-
1. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Jul 11, 2006 6:43 PM (in response to yi_zhang)Also, I've tried to include the jboss.xml as suggested by some other posts but to no avail. The only difference is that we have a JSR-189 endpoint and others who got WS-Security working on JBoss had JSR-109 endpoints.
Has anyone gotten a JSR-189 endpoint to work with WS-Security on JBoss?
Thanks,
Yi -
2. Re: JBossWS 1.0.1GA JSR181 and WS-Security
ramazanyich Jul 12, 2006 4:38 AM (in response to yi_zhang)have the same issue :(. And didn't find for a moment any clue how to do it. Maybe we could open an JIRA issue with simple test case?
-
3. Re: JBossWS 1.0.1GA JSR181 and WS-Security
ramazanyich Jul 12, 2006 7:34 AM (in response to yi_zhang)added JIRA issue: http://jira.jboss.com/jira/browse/JBWS-1071
-
4. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Jul 12, 2006 12:37 PM (in response to yi_zhang)Thanks Ramil.
-
5. Re: JBossWS 1.0.1GA JSR181 and WS-Security
heiko.braun Jul 13, 2006 2:51 PM (in response to yi_zhang)Thanks, we discovered that issue as well: http://jira.jboss.com/jira/browse/JBWS-1072. It will be resolved with 1.0.2. In the meantime you could get branch 1.0 and build it yourself.
http://wiki.jboss.org/wiki/Wiki.jsp?page=JBWSFAQBuildAndInstall -
6. Re: JBossWS 1.0.1GA JSR181 and WS-Security
ramazanyich Jul 14, 2006 5:07 AM (in response to yi_zhang)I downloaded latest version from SVN and build it.
Based on test case for JSR181EJB I modified my class file.
I added annotation on my EJB bean class:
@HandlerChain(file = "resource://config/ServerHandlers.xml", name = "SecureHandlerChain")
during packaging of my JAR file I add config/ServerHandlers.xml file:<?xml version="1.0" encoding="UTF-8"?> <handler-config> <handler-chain> <handler-chain-name>SecureHandlerChain</handler-chain-name> <handler> <handler-name>WSSecurityHandlerInbound</handler-name> <handler-class>org.jboss.ws.wsse.WSSecurityHandlerInbound</handler-class> </handler> </handler-chain> </handler-config>
And now if I try to access it from webservices client without wsse:security I get :
This service requires <wsse:Security>, which is missing.
So it is fixed ! Thanks. -
7. Re: JBossWS 1.0.1GA JSR181 and WS-Security
heiko.braun Jul 14, 2006 5:53 AM (in response to yi_zhang)
This service requires <wsse:Security>, which is missing
Yes, that happens when the client request isn't signed/encrypted. -
8. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Jul 14, 2006 8:00 PM (in response to yi_zhang)Ramil,
Thanks for sharing the solution. I tried what you suggested and got "Cannot process handler chain".
Here is the jar file structure:
myWebService.jar
----class files
----config/ServerHandlers.xml
----META-INF
--------jboss-wsse-server.xml
--------wsse.keystore
--------wsse.truststroe
I used the exact same ServerHanlers.xml as you.
Am I missing something?
Thanks,
Yi -
9. Re: JBossWS 1.0.1GA JSR181 and WS-Security
ramazanyich Jul 17, 2006 3:04 AM (in response to yi_zhang)did you do all steps ?
did you get latest version from SVN, build it and deployed it to your JBOSS instance?
Did you add @HandlerChain annotation to your class? -
10. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Jul 17, 2006 5:24 PM (in response to yi_zhang)Our application specifies the "isolation from other deployments" scope by defining a loader-repository in jboss-app.xml. If we change our deployment to use a flat class loading model, then the above works; otherwise, I have to specify an absolute file path instead of resources on the CLASSPATH, e.g. @HandlerChain(file = "file://C:/temp/ServerHandlers.xml", name = "SecureHandlerChain") in order to get WSSE to work with JSR-189 endpoint.
Looks like another candidate for a JIRA issue? -
11. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Jul 17, 2006 5:27 PM (in response to yi_zhang)Yes I did grab the latest from JBoss and re-built both JBoss and JBossWS.
I think I might know what the problem is.
Our application specifies the "isolation from other deployments" scope by defining a loader-repository in jboss-app.xml. It looks like whatever classloader JBoss uses to load the handler chain resource can not see resources packaged in our ear. If we change our deployment to use a flat class loading model, then the above works; otherwise, I have to specify an absolute file path instead of resources on the CLASSPATH, e.g. @HandlerChain(file = "file://C:/temp/ServerHandlers.xml", name = "SecureHandlerChain") in order to get WSSE to work with JSR-189 endpoint.
Looks like another candidate for a JIRA issue?
Thanks,
Yi -
12. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Jul 17, 2006 5:28 PM (in response to yi_zhang)Oops, sorry for the double post. fat fingers...
-
13. Re: JBossWS 1.0.1GA JSR181 and WS-Security
heiko.braun Jul 26, 2006 11:06 AM (in response to yi_zhang)Could you create JIRA with an example deployment attached?
-
14. Re: JBossWS 1.0.1GA JSR181 and WS-Security
yi_zhang Aug 1, 2006 9:25 PM (in response to yi_zhang)One of my co-workers has reported this problem to JBoss.