2 Replies Latest reply on Oct 9, 2007 10:16 AM by fonseca

    Dispatch + wssecurity

    fonseca
    fonseca Sep 13, 2007 3:45 PM

      Hi,

      I'm having a bit of trouble figuring this out - I'm trying to create a simple standalone dispatch for communication with an already set up webservice. I got everything working as expected if I use no security system - the problem arises when trying to invoke a request message involving an WSSecurityHandlerClient, resulting in a:

      javax.xml.ws.soap.SOAPFaultException: org.jboss.ws.core.CommonSOAPFaultException: This service requires <wsse:Security>, which is missing.
 at org.jboss.ws.core.jaxws.client.DispatchSOAPBinding.getReturnObject(DispatchSOAPBinding.java:165)
 at org.jboss.ws.core.jaxws.client.DispatchImpl.getReturnObject(DispatchImpl.java:290)
 at org.jboss.ws.core.jaxws.client.DispatchImpl.invokeInternal(DispatchImpl.java:141)
 at org.jboss.ws.core.jaxws.client.DispatchImpl.invoke(DispatchImpl.java:102)


      The server looks all good, and is expecting security information (encryption) which for some reason the client isn't sending.

      In my client, I have: 

      ...
System.setProperty("org.jboss.ws.wsse.keyStore", [...]);
System.setProperty("org.jboss.ws.wsse.keyStorePassword", [...]);
System.setProperty("org.jboss.ws.wsse.trustStore", [...]);
System.setProperty("org.jboss.ws.wsse.trustStorePassword", [...]);

URL serverURL = new URL(store.getString(PreferenceConstants.SERVER_URL));
URL serviceURL = new URL(serverURL, "services/testService");

service = new TestService(TestClient.class.getClassLoader().getResource("META-INF/TestService.wsdl"), new QName(namespace, "TestService"));
port = service.getTestPort();

BindingProvider bindingProvider = (BindingProvider) port;
List<Handler> handlerChain = new ArrayList<Handler>();
handlerChain.add(new WSSecurityHandlerClient());
bindingProvider.getBinding().setHandlerChain(handlerChain);

Map<String, Object> reqContext = bindingProvider.getRequestContext();
 reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, serviceURL.toString());
reqContext.put(BindingProvider.USERNAME_PROPERTY, SecurityService.instance().getID());
reqContext.put(BindingProvider.PASSWORD_PROPERTY, "");


dispatch = service.createDispatch(new QName(namespace, "TestPort"), StreamSource.class, Mode.PAYLOAD);
dispatch.getBinding().setHandlerChain(handlerChain);

StreamSource response = dispatch.invoke(new StreamSource(new StringReader(request))); //request is a simple payload string



      META-INF/jboss-wsse-client.xml 

      <jboss-ws-security
 xmlns="http://www.jboss.com/ws-security/config"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">

 <config>
 <username/>
 <encrypt type="x509v3" alias="key"/>
 <requires>
 <encryption/>
 </requires>
 </config>
</jboss-ws-security>


      META-INF/standard-jaxws-client-config.xml 

      <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
 xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd">

 <client-config>
 <config-name>Standard WSSecurity Client</config-name>
 <post-handler-chains>
 <javaee:handler-chain>
 <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
 <javaee:handler>
 <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name>
 <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class>
 </javaee:handler>
 </javaee:handler-chain>
 </post-handler-chains>
 </client-config>

</jaxws-config>


      Am I wrong to assume dispatch.invoke is responsible for appending the security tags in my message?

      Any help is appreciated.

      • 3318 Views
      • Tags: