the timing for that.) -
17. Re: WS-Security Newbie Question...
lafaserem Jan 21, 2008 9:18 AM (in response to lafaserem)Hi...
Peter, finally I bought it (through MEAP) :)
I'm gonna try to follow it..
Thanks you and Alessio... it's been great aid... If I have some new problems I hope you rescue me again hehe
;)
-----------------------
Jesús F. RodrÃguez-Aragón -
18. Re: WS-Security Newbie Question...
smjain Feb 11, 2008 12:15 AM (in response to lafaserem)Were you able to configure WS security by any chance..I tried a lot of options bu still couldnt get it working. Can you please share the steps as to how to create the client and server for WS Security.
Your help is needed urgently
Regards
Shashank -
19. Re: WS-Security Newbie Question...
peterj Feb 11, 2008 1:22 AM (in response to lafaserem)Did you get the book? The section on configuring WSSecurity is very detailed.
-
20. Re: WS-Security Newbie Question...
smjain Feb 11, 2008 2:42 AM (in response to lafaserem)Hi Peter,
I havent yet got the book.Dont have the fund right now..
May be if you can help me out only on this Web service security stuff ,it would be really helpful
Regards
Shashank -
21. Re: WS-Security Newbie Question...
smjain Feb 11, 2008 10:11 PM (in response to lafaserem)Hi,
I tried to purchase the EBook but it does not who up India as the country in the drop down.
Pls let me know how can i purchase it
Regards
Shashank -
22. Re: WS-Security Newbie Question...
smjain Feb 11, 2008 10:13 PM (in response to lafaserem)Also one more question is that do the examples in book work on JBoss4.2
Regards
Shashank -
23. Re: WS-Security Newbie Question...
peterj Feb 12, 2008 1:46 AM (in response to lafaserem)Contact Manning if you have problems purchasing the book. There should be a link somewhere on the Manning web site. And yes the examples work on 4.2 - that is all I had when I first came up with the examples. I do not recall changing anything to get the examples working on 5.0 beta3. But then it has been over a year since I initially put the examples together...
-
24. Re: WS-Security Newbie Question...
smjain Feb 12, 2008 2:31 AM (in response to lafaserem)Thx peter
-
25. Re: WS-Security Newbie Question...
smjain Feb 12, 2008 2:43 AM (in response to lafaserem)Hi Peter,
I purchased the book. I see this is a JAX-RPC kind of implementation. Mine is a JAX-WS style of web service and also I didnt get much information on how to configure a standalone client.Pls help on that
Regards
Shashank -
26. Re: WS-Security Newbie Question...
asoldano Feb 12, 2008 3:00 AM (in response to lafaserem)Here is another example using WS-Security too: http://jbws.dyndns.org/mediawiki/index.php?title=Security_and_attachments_sample
Source code is available through SVN only until we release the next JBossWS version. -
27. Re: WS-Security Newbie Question...
smjain Feb 12, 2008 8:34 AM (in response to lafaserem)Hi,
My client jar is configured like this
META-INF
jboss-wsse-client.xml
standard-jaxws-client.xml
com
test
Has all proxy classes generated by wsconsume tool
and
com
test
standalone
Has the java class for calling the web service through the port
All my files are configured properly and I am setting all jars required as per wsrunclient tool in the classpath. Still the client is not adding the <wsse-security tags as required by server. This is the error I get on server.Seems server is set up properly to accept the encryped data but client is unable to call the outbound handler...
This is the client messges I get
DEBUG [main] (JAXWSClientMetaDataBuilder.java:77) - START buildMetaData: [servic
e={http://org.jboss.ws/samples/wssecurity}SecureService]
DEBUG [main] (WSDLDefinitionsFactory.java:102) - parse: http://127.0.0.1:8080/Te
stSecure/SecureService?wsdl
DEBUG [main] (JAXWSClientMetaDataBuilder.java:103) - END buildMetaData:
UnifiedMetaData:
implementation: jbossws-native-2.0.3.GA (build=200801251318)
deploymentName: null
securityDomain: null
ServiceMetaData:
qname={http://org.jboss.ws/samples/wssecurity}SecureService
refName=null
wsdName=null
wsdlFile=null
wsdlLocation=http://127.0.0.1:8080/TestSecure/SecureService?wsdl
jaxrpcMapping=null
publishLocation=null
securityConfig=null
properties=null
TypesMetaData:
ClientEndpointMetaData:
type=JAXWS
qname={http://org.jboss.ws/samples/wssecurity}SecureServicePort
address=http://127.0.0.1:8080/TestSecure/SecureService
binding=http://schemas.xmlsoap.org/wsdl/soap/http
seiName=null
configFile=META-INF/standard-jaxws-client-config.xml
configName=Standard Client
authMethod=null
properties={}
OperationMetaData:
qname={http://org.jboss.ws/samples/wssecurity}getName
javaName={http://org.jboss.ws/samples/wssecurity}getName
style=rpc/literal
oneWay=false
soapAction=
DEBUG [main] (JAXWSClientMetaDataBuilder.java:277) - START: rebuildMetaData
DEBUG [main] (EndpointMetaData.java:311) - setParameterStyle: null
DEBUG [main] (JAXWSMetaDataBuilder.java:134) - processSOAPBinding on: com.hp.sec
urity.client.SecureService
DEBUG [main] (EndpointMetaData.java:311) - setParameterStyle: WRAPPED
DEBUG [main] (EndpointMetaData.java:708) - Create new config [name=Standard Clie
nt,file=META-INF/standard-jaxws-client-config.xml]
DEBUG [main] (JBossWSConfigFactory.java:125) - getConfig: [name=Standard Client,
url=META-INF/standard-jaxws-client-config.xml]
DEBUG [main] (JBossWSConfigFactory.java:71) - parse: jar:file:/C:/jboss_new/clie
nt/jbossws-client.jar!/META-INF/standard-jaxws-client-config.xml
DEBUG [main] (EndpointMetaData.java:763) - Configure EndpointMetaData
DEBUG [main] (EndpointMetaData.java:775) - Added 0 PRE handlers
DEBUG [main] (EndpointMetaData.java:776) - Added 0 ENDPOINT handlers
DEBUG [main] (EndpointMetaData.java:777) - Added 0 POST handlers
DEBUG [main] (JAXWSMetaDataBuilder.java:938) - JAXBContext [types=[class java.la
ng.String, class java.lang.String],tns=http://org.jboss.ws/samples/wssecurity]
DEBUG [main] (OperationMetaData.java:207) - Found best matching java method: pub
lic abstract java.lang.String com.hp.security.client.SecureService.getName(java.
lang.String)
DEBUG [main] (JAXWSClientMetaDataBuilder.java:323) - END: rebuildMetaData
ServiceMetaData:
qname={http://org.jboss.ws/samples/wssecurity}SecureService
refName=null
wsdName=null
wsdlFile=null
wsdlLocation=http://127.0.0.1:8080/TestSecure/SecureService?wsdl
jaxrpcMapping=null
publishLocation=null
securityConfig=null
properties=null
TypesMetaData:
[complexType={http://www.w3.org/2001/XMLSchema}string,javaType=java.lang.Strin
g]
ClientEndpointMetaData:
type=JAXWS
qname={http://org.jboss.ws/samples/wssecurity}SecureServicePort
address=http://127.0.0.1:8080/TestSecure/SecureService
binding=http://schemas.xmlsoap.org/wsdl/soap/http
seiName=com.hp.security.client.SecureService
configFile=META-INF/standard-jaxws-client-config.xml
configName=Standard Client
authMethod=null
properties={}
OperationMetaData:
qname={http://org.jboss.ws/samples/wssecurity}getName
javaName=getName
style=rpc/literal
oneWay=false
soapAction=
ParameterMetaData:
xmlName=name
partName=name
xmlType={http://www.w3.org/2001/XMLSchema}string
javaType=java.lang.String
mode=IN
inHeader=false
index=0
ReturnMetaData:
xmlName=return
partName=return
xmlType={http://www.w3.org/2001/XMLSchema}string
javaType=java.lang.String
mode=OUT
inHeader=false
index=-1
DEBUG [main] (EndpointMetaData.java:628) - Configure SOAPBinding
DEBUG [main] (HandlerResolverImpl.java:125) - initHandlerChain: PRE
DEBUG [main] (HandlerResolverImpl.java:125) - initHandlerChain: ENDPOINT
DEBUG [main] (HandlerResolverImpl.java:125) - initHandlerChain: POST
DEBUG [main] (HandlerResolverImpl.java:99) - getHandlerChain: [type=PRE,info=[se
rvice={http://org.jboss.ws/samples/wssecurity}SecureService,port={http://org.jbo
ss.ws/samples/wssecurity}SecureServicePort,binding=http://schemas.xmlsoap.org/ws
dl/soap/http]]
DEBUG [main] (HandlerResolverImpl.java:99) - getHandlerChain: [type=POST,info=[s
ervice={http://org.jboss.ws/samples/wssecurity}SecureService,port={http://org.jb
oss.ws/samples/wssecurity}SecureServicePort,binding=http://schemas.xmlsoap.org/w
sdl/soap/http]]
DEBUG [main] (HandlerResolverImpl.java:99) - getHandlerChain: [type=ENDPOINT,inf
o=[service={http://org.jboss.ws/samples/wssecurity}SecureService,port={http://or
g.jboss.ws/samples/wssecurity}SecureServicePort,binding=http://schemas.xmlsoap.o
rg/wsdl/soap/http]]
DEBUG [main] (BindingImpl.java:94) - setHandlerChain: []
DEBUG [main] (ServiceDelegateImpl.java:427) - No port configuration for: {http:/
/org.jboss.ws/samples/wssecurity}SecureServicePort
DEBUG [main] (MessageContextAssociation.java:46) - pushMessageContext: org.jboss
.ws.core.jaxws.handler.SOAPMessageContextJAXWS@322bce (Thread main)
DEBUG [main] (EndpointInvocation.java:103) - setRequestParamValue: [name=name,va
lue=java.lang.String]
DEBUG [main] (CommonSOAPBinding.java:144) - bindRequestMessage: {http://org.jbos
s.ws/samples/wssecurity}getName
DEBUG [main] (CommonSOAPBinding.java:189) - Create RPC body element: {http://org
.jboss.ws/samples/wssecurity}getName
DEBUG [main] (EndpointInvocation.java:110) - getRequestParamValue: name
DEBUG [main] (EndpointInvocation.java:268) - transformPayloadValue: java.lang.St
ring -> java.lang.String
DEBUG [main] (HandlerChainExecutor.java:84) - Create a handler executor: []
DEBUG [main] (HandlerChainExecutor.java:84) - Create a handler executor: []
DEBUG [main] (HandlerChainExecutor.java:84) - Create a handler executor: []
DEBUG [main] (HTTPRemotingConnection.java:169) - Get locator for: [addr=http://1
27.0.0.1:8080/TestSecure/SecureService,props={javax.xml.ws.service.endpoint.addr
ess=http://127.0.0.1:8080/TestSecure/SecureService}]
DEBUG [main] (MicroRemoteClientInvoker.java:240) - org.jboss.remoting.transport.
http.HTTPClientInvoker@b51404 connecting
DEBUG [main] (MicroRemoteClientInvoker.java:245) - org.jboss.remoting.transport.
http.HTTPClientInvoker@b51404 connected
DEBUG [main] (HTTPRemotingConnection.java:213) - Remoting metadata: {HEADER={SOA
PAction="", Content-Type=text/xml; charset=UTF-8}, NoThrowOnError=true}
DEBUG [main] (HTTPClientInvoker.java:253) - Setting request header with SOAPActi
on : ""
DEBUG [main] (HTTPClientInvoker.java:253) - Setting request header with Content-
Type : text/xml; charset=UTF-8
DEBUG [main] (SOAPContentElement.java:136) - -----------------------------------
DEBUG [main] (SOAPContentElement.java:137) - Transitioning from OBJECT_VALID to
XML_VALID
DEBUG [main] (ObjectContent.java:135) - getXMLFragment from Object [xmlType={htt
p://www.w3.org/2001/XMLSchema}string,javaType=class java.lang.String]
DEBUG [main] (SimpleSerializer.java:58) - serialize: [xmlName=name,xmlType={http
://www.w3.org/2001/XMLSchema}string]
DEBUG [main] (ObjectContent.java:162) - xmlFragment: [source=Shashank</nam
e>]
DEBUG [main] (SOAPContentElement.java:143) - -----------------------------------
DEBUG [main] (SOAPMessageUnMarshallerHTTP.java:118) - getMimeHeaders from: {Conn
ection=[close], X-Powered-By=[Servlet 2.4; JBoss-4.2.1.GA (build: SVNTag=JBoss_4
_2_1_GA date=200707131605)/Tomcat-5.5], ResponseCodeMessage=Internal Server Erro
r, Date=[Tue, 12 Feb 2008 13:27:41 GMT], Content-Type=[text/xml;charset=UTF-8],
Server=[Apache-Coyote/1.1], HEADER={SOAPAction="", Content-Type=text/xml; charse
t=UTF-8}, Transfer-Encoding=[chunked], NoThrowOnError=true, ResponseCode=500}
DEBUG [main] (MessageFactoryImpl.java:205) - createMessage: [contentType=text/xm
l; charset=UTF-8]
DEBUG [main] (InvokerRegistry.java:595) - removed org.jboss.remoting.transport.h
ttp.HTTPClientInvoker@b51404 from registry
DEBUG [main] (MessageContextJAXWS.java:105) - Begin response processing
DEBUG [main] (MessageContextAssociation.java:75) - popMessageContext: org.jboss.
ws.core.jaxws.handler.SOAPMessageContextJAXWS@322bce (Thread main)
DEBUG [main] (MessageContextAssociation.java:46) - pushMessageContext: org.jboss
.ws.core.jaxws.handler.SOAPMessageContextJAXWS@7244ca (Thread main)
DEBUG [main] (CommonSOAPBinding.java:542) - unbindResponseMessage: {http://org.j
boss.ws/samples/wssecurity}getName
DEBUG [main] (HandlerChainExecutor.java:96) - close
DEBUG [main] (HandlerChainExecutor.java:96) - close
DEBUG [main] (HandlerChainExecutor.java:96) - close
DEBUG [main] (MessageContextAssociation.java:75) - popMessageContext: org.jboss.
ws.core.jaxws.handler.SOAPMessageContextJAXWS@7244ca (Thread main)
Exception in thread "main" java.lang.NoClassDefFoundError: javax/xml/soap/SOAPFa
ult
at javax.xml.ws.soap.SOAPFaultException.(SOAPFaultException.java:4
3)
at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SO
APFaultHelperJAXWS.java:72)
at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultExceptio
n(SOAP11BindingJAXWS.java:109)
at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPB
inding.java:579)
at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:381)
at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:300)
at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:16
6)
at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:15
2)
at $Proxy8.getName(Unknown Source)
at com.test.standalone.NewClient.(NewClient.java:55)
at com.test.standalone.NewClient.main(NewClient.java:95)
Regards
Shashank -
28. Re: WS-Security Newbie Question...
peterj Feb 12, 2008 10:00 AM (in response to lafaserem)I purchased the book. I see this is a JAX-RPC kind of implementation. Mine is a JAX-WS style of web service and also I didnt get much information on how to configure a standalone client.
The book's web site doesn't have the source code available yet, but I will package it up and give you a link to download it. (Might not be until tomorrow, I have to check out of my hotel room in less than 1 hour and I'm not sure when I will have internet access again.)
I do not understand why you think the implementation is JAX-RPC. The clients in the book exhibit both doc and rpc style soap bindings, but are JAX-WS. Also, the client configuration for WSSecurity is complete (what do you think is missing?), you should be able to construct a working example application from the source provided in the book. -
29. Re: WS-Security Newbie Question...
peterj Feb 12, 2008 1:30 PM (in response to lafaserem)You can get the source code at http://members.cox.net/ocjohnsons/jbia-src.zip. Open the index.html file in the root directory for instructions. Of course, this file has only the web services source, the source for the other chapters are not included.
I have tried it with JBoss 5.0 beta3 (hey, beta4 just came out yesterday) and JBoss 4.2.2.GA. Runs as is on beta3, but on 4.2.2, after you build the example, you will have to add the following jar file to the classpath in the target/dist/client.[bat|sh] script:
jboss_home/client/jboss-ejb3x.jar
This jar contains annotations which otherwise would be missing.
On a side note, each time a new jbossas release comes out, the jboss-specific ejb3 annotations have moved, sometimes to to a new package other times to a new jar file. Half of the fun of breaking in a new jbossas release is figuring out where the annotations are hiding now. ;-)