How to get ws-security working for a soap-reference-binding (client, consumer)
mae Jul 8, 2014 3:04 AMIn my new SwitchYard-Application (Version: 1.1) i want to consume an extern soap-webservice with a reference and a soap-binding.
But the remote soap-service is restricted for authenticated users only. The authentication is implemented by WS-Security (Username/Password are expected in the soap-headers)
So the wsdl has the "wsp:PolicyReference"-tag and the corresponding "wsp:Policy"-tag, like described here: SOAP - SwitchYard - Project Documentation Editor
But how to define username and password for WS-Secrutity?
I tried a jaxws-config with "ws-security.username" and "ws-security.password" which i configured by "soap:endpointConfig" in the switchyard.xml.
But "soap:endpointConfig" seems to be completely ignored on reference, because whatever i do getting only the following exception:
[0m [33m17:38:31,911 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-/0.0.0.0:8080-7) Interceptor for {NameSpace}OperationName#{http://cxf.apache.org/jaxws/dispatch}Invoke has thrown exception, unwinding now: org.apache.cxf.ws.policy.PolicyException: No username available
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.policyNotAsserted(AbstractTokenInterceptor.java:229) [cxf-rt-ws-security-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:339) [cxf-rt-ws-security-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addToken(UsernameTokenInterceptor.java:285) [cxf-rt-ws-security-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:95) [cxf-rt-ws-security-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61) [cxf-rt-ws-security-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:354) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:385) [cxf-rt-frontend-jaxws-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243) [cxf-rt-frontend-jaxws-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.switchyard.component.soap.OutboundHandler.invokeService(OutboundHandler.java:329) [switchyard-component-soap-1.1.0.Final.jar:1.1.0.Final]