PicketLink STS WSDL problem with JBossWS CXF
sguilhen Jun 9, 2010 1:00 PMI am currently testing the STS on top of our three JBossWS stacks and I'm having a problem to deploy the service on JBossWS CXF. Before jumping to the error I'll provide a bit of information about the STS itself.
PicketLinkSTS is a Web Service that receives WS-Trust requests. A WS-Trust request can come in various flavors, such as a single request (top-level element is a RequestSecurityToken element) or a collection of requests (top-level element is a RequestSecurityTokenCollection element). To better support different types of requests I've made PicketLinkSTS a WebServiceProvider that receives a Source instance and parses this source to obtain the WS-Trust request.
As with any WebServiceProvider, a WSDL is needed to deploy the service. So I came up with the following WSDL:
<?xml version="1.0"?> <wsdl:definitions name="PicketLinkSTS" targetNamespace="urn:picketlink:identity-federation:sts" xmlns:tns="urn:picketlink:identity-federation:sts" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsap10="http://www.w3.org/2006/05/addressing/wsdl" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"> <wsdl:types> <xs:schema targetNamespace="urn:picketlink:identity-federation:sts" xmlns:tns="urn:picketlink:identity-federation:sts" xmlns:xs="http://www.w3.org/2001/XMLSchema" version="1.0"> <xs:complexType name="MessageBody"> <xs:sequence> <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##any"/> </xs:sequence> </xs:complexType> </xs:schema> </wsdl:types> <wsdl:message name="RequestSecurityToken"> <wsdl:part name="rstMessage" element="tns:MessageBody"/> </wsdl:message> <wsdl:message name="RequestSecurityTokenResponse"> <wsdl:part name="rstrMessage" element="tns:MessageBody"/> </wsdl:message> <wsdl:portType name="SecureTokenService"> <wsdl:operation name="IssueToken"> <wsdl:input wsap10:Action="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue" message="tns:RequestSecurityToken"/> <wsdl:output wsap10:Action="http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue" message="tns:RequestSecurityTokenResponse"/> </wsdl:operation> </wsdl:portType> <wsdl:binding name="STSBinding" type="tns:SecureTokenService"> <soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="IssueToken"> <soap12:operation soapAction="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue" style="document"/> <wsdl:input> <soap12:body use="literal"/> </wsdl:input> <wsdl:output> <soap12:body use="literal"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="PicketLinkSTS"> <wsdl:port name="PicketLinkSTSPort" binding="tns:STSBinding"> <soap12:address location="http://localhost:8080/picketlink-sts"/> </wsdl:port> </wsdl:service> </wsdl:definitions>
Notice that instead of defining all possible types of requests I've decided to use a more generic format (see the MessageBody element).
Then I package the STS along with its WSDL in a war and deploy it on JBoss. When Native or Metro stacks are being used, the war deployes fine and I'm able to call the STS from a remote client in order to issue or validate a security token. However, when I deploy the STS war on CXF, an exception is thrown. The relevant stack trace section can be seen bellow:
Caused by: javax.xml.ws.WebServiceException: org.apache.cxf.wsdl11.WSDLRuntimeException: Part rstMessage defined as element {urn:picketlink:identity-federation:sts}MessageBody which is not in the schema. at org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:323) [:2.2.9] at org.jboss.wsf.stack.cxf.deployment.EndpointImpl.doPublish(EndpointImpl.java:61) [:3.3.1.GA] at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:234) [:2.2.9] at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:466) [:2.2.9] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_18] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_18] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_18] at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_18] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1527) [:3.0.1.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1468) [:3.0.1.RELEASE] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1400) [:3.0.1.RELEASE] ... 56 more Caused by: org.apache.cxf.wsdl11.WSDLRuntimeException: Part rstMessage defined as element {urn:picketlink:identity-federation:sts}MessageBody which is not in the schema. at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildMessage(WSDLServiceBuilder.java:812) [:2.2.9] at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildInterfaceOperation(WSDLServiceBuilder.java:582) [:2.2.9] at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildInterface(WSDLServiceBuilder.java:561) [:2.2.9] at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildServices(WSDLServiceBuilder.java:332) [:2.2.9] at org.apache.cxf.wsdl11.WSDLServiceBuilder.buildServices(WSDLServiceBuilder.java:188) [:2.2.9] at org.apache.cxf.wsdl11.WSDLServiceFactory.create(WSDLServiceFactory.java:129) [:2.2.9] at org.apache.cxf.service.factory.ReflectionServiceFactoryBean.buildServiceFromWSDL(ReflectionServiceFactoryBean.java:415) [:2.2.9] at org.apache.cxf.service.factory.ReflectionServiceFactoryBean.initializeServiceModel(ReflectionServiceFactoryBean.java:528) [:2.2.9] at org.apache.cxf.service.factory.ReflectionServiceFactoryBean.create(ReflectionServiceFactoryBean.java:278) [:2.2.9] at org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean.create(JaxWsServiceFactoryBean.java:179) [:2.2.9] at org.apache.cxf.frontend.AbstractWSDLBasedEndpointFactory.createEndpoint(AbstractWSDLBasedEndpointFactory.java:99) [:2.2.9] at org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:105) [:2.2.9] at org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.java:175) [:2.2.9] at org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:395) [:2.2.9] at org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:302) [:2.2.9] ... 66 more
As the very same war can be deployed on Native and Metro, then either I'm doing something wrong (not a WSDL expert, so this is very possible) that these stacks don't care about or the CXF validator is incorrectly rejecting a valid WSDL. Ideas?
I'm attaching the picketlink-sts.war in case anyone feels like giving it a try. The picketlink-fed-1.0.3.final.jar needs to be copied to server/xx/lib too.
Stefan
-
picketlink-sts.war 7.4 KB